diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 19:33:14 +0000 |
commit | 36d22d82aa202bb199967e9512281e9a53db42c9 (patch) | |
tree | 105e8c98ddea1c1e4784a60a5a6410fa416be2de /security/nss/cmd/libpkix/pkix_pl | |
parent | Initial commit. (diff) | |
download | firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.tar.xz firefox-esr-36d22d82aa202bb199967e9512281e9a53db42c9.zip |
Adding upstream version 115.7.0esr.upstream/115.7.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/cmd/libpkix/pkix_pl')
36 files changed, 8629 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/pkix_pl/Makefile b/security/nss/cmd/libpkix/pkix_pl/Makefile new file mode 100644 index 0000000000..1de5ef2694 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/Makefile @@ -0,0 +1,46 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk + diff --git a/security/nss/cmd/libpkix/pkix_pl/manifest.mn b/security/nss/cmd/libpkix/pkix_pl/manifest.mn new file mode 100644 index 0000000000..84997cbe6f --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/manifest.mn @@ -0,0 +1,11 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = ./.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. + +DIRS = module pki system \ + $(NULL) diff --git a/security/nss/cmd/libpkix/pkix_pl/module/Makefile b/security/nss/cmd/libpkix/pkix_pl/module/Makefile new file mode 100644 index 0000000000..802e7729d9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk diff --git a/security/nss/cmd/libpkix/pkix_pl/module/manifest.mn b/security/nss/cmd/libpkix/pkix_pl/module/manifest.mn new file mode 100644 index 0000000000..50d20d0bb4 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/manifest.mn @@ -0,0 +1,25 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = ../.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +CSRCS = test_colcertstore.c \ + test_ekuchecker.c \ + test_pk11certstore.c \ + test_socket.c \ + test_httpcertstore.c \ + $(NULL) + +LIBRARY_NAME = pkixtoolmodule +SHARED_LIBRARY = $(NULL) + +SOURCE_LIB_DIR=$(PKIX_DEPTH)/$(OBJDIR) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_colcertstore.c b/security/nss/cmd/libpkix/pkix_pl/module/test_colcertstore.c new file mode 100644 index 0000000000..37169d6ff7 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_colcertstore.c @@ -0,0 +1,247 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_colcertstore.c + * + * Test CollectionCertStore Type + * + */ + +#include "testutil.h" + +#include "testutil_nss.h" + +/* When CRL IDP is supported, change NUM_CRLS to 9 */ +#define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS 4 +#define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS 15 + +static void *plContext = NULL; + +static PKIX_Error * +testCRLSelectorMatchCallback( + PKIX_CRLSelector *selector, + PKIX_PL_CRL *crl, + PKIX_Boolean *pMatch, + void *plContext) +{ + *pMatch = PKIX_TRUE; + + return (0); +} + +static PKIX_Error * +testCertSelectorMatchCallback( + PKIX_CertSelector *selector, + PKIX_PL_Cert *cert, + PKIX_Boolean *pResult, + void *plContext) +{ + *pResult = PKIX_TRUE; + + return (0); +} + +static PKIX_Error * +getCertCallback( + PKIX_CertStore *store, + PKIX_CertSelector *certSelector, + PKIX_List **pCerts, + void *plContext) +{ + return (0); +} + +static char * +catDirName(char *platform, char *dir, void *plContext) +{ + char *pathName = NULL; + PKIX_UInt32 dirLen; + PKIX_UInt32 platformLen; + + PKIX_TEST_STD_VARS(); + + dirLen = PL_strlen(dir); + platformLen = PL_strlen(platform); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(platformLen + + dirLen + + 2, + (void **)&pathName, plContext)); + + PL_strcpy(pathName, platform); + PL_strcat(pathName, "/"); + PL_strcat(pathName, dir); + +cleanup: + + PKIX_TEST_RETURN(); + + return (pathName); +} + +static void +testGetCRL(char *crlDir) +{ + PKIX_PL_String *dirString = NULL; + PKIX_CertStore_CRLCallback crlCallback; + PKIX_CertStore *certStore = NULL; + PKIX_CRLSelector *crlSelector = NULL; + PKIX_List *crlList = NULL; + PKIX_UInt32 numCrl = 0; + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + crlDir, + 0, + &dirString, + plContext)); + + subTest("PKIX_PL_CollectionCertStore_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirString, + &certStore, + plContext)); + + subTest("PKIX_CRLSelector_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(testCRLSelectorMatchCallback, + NULL, + &crlSelector, + plContext)); + + subTest("PKIX_CertStore_GetCRLCallback"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(certStore, &crlCallback, NULL)); + + subTest("Getting data from CRL Callback"); + PKIX_TEST_EXPECT_NO_ERROR(crlCallback(certStore, + crlSelector, + &nbioContext, + &crlList, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crlList, + &numCrl, + plContext)); + + if (numCrl != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS) { + pkixTestErrorMsg = "unexpected CRL number mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(dirString); + PKIX_TEST_DECREF_AC(crlList); + PKIX_TEST_DECREF_AC(crlSelector); + PKIX_TEST_DECREF_AC(certStore); + + PKIX_TEST_RETURN(); +} + +static void +testGetCert(char *certDir) +{ + PKIX_PL_String *dirString = NULL; + PKIX_CertStore_CertCallback certCallback; + PKIX_CertStore *certStore = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_List *certList = NULL; + PKIX_UInt32 numCert = 0; + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + certDir, + 0, + &dirString, + plContext)); + + subTest("PKIX_PL_CollectionCertStore_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirString, + &certStore, + plContext)); + + subTest("PKIX_CertSelector_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(testCertSelectorMatchCallback, + NULL, + &certSelector, + plContext)); + + subTest("PKIX_CertStore_GetCertCallback"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &certCallback, NULL)); + + subTest("Getting data from Cert Callback"); + PKIX_TEST_EXPECT_NO_ERROR(certCallback(certStore, + certSelector, + &nbioContext, + &certList, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList, + &numCert, + plContext)); + + if (numCert != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS) { + pkixTestErrorMsg = "unexpected Cert number mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(dirString); + PKIX_TEST_DECREF_AC(certList); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(certStore); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(char *pName) +{ + printf("\nUSAGE: %s test-purpose <data-dir> <platform-dir>\n\n", pName); +} + +/* Functional tests for CollectionCertStore public functions */ + +int +test_colcertstore(int argc, char *argv[]) +{ + + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + char *platformDir = NULL; + char *dataDir = NULL; + char *combinedDir = NULL; + + PKIX_TEST_STD_VARS(); + + startTests("CollectionCertStore"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < (3 + j)) { + printUsage(argv[0]); + return (0); + } + + dataDir = argv[2 + j]; + platformDir = argv[3 + j]; + combinedDir = catDirName(platformDir, dataDir, plContext); + + testGetCRL(combinedDir); + testGetCert(combinedDir); + +cleanup: + + pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("CollectionCertStore"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_ekuchecker.c b/security/nss/cmd/libpkix/pkix_pl/module/test_ekuchecker.c new file mode 100644 index 0000000000..ccd05a5bf8 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_ekuchecker.c @@ -0,0 +1,275 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_ekuchecker.c + * + * Test Extend Key Usage Checker + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +#define PKIX_TEST_MAX_CERTS 10 + +static void *plContext = NULL; + +static void +printUsage1(char *pName) +{ + printf("\nUSAGE: %s test-purpose [ENE|EE] ", pName); + printf("[E]oid[,oid]* <data-dir> cert [certs].\n"); +} + +static void +printUsageMax(PKIX_UInt32 numCerts) +{ + printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n", + numCerts, PKIX_TEST_MAX_CERTS); +} + +static PKIX_Error * +testCertSelectorMatchCallback( + PKIX_CertSelector *selector, + PKIX_PL_Cert *cert, + PKIX_Boolean *pResult, + void *plContext) +{ + *pResult = PKIX_TRUE; + + return (0); +} + +static PKIX_Error * +testEkuSetup( + PKIX_ValidateParams *valParams, + char *ekuOidString, + PKIX_Boolean *only4EE) +{ + PKIX_ProcessingParams *procParams = NULL; + PKIX_List *ekuList = NULL; + PKIX_PL_OID *ekuOid = NULL; + PKIX_ComCertSelParams *selParams = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_Boolean last_token = PKIX_FALSE; + PKIX_UInt32 i, tokeni; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_ValidateParams_GetProcessingParams"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams(valParams, &procParams, plContext)); + + /* Get extended key usage OID(s) from command line, separated by "," */ + + if (ekuOidString[0] == '"') { + /* erase doble quotes, if any */ + i = 1; + while (ekuOidString[i] != '"' && ekuOidString[i] != '\0') { + ekuOidString[i - 1] = ekuOidString[i]; + i++; + } + ekuOidString[i - 1] = '\0'; + } + + if (ekuOidString[0] == '\0') { + ekuList = NULL; + } else { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&ekuList, plContext)); + + /* if OID string start with E, only check for last cert */ + if (ekuOidString[0] == 'E') { + *only4EE = PKIX_TRUE; + tokeni = 2; + i = 1; + } else { + *only4EE = PKIX_FALSE; + tokeni = 1; + i = 0; + } + + while (last_token != PKIX_TRUE) { + while (ekuOidString[tokeni] != ',' && + ekuOidString[tokeni] != '\0') { + tokeni++; + } + if (ekuOidString[tokeni] == '\0') { + last_token = PKIX_TRUE; + } else { + ekuOidString[tokeni] = '\0'; + tokeni++; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(&ekuOidString[i], &ekuOid, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(ekuList, (PKIX_PL_Object *)ekuOid, plContext)); + + PKIX_TEST_DECREF_BC(ekuOid); + i = tokeni; + } + } + + /* Set extended key usage link to processing params */ + + subTest("PKIX_ComCertSelParams_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&selParams, plContext)); + + subTest("PKIX_ComCertSelParams_SetExtendedKeyUsage"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetExtendedKeyUsage(selParams, ekuList, plContext)); + + subTest("PKIX_CertSelector_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(testCertSelectorMatchCallback, + NULL, + &certSelector, + plContext)); + + subTest("PKIX_CertSelector_SetCommonCertSelectorParams"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, selParams, plContext)); + + subTest("PKIX_ProcessingParams_SetTargetCertConstraints"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(selParams); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(ekuOid); + PKIX_TEST_DECREF_AC(ekuList); + + PKIX_TEST_RETURN(); + + return (0); +} + +static PKIX_Error * +testEkuChecker( + PKIX_ValidateParams *valParams, + PKIX_Boolean only4EE) +{ + PKIX_ProcessingParams *procParams = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams(valParams, &procParams, plContext)); + + subTest("PKIX_ProcessingParams_SetRevocationEnabled - disable"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, PKIX_FALSE, plContext)); + + if (only4EE == PKIX_FALSE) { + subTest("PKIX_PL_EkuChecker_Create"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_EkuChecker_Create(procParams, plContext)); + } + +cleanup: + + PKIX_TEST_DECREF_AC(procParams); + + PKIX_TEST_RETURN(); + + return (0); +} + +int +test_ekuchecker(int argc, char *argv[]) +{ + PKIX_List *chain = NULL; + PKIX_ValidateParams *valParams = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_UInt32 actualMinorVersion; + char *certNames[PKIX_TEST_MAX_CERTS]; + char *dirName = NULL; + PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS]; + PKIX_UInt32 chainLength = 0; + PKIX_UInt32 i = 0; + PKIX_UInt32 j = 0; + PKIX_Boolean testValid = PKIX_FALSE; + PKIX_Boolean only4EE = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + + if (argc < 5) { + printUsage1(argv[0]); + return (0); + } + + startTests("EKU Checker"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + /* ENE = expect no error; EE = expect error */ + if (PORT_Strcmp(argv[2 + j], "ENE") == 0) { + testValid = PKIX_TRUE; + } else if (PORT_Strcmp(argv[2 + j], "EE") == 0) { + testValid = PKIX_FALSE; + } else { + printUsage1(argv[0]); + return (0); + } + + dirName = argv[4 + j]; + + chainLength = (argc - j) - 6; + if (chainLength > PKIX_TEST_MAX_CERTS) { + printUsageMax(chainLength); + } + + for (i = 0; i < chainLength; i++) { + + certNames[i] = argv[6 + i + j]; + certs[i] = NULL; + } + + subTest(argv[1 + j]); + + subTest("Extended-Key-Usage-Checker"); + + subTest("Extended-Key-Usage-Checker - Create Cert Chain"); + + chain = createCertChainPlus(dirName, certNames, certs, chainLength, plContext); + + subTest("Extended-Key-Usage-Checker - Create Params"); + + valParams = createValidateParams(dirName, + argv[5 + + j], + NULL, + NULL, + NULL, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + chain, + plContext); + + subTest("Default CertStore"); + + testEkuSetup(valParams, argv[3 + j], &only4EE); + + testEkuChecker(valParams, only4EE); + + subTest("Extended-Key-Usage-Checker - Validate Chain"); + + if (testValid == PKIX_TRUE) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain(valParams, &valResult, NULL, plContext)); + } else { + PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain(valParams, &valResult, NULL, plContext)); + } + +cleanup: + + PKIX_TEST_DECREF_AC(chain); + PKIX_TEST_DECREF_AC(valParams); + PKIX_TEST_DECREF_AC(valResult); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("EKU Checker"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c b/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c new file mode 100644 index 0000000000..62f86300ab --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c @@ -0,0 +1,300 @@ +/* + * test_httpcertstore.c + * + * Test Httpcertstore Type + * + * Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistribution of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistribution in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * Neither the name of Sun Microsystems, Inc. or the names of contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * This software is provided "AS IS," without a warranty of any kind. ALL + * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING + * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") + * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE + * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST + * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, + * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY + * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, + * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + * + * You acknowledge that this software is not designed or intended for use in + * the design, construction, operation or maintenance of any nuclear facility. + */ + +#include "testutil.h" +#include "testutil_nss.h" +#include "pkix_pl_common.h" + +static void *plContext = NULL; + +static void +printUsage(char *testname) +{ + char *fmt = + "USAGE: %s [-arenas] certDir certName\n"; + printf(fmt, "test_httpcertstore"); +} + +/* Functional tests for Socket public functions */ +static void +do_other_work(void) +{ /* while waiting for nonblocking I/O to complete */ + (void)PR_Sleep(2 * 60); +} + +PKIX_Error * +PKIX_PL_HttpCertStore_Create( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + PKIX_PL_GeneralName *location, + PKIX_CertStore **pCertStore, + void *plContext); + +PKIX_Error * +pkix_pl_HttpCertStore_CreateWithAsciiName( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + char *location, + PKIX_CertStore **pCertStore, + void *plContext); + +static PKIX_Error * +getLocation( + PKIX_PL_Cert *certWithAia, + PKIX_PL_GeneralName **pLocation, + void *plContext) +{ + PKIX_List *aiaList = NULL; + PKIX_UInt32 size = 0; + PKIX_PL_InfoAccess *aia = NULL; + PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN; + PKIX_PL_GeneralName *location = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Getting Authority Info Access"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(certWithAia, &aiaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aia, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType(aia, &iaType, plContext)); + + if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) { + pkixTestErrorMsg = "unexpected location type in AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation(aia, &location, plContext)); + + *pLocation = location; + +cleanup: + PKIX_TEST_DECREF_AC(aiaList); + PKIX_TEST_DECREF_AC(aia); + + PKIX_TEST_RETURN(); + + return (NULL); +} + +int +test_httpcertstore(int argc, char *argv[]) +{ + + PKIX_UInt32 i = 0; + PKIX_UInt32 numCerts = 0; + PKIX_UInt32 numCrls = 0; + int j = 0; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 length = 0; + + char *certName = NULL; + char *certDir = NULL; + PKIX_PL_Cert *cmdLineCert = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_CertStore *crlStore = NULL; + PKIX_PL_GeneralName *location = NULL; + PKIX_CertStore_CertCallback getCerts = NULL; + PKIX_List *certs = NULL; + char *asciiResult = NULL; + void *nbio = NULL; + + PKIX_PL_CRL *crl = NULL; + PKIX_CRLSelector *crlSelector = NULL; + char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL" + "files/BasicHTTPURIPeer2CACRL.crl"; + PKIX_CertStore_CRLCallback getCrls = NULL; + PKIX_List *crls = NULL; + PKIX_PL_String *crlString = NULL; + + PKIX_TEST_STD_VARS(); + + startTests("HttpCertStore"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc != (j + 3)) { + printUsage(argv[0]); + pkixTestErrorMsg = "Missing command line argument."; + goto cleanup; + } + + certDir = argv[++j]; + certName = argv[++j]; + + cmdLineCert = createCert(certDir, certName, plContext); + if (cmdLineCert == NULL) { + pkixTestErrorMsg = "Unable to create Cert"; + goto cleanup; + } + + /* muster arguments to create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(getLocation(cmdLineCert, &location, plContext)); + + if (location == NULL) { + pkixTestErrorMsg = "Give me a cert with an HTTP URI!"; + goto cleanup; + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create(NULL, location, &certStore, plContext)); + + /* get the GetCerts callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCerts, plContext)); + + /* create a CertSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); + + /* Get the certs */ + PKIX_TEST_EXPECT_NO_ERROR(getCerts(certStore, certSelector, &nbio, &certs, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue(certStore, certSelector, &nbio, &certs, plContext)); + } + + if (certs) { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext)); + + if (numCerts == 0) { + printf("HttpCertStore returned an empty Cert list\n"); + goto cleanup; + } + + for (i = 0; i < numCerts; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs, + i, + (PKIX_PL_Object **)&cert, + plContext)); + + asciiResult = PKIX_Cert2ASCII(cert); + + printf("CERT[%d]:\n%s\n", i, asciiResult); + + /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL)); + asciiResult = NULL; + + PKIX_TEST_DECREF_BC(cert); + } + } else { + printf("HttpCertStore returned a NULL Cert list\n"); + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName(NULL, crlLocation, &crlStore, plContext)); + + /* get the GetCrls callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrls, plContext)); + + /* create a CrlSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &crlSelector, plContext)); + + /* Get the crls */ + PKIX_TEST_EXPECT_NO_ERROR(getCrls(crlStore, crlSelector, &nbio, &crls, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue(crlStore, crlSelector, &nbio, &crls, plContext)); + } + + if (crls) { + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crls, &numCrls, plContext)); + + if (numCrls == 0) { + printf("HttpCertStore returned an empty CRL list\n"); + goto cleanup; + } + + for (i = 0; i < numCrls; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(crls, + i, + (PKIX_PL_Object **)&crl, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString( + (PKIX_PL_Object *)crl, + &crlString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(crlString, + PKIX_ESCASCII, + (void **)&asciiResult, + &length, + plContext)); + + printf("CRL[%d]:\n%s\n", i, asciiResult); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext)); + PKIX_TEST_DECREF_BC(crlString); + PKIX_TEST_DECREF_BC(crl); + } + } else { + printf("HttpCertStore returned a NULL CRL list\n"); + } + +cleanup: + + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(cmdLineCert); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(crlStore); + PKIX_TEST_DECREF_AC(location); + PKIX_TEST_DECREF_AC(certs); + PKIX_TEST_DECREF_AC(crl); + PKIX_TEST_DECREF_AC(crlString); + PKIX_TEST_DECREF_AC(crls); + + PKIX_TEST_RETURN(); + + endTests("HttpDefaultClient"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_pk11certstore.c b/security/nss/cmd/libpkix/pkix_pl/module/test_pk11certstore.c new file mode 100644 index 0000000000..58fceb14f0 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_pk11certstore.c @@ -0,0 +1,580 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_pk11certstore.c + * + * Test Pk11CertStore Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +/* + * This function creates a certSelector with ComCertSelParams set up to + * select entries whose Subject Name matches that in the given Cert and + * whose validity window includes the Date specified by "validityDate". + */ +static void +test_makeSubjectCertSelector( + PKIX_PL_Cert *certNameToMatch, + PKIX_PL_Date *validityDate, + PKIX_CertSelector **pSelector, + void *plContext) +{ + PKIX_CertSelector *selector = NULL; + PKIX_ComCertSelParams *subjParams = NULL; + PKIX_PL_X500Name *subjectName = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &selector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&subjParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(certNameToMatch, &subjectName, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject(subjParams, subjectName, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificateValid(subjParams, validityDate, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(selector, subjParams, plContext)); + *pSelector = selector; + +cleanup: + + PKIX_TEST_DECREF_AC(subjParams); + PKIX_TEST_DECREF_AC(subjectName); + + PKIX_TEST_RETURN(); +} + +/* + * This function creates a certSelector with ComCertSelParams set up to + * select entries containing a Basic Constraints extension with a path + * length of at least the specified "minPathLength". + */ +static void +test_makePathCertSelector( + PKIX_Int32 minPathLength, + PKIX_CertSelector **pSelector, + void *plContext) +{ + PKIX_CertSelector *selector = NULL; + PKIX_ComCertSelParams *pathParams = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &selector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&pathParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints(pathParams, minPathLength, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(selector, pathParams, plContext)); + *pSelector = selector; + +cleanup: + + PKIX_TEST_DECREF_AC(pathParams); + + PKIX_TEST_RETURN(); +} + +/* + * This function reads a directory-file cert specified by "desiredSubjectCert", + * and decodes the SubjectName. It uses that name to set up the CertSelector + * for a Subject Name match, and then queries the database for matching entries. + * It is intended to test a "smart" database query. + */ +static void +testMatchCertSubject( + char *crlDir, + char *desiredSubjectCert, + char *expectedAscii, + PKIX_PL_Date *validityDate, + void *plContext) +{ + PKIX_UInt32 numCert = 0; + PKIX_PL_Cert *certWithDesiredSubject = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_List *certList = NULL; + PKIX_CertStore_CertCallback getCert = NULL; + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + certWithDesiredSubject = createCert(crlDir, desiredSubjectCert, plContext); + + test_makeSubjectCertSelector(certWithDesiredSubject, + validityDate, + &certSelector, + plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&certStore, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCert, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(getCert(certStore, + certSelector, + &nbioContext, + &certList, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList, &numCert, plContext)); + + if (numCert > 0) { + /* List should be immutable */ + PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(certList, 0, plContext)); + } + + if (expectedAscii) { + testToStringHelper((PKIX_PL_Object *)certList, expectedAscii, plContext); + } + +cleanup: + + PKIX_TEST_DECREF_AC(certWithDesiredSubject); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(certList); + + PKIX_TEST_RETURN(); +} + +/* + * This function uses the minimum path length specified by "minPath" to set up + * a CertSelector for a BasicConstraints match, and then queries the database + * for matching entries. It is intended to test the case where there + * is no "smart" database query, so the database will be asked for all + * available certs and the filtering will be done by the interaction of the + * certstore and the selector. + */ +static void +testMatchCertMinPath( + PKIX_Int32 minPath, + char *expectedAscii, + void *plContext) +{ + PKIX_CertStore *certStore = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_List *certList = NULL; + PKIX_CertStore_CertCallback getCert = NULL; + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Searching Certs for minPath"); + + test_makePathCertSelector(minPath, &certSelector, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&certStore, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCert, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(getCert(certStore, + certSelector, + &nbioContext, + &certList, + plContext)); + + if (expectedAscii) { + testToStringHelper((PKIX_PL_Object *)certList, expectedAscii, plContext); + } + +cleanup: + + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(certList); + + PKIX_TEST_RETURN(); +} + +/* + * This function creates a crlSelector with ComCrlSelParams set up to + * select entries whose Issuer Name matches that in the given Crl. + */ +static void +test_makeIssuerCRLSelector( + PKIX_PL_CRL *crlNameToMatch, + PKIX_CRLSelector **pSelector, + void *plContext) +{ + PKIX_CRLSelector *selector = NULL; + PKIX_ComCRLSelParams *issuerParams = NULL; + PKIX_PL_X500Name *issuerName = NULL; + PKIX_List *names = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &selector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create(&issuerParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetIssuer(crlNameToMatch, &issuerName, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&names, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(names, (PKIX_PL_Object *)issuerName, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetIssuerNames(issuerParams, names, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_SetCommonCRLSelectorParams(selector, issuerParams, plContext)); + *pSelector = selector; + +cleanup: + + PKIX_TEST_DECREF_AC(issuerParams); + PKIX_TEST_DECREF_AC(issuerName); + PKIX_TEST_DECREF_AC(names); + + PKIX_TEST_RETURN(); +} + +/* + * This function creates a crlSelector with ComCrlSelParams set up to + * select entries that would be valid at the Date specified by the Date + * criterion. + */ +static void +test_makeDateCRLSelector( + PKIX_PL_Date *dateToMatch, + PKIX_CRLSelector **pSelector, + void *plContext) +{ + PKIX_CRLSelector *selector = NULL; + PKIX_ComCRLSelParams *dateParams = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &selector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create(&dateParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetDateAndTime(dateParams, dateToMatch, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_SetCommonCRLSelectorParams(selector, dateParams, plContext)); + *pSelector = selector; + +cleanup: + PKIX_TEST_DECREF_AC(dateParams); + + PKIX_TEST_RETURN(); +} + +/* + * This function reads a directory-file crl specified by "desiredIssuerCrl", + * and decodes the IssuerName. It uses that name to set up the CrlSelector + * for a Issuer Name match, and then queries the database for matching entries. + * It is intended to test the case of a "smart" database query. + */ +static void +testMatchCrlIssuer( + char *crlDir, + char *desiredIssuerCrl, + char *expectedAscii, + void *plContext) +{ + PKIX_UInt32 numCrl = 0; + PKIX_PL_CRL *crlWithDesiredIssuer = NULL; + PKIX_CertStore *crlStore = NULL; + PKIX_CRLSelector *crlSelector = NULL; + PKIX_List *crlList = NULL; + PKIX_CertStore_CRLCallback getCrl = NULL; + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Searching CRLs for matching Issuer"); + + crlWithDesiredIssuer = createCRL(crlDir, desiredIssuerCrl, plContext); + + test_makeIssuerCRLSelector(crlWithDesiredIssuer, &crlSelector, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&crlStore, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrl, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(getCrl(crlStore, + crlSelector, + &nbioContext, + &crlList, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crlList, &numCrl, plContext)); + + if (numCrl > 0) { + /* List should be immutable */ + PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(crlList, 0, plContext)); + } + + if (expectedAscii) { + testToStringHelper((PKIX_PL_Object *)crlList, expectedAscii, plContext); + } + +cleanup: + + PKIX_TEST_DECREF_AC(crlWithDesiredIssuer); + PKIX_TEST_DECREF_AC(crlStore); + PKIX_TEST_DECREF_AC(crlSelector); + PKIX_TEST_DECREF_AC(crlList); + + PKIX_TEST_RETURN(); +} + +/* + * This function uses the date specified by "matchDate" to set up the + * CrlSelector for a Date match. It is intended to test the case where there + * is no "smart" database query, so the CertStore should throw an error + * rather than ask the database for all available CRLs and then filter the + * results using the selector. + */ +static void +testMatchCrlDate( + char *dateMatch, + char *expectedAscii, + void *plContext) +{ + PKIX_PL_Date *dateCriterion = NULL; + PKIX_CertStore *crlStore = NULL; + PKIX_CRLSelector *crlSelector = NULL; + PKIX_List *crlList = NULL; + PKIX_CertStore_CRLCallback getCrl = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Searching CRLs for matching Date"); + + dateCriterion = createDate(dateMatch, plContext); + test_makeDateCRLSelector(dateCriterion, &crlSelector, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&crlStore, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrl, plContext)); + + PKIX_TEST_EXPECT_ERROR(getCrl(crlStore, crlSelector, NULL, &crlList, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(dateCriterion); + PKIX_TEST_DECREF_AC(crlStore); + PKIX_TEST_DECREF_AC(crlSelector); + PKIX_TEST_DECREF_AC(crlList); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(char *pName) +{ + printf("\nUSAGE: %s <-d data-dir> <database-dir>\n\n", pName); +} + +/* Functional tests for Pk11CertStore public functions */ + +int +test_pk11certstore(int argc, char *argv[]) +{ + + PKIX_UInt32 j = 0; + PKIX_UInt32 actualMinorVersion; + PKIX_PL_Date *validityDate = NULL; + PKIX_PL_Date *betweenDate = NULL; + char *crlDir = NULL; + char *expectedProfAscii = "([\n" + "\tVersion: v3\n" + "\tSerialNumber: 00ca\n" + "\tIssuer: CN=chemistry,O=mit,C=us\n" + "\tSubject: CN=prof noall,O=mit,C=us\n" + "\tValidity: [From: Fri Feb 11 14:14:06 2005\n" + "\t To: Mon Jan 18, 2105]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(6)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ", [\n" + "\tVersion: v3\n" + "\tSerialNumber: 03\n" + "\tIssuer: CN=physics,O=mit,C=us\n" + "\tSubject: CN=prof noall,O=mit,C=us\n" + "\tValidity: [From: Fri Feb 11 12:52:26 2005\n" + "\t To: Mon Jan 18, 2105]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(0)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ")"; + char *expectedValidityAscii = "([\n" + "\tVersion: v3\n" + "\tSerialNumber: 03\n" + "\tIssuer: CN=physics,O=mit,C=us\n" + "\tSubject: CN=prof noall,O=mit,C=us\n" + "\tValidity: [From: Fri Feb 11 12:52:26 2005\n" + "\t To: Mon Jan 18, 2105]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(0)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ")"; + char *expectedMinPathAscii = "([\n" + "\tVersion: v3\n" + "\tSerialNumber: 01\n" + "\tIssuer: CN=science,O=mit,C=us\n" + "\tSubject: CN=science,O=mit,C=us\n" + "\tValidity: [From: Fri Feb 11 12:47:58 2005\n" + "\t To: Mon Jan 18, 2105]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(10)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ")"; + char *expectedIssuerAscii = "([\n" + "\tVersion: v2\n" + "\tIssuer: CN=physics,O=mit,C=us\n" + "\tUpdate: [Last: Fri Feb 11 13:51:38 2005\n" + "\t Next: Mon Jan 18, 2105]\n" + "\tSignatureAlgId: 1.2.840.10040.4.3\n" + "\tCRL Number : (null)\n" + "\n" + "\tEntry List: (\n" + "\t[\n" + "\tSerialNumber: 67\n" + "\tReasonCode: 257\n" + "\tRevocationDate: Fri Feb 11 13:51:38 2005\n" + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n" + "\t)\n" + "\n" + "\tCritExtOIDs: (EMPTY)\n" + "]\n" + ")"; + char *expectedDateAscii = "([\n" + "\tVersion: v2\n" + "\tIssuer: CN=science,O=mit,C=us\n" + "\tUpdate: [Last: Fri Feb 11 13:34:40 2005\n" + "\t Next: Mon Jan 18, 2105]\n" + "\tSignatureAlgId: 1.2.840.10040.4.3\n" + "\tCRL Number : (null)\n" + "\n" + "\tEntry List: (\n" + "\t[\n" + "\tSerialNumber: 65\n" + "\tReasonCode: 260\n" + "\tRevocationDate: Fri Feb 11 13:34:40 2005\n" + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n" + "\t)\n" + "\n" + "\tCritExtOIDs: (EMPTY)\n" + "]\n" + ", [\n" + "\tVersion: v2\n" + "\tIssuer: CN=testing CRL,O=test,C=us\n" + "\tUpdate: [Last: Fri Feb 11 13:14:38 2005\n" + "\t Next: Mon Jan 18, 2105]\n" + "\tSignatureAlgId: 1.2.840.10040.4.3\n" + "\tCRL Number : (null)\n" + "\n" + "\tEntry List: (\n" + "\t[\n" + "\tSerialNumber: 67\n" + "\tReasonCode: 258\n" + "\tRevocationDate: Fri Feb 11 13:14:38 2005\n" + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n" + "\t)\n" + "\n" + "\tCritExtOIDs: (EMPTY)\n" + "]\n" + ")"; + + PKIX_TEST_STD_VARS(); + + startTests("Pk11CertStore"); + + if (argc < 3) { + printUsage(argv[0]); + return (0); + } + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + crlDir = argv[j + 2]; + + /* Two certs for prof should be valid now */ + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime(PR_Now(), &validityDate, plContext)); + + subTest("Searching Certs for Subject"); + + testMatchCertSubject(crlDir, + "phy2prof.crt", + NULL, /* expectedProfAscii, */ + validityDate, + plContext); + + /* One of the certs was not yet valid at this time. */ + betweenDate = createDate("050210184000Z", plContext); + + subTest("Searching Certs for Subject and Validity"); + + testMatchCertSubject(crlDir, + "phy2prof.crt", + NULL, /* expectedValidityAscii, */ + betweenDate, + plContext); + + testMatchCertMinPath(9, + NULL, /* expectedMinPathAscii, */ + plContext); + + testMatchCrlIssuer(crlDir, + "phys.crl", + NULL, /* expectedIssuerAscii, */ + plContext); + + testMatchCrlDate("050211184000Z", + NULL, /* expectedDateAscii, */ + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(validityDate); + PKIX_TEST_DECREF_AC(betweenDate); + + PKIX_TEST_RETURN(); + + endTests("Pk11CertStore"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/module/test_socket.c b/security/nss/cmd/libpkix/pkix_pl/module/test_socket.c new file mode 100644 index 0000000000..89400256d9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/test_socket.c @@ -0,0 +1,571 @@ +/* + * test_socket.c + * + * Test Socket Type + * + * Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistribution of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistribution in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * Neither the name of Sun Microsystems, Inc. or the names of contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * This software is provided "AS IS," without a warranty of any kind. ALL + * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING + * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") + * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE + * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST + * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, + * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY + * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, + * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + * + * You acknowledge that this software is not designed or intended for use in + * the design, construction, operation or maintenance of any nuclear facility. + */ + +#include "testutil.h" +#include "testutil_nss.h" +#include "pkix_pl_common.h" + +#define LDAP_PORT 389 + +static void *plContext = NULL; + +typedef enum { + SERVER_LISTENING, + SERVER_RECV1, + SERVER_POLL1, + SERVER_SEND2, + SERVER_POLL2, + SERVER_RECV3, + SERVER_POLL3, + SERVER_SEND4, + SERVER_POLL4, + SERVER_DONE, + SERVER_FAILED +} SERVER_STATE; + +typedef enum { + CLIENT_WAITFORCONNECT, + CLIENT_SEND1, + CLIENT_POLL1, + CLIENT_RECV2, + CLIENT_POLL2, + CLIENT_SEND3, + CLIENT_POLL3, + CLIENT_RECV4, + CLIENT_POLL4, + CLIENT_DONE, + CLIENT_FAILED +} CLIENT_STATE; + +SERVER_STATE serverState; +CLIENT_STATE clientState; +PKIX_PL_Socket *sSock = NULL; +PKIX_PL_Socket *cSock = NULL; +PKIX_PL_Socket *rendezvousSock = NULL; +PKIX_PL_Socket_Callback *sCallbackList; +PKIX_PL_Socket_Callback *cCallbackList; +PKIX_PL_Socket_Callback *rvCallbackList; +PRNetAddr serverNetAddr; +PRNetAddr clientNetAddr; +PRIntn backlog = 0; +PRIntervalTime timeout = 0; +char *sendBuf1 = "Hello, world!"; +char *sendBuf2 = "Ack"; +char *sendBuf3 = "What do you mean, \"Ack\"?"; +char *sendBuf4 = "What do you mean, \"What do you mean, \'Ack\'?\"?"; +char rcvBuf1[100]; +char rcvBuf2[100]; + +static void +printUsage(char *testname) +{ + char *fmt = "USAGE: %s [-arenas] server:port\n"; + printf(fmt, testname); +} + +/* Functional tests for Socket public functions */ +static void +do_other_work(void) +{ /* while waiting for nonblocking I/O to complete */ + (void)PR_Sleep(2 * 60); +} + +static PKIX_Boolean +server() +{ + PKIX_Int32 bytesRead = 0; + PKIX_Int32 bytesWritten = 0; + PKIX_Boolean keepGoing = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + + switch (serverState) { + case SERVER_LISTENING: + subTest("SERVER_LISTENING"); + PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->acceptCallback(sSock, &rendezvousSock, plContext)); + if (rendezvousSock) { + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList(rendezvousSock, &rvCallbackList, plContext)); + + serverState = SERVER_RECV1; + } + break; + case SERVER_RECV1: + subTest("SERVER_RECV1"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->recvCallback(rendezvousSock, + rcvBuf1, + sizeof(rcvBuf1), + &bytesRead, + plContext)); + + if (bytesRead > 0) { + /* confirm that rcvBuf1 = sendBuf1 */ + if ((bytesRead != (PRInt32)PL_strlen(sendBuf1) + 1) || + (strncmp(sendBuf1, rcvBuf1, bytesRead) != 0)) { + testError("Receive buffer mismatch\n"); + } + + serverState = SERVER_SEND2; + keepGoing = PKIX_TRUE; + } else { + serverState = SERVER_POLL1; + } + break; + case SERVER_POLL1: + subTest("SERVER_POLL1"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback(rendezvousSock, NULL, &bytesRead, plContext)); + + if (bytesRead > 0) { + /* confirm that rcvBuf1 = sendBuf1 */ + if ((bytesRead != (PRInt32)PL_strlen(sendBuf1) + 1) || + (strncmp(sendBuf1, rcvBuf1, bytesRead) != 0)) { + testError("Receive buffer mismatch\n"); + } + + serverState = SERVER_SEND2; + keepGoing = PKIX_TRUE; + } + break; + case SERVER_SEND2: + subTest("SERVER_SEND2"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->sendCallback(rendezvousSock, + sendBuf2, + strlen(sendBuf2) + + 1, + &bytesWritten, + plContext)); + if (bytesWritten > 0) { + serverState = SERVER_RECV3; + } else { + serverState = SERVER_POLL2; + } + break; + case SERVER_POLL2: + subTest("SERVER_POLL2"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback(rendezvousSock, &bytesWritten, NULL, plContext)); + if (bytesWritten > 0) { + serverState = SERVER_RECV3; + } + break; + case SERVER_RECV3: + subTest("SERVER_RECV3"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->recvCallback(rendezvousSock, + rcvBuf1, + sizeof(rcvBuf1), + &bytesRead, + plContext)); + + if (bytesRead > 0) { + serverState = SERVER_SEND4; + keepGoing = PKIX_TRUE; + } else { + serverState = SERVER_POLL3; + } + break; + case SERVER_POLL3: + subTest("SERVER_POLL3"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback(rendezvousSock, NULL, &bytesRead, plContext)); + if (bytesRead > 0) { + serverState = SERVER_SEND4; + keepGoing = PKIX_TRUE; + } + break; + case SERVER_SEND4: + subTest("SERVER_SEND4"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->sendCallback(rendezvousSock, + sendBuf4, + strlen(sendBuf4) + + 1, + &bytesWritten, + plContext)); + + if (bytesWritten > 0) { + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->shutdownCallback(rendezvousSock, plContext)); + PKIX_TEST_DECREF_BC(sSock); + PKIX_TEST_DECREF_BC(rendezvousSock); + serverState = SERVER_DONE; + } else { + serverState = SERVER_POLL4; + } + break; + case SERVER_POLL4: + subTest("SERVER_POLL4"); + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback(rendezvousSock, &bytesWritten, NULL, plContext)); + if (bytesWritten > 0) { + PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->shutdownCallback(rendezvousSock, plContext)); + PKIX_TEST_DECREF_BC(sSock); + PKIX_TEST_DECREF_BC(rendezvousSock); + serverState = SERVER_DONE; + } + break; + case SERVER_DONE: + default: + subTest("SERVER_DONE"); + break; + } + +cleanup: + + PKIX_TEST_RETURN(); + + return (keepGoing); +} + +static PKIX_Boolean +client() +{ + PKIX_Boolean keepGoing = PKIX_FALSE; + PKIX_Int32 bytesRead = 0; + PKIX_Int32 bytesWritten = 0; + PRErrorCode cStat = 0; + + /* At 2 seconds each cycle, this should suffice! */ + PKIX_UInt32 giveUpCount = 10; + + PKIX_TEST_STD_VARS(); + + switch (clientState) { + case CLIENT_WAITFORCONNECT: + subTest("CLIENT_WAITFORCONNECT"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->connectcontinueCallback(cSock, &cStat, plContext)); + if (cStat == 0) { + clientState = CLIENT_SEND1; + keepGoing = PKIX_TRUE; + } else { + clientState = CLIENT_WAITFORCONNECT; + if (--giveUpCount == 0) { + testError("Client unable to connect"); + } + } + break; + case CLIENT_SEND1: + subTest("CLIENT_SEND1"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->sendCallback(cSock, + sendBuf1, + strlen(sendBuf1) + + 1, + &bytesWritten, + plContext)); + if (bytesWritten > 0) { + clientState = CLIENT_RECV2; + } else { + clientState = CLIENT_POLL1; + } + break; + case CLIENT_POLL1: + subTest("CLIENT_POLL1"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback(cSock, &bytesWritten, NULL, plContext)); + if (bytesWritten > 0) { + clientState = CLIENT_RECV2; + } else { + clientState = CLIENT_POLL1; + } + break; + case CLIENT_RECV2: + subTest("CLIENT_RECV2"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->recvCallback(cSock, + rcvBuf2, + sizeof(rcvBuf2), + &bytesRead, + plContext)); + + if (bytesRead > 0) { + /* confirm that rcvBuf2 = sendBuf2 */ + if ((bytesRead != (PRInt32)PL_strlen(sendBuf2) + 1) || + (strncmp(sendBuf2, rcvBuf2, bytesRead) != 0)) { + testError("Receive buffer mismatch\n"); + } + clientState = CLIENT_SEND3; + keepGoing = PKIX_TRUE; + } else { + clientState = CLIENT_POLL2; + } + break; + case CLIENT_POLL2: + subTest("CLIENT_POLL2"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback(cSock, NULL, &bytesRead, plContext)); + if (bytesRead > 0) { + /* confirm that rcvBuf2 = sendBuf2 */ + if ((bytesRead != (PRInt32)PL_strlen(sendBuf2) + 1) || + (strncmp(sendBuf2, rcvBuf2, bytesRead) != 0)) { + testError("Receive buffer mismatch\n"); + } + clientState = CLIENT_SEND3; + } else { + clientState = CLIENT_POLL2; + } + break; + case CLIENT_SEND3: + subTest("CLIENT_SEND3"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->sendCallback(cSock, + sendBuf3, + strlen(sendBuf3) + + 1, + &bytesWritten, + plContext)); + + if (bytesWritten > 0) { + clientState = CLIENT_RECV4; + } else { + clientState = CLIENT_POLL3; + } + break; + case CLIENT_POLL3: + subTest("CLIENT_POLL3"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback(cSock, &bytesWritten, NULL, plContext)); + if (bytesWritten > 0) { + clientState = CLIENT_RECV4; + } else { + clientState = CLIENT_POLL3; + } + break; + case CLIENT_RECV4: + subTest("CLIENT_RECV4"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->recvCallback(cSock, + rcvBuf2, + sizeof(rcvBuf2), + &bytesRead, + plContext)); + + if (bytesRead > 0) { + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->shutdownCallback(cSock, plContext)); + PKIX_TEST_DECREF_BC(cSock); + clientState = CLIENT_DONE; + } else { + clientState = CLIENT_POLL4; + } + break; + case CLIENT_POLL4: + subTest("CLIENT_POLL4"); + clientState = CLIENT_FAILED; + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback(cSock, NULL, &bytesRead, plContext)); + if (bytesRead > 0) { + PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->shutdownCallback(cSock, plContext)); + PKIX_TEST_DECREF_BC(cSock); + clientState = CLIENT_DONE; + } else { + clientState = CLIENT_POLL4; + } + break; + case CLIENT_DONE: + default: + subTest("CLIENT_DONE"); + break; + } + +cleanup: + + PKIX_TEST_RETURN(); + + return (keepGoing); +} + +static void +dispatcher() +{ + PKIX_Boolean keepGoing = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + + do { + if (serverState < SERVER_DONE) { + do { + keepGoing = server(); + } while (keepGoing == PKIX_TRUE); + } + if (clientState < CLIENT_DONE) { + do { + keepGoing = client(); + } while (keepGoing == PKIX_TRUE); + } + do_other_work(); + + } while ((serverState < SERVER_DONE) || (clientState < CLIENT_DONE)); + + PKIX_TEST_RETURN(); +} + +int +test_socket(int argc, char *argv[]) +{ + + int j = 0; + PKIX_UInt32 actualMinorVersion; + char buf[PR_NETDB_BUF_SIZE]; + char *serverName = NULL; + char *sepPtr = NULL; + PRHostEnt hostent; + PRUint16 portNum = 0; + PRStatus prstatus = PR_FAILURE; + PRErrorCode cStat = 0; + void *ipaddr = NULL; + PKIX_Error *bindError = NULL; + PRIntn hostenum; + + PKIX_TEST_STD_VARS(); + + startTests("Socket"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc != (j + 2)) { + printUsage(argv[0]); + pkixTestErrorMsg = "Missing command line argument."; + goto cleanup; + } + + serverName = argv[j + 1]; + + subTest("Using pkix_pl_Socket_CreateByName"); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_CreateByName(PKIX_TRUE, timeout, serverName, &cStat, &sSock, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList(sSock, &sCallbackList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->listenCallback(sSock, backlog, plContext)); + + serverState = SERVER_LISTENING; + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_CreateByName(PKIX_FALSE, timeout, serverName, &cStat, &cSock, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList(cSock, &cCallbackList, plContext)); + + if ((timeout == 0) && (cStat == PR_IN_PROGRESS_ERROR)) { + clientState = CLIENT_WAITFORCONNECT; + } else { + clientState = CLIENT_SEND1; + } + + dispatcher(); + + subTest("Using pkix_pl_Socket_Create"); + + sepPtr = strchr(serverName, ':'); + /* First strip off the portnum, if present, from the end of the name */ + if (sepPtr) { + *sepPtr++ = '\0'; + portNum = (PRUint16)atoi(sepPtr); + } else { + portNum = (PRUint16)LDAP_PORT; + } + /* + * The hostname may be a fully-qualified name. Just + * use the leftmost component in our lookup. + */ + sepPtr = strchr(serverName, '.'); + if (sepPtr) { + *sepPtr++ = '\0'; + } + prstatus = PR_GetHostByName(serverName, buf, sizeof(buf), &hostent); + + if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) { + printUsage(argv[0]); + pkixTestErrorMsg = + "PR_GetHostByName rejects command line argument."; + goto cleanup; + } + + serverNetAddr.inet.family = PR_AF_INET; + serverNetAddr.inet.port = PR_htons(portNum); + serverNetAddr.inet.ip = PR_INADDR_ANY; + + hostenum = PR_EnumerateHostEnt(0, &hostent, portNum, &clientNetAddr); + if (hostenum == -1) { + pkixTestErrorMsg = + "PR_EnumerateHostEnt failed."; + goto cleanup; + } + + backlog = 5; + + /* timeout = PR_INTERVAL_NO_TIMEOUT; */ + /* timeout = 0; nonblocking */ + timeout = 0; + + bindError = pkix_pl_Socket_Create(PKIX_TRUE, timeout, &serverNetAddr, &cStat, &sSock, plContext); + + /* If PR_Bind can't handle INADDR_ANY, try it with the real name */ + if (bindError) { + PKIX_TEST_DECREF_BC(bindError); + serverNetAddr.inet.ip = PR_htonl(*(PRUint32 *)ipaddr); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_Create(PKIX_TRUE, + timeout, + &serverNetAddr, + &cStat, + &sSock, + plContext)); + } + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList(sSock, &sCallbackList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->listenCallback(sSock, backlog, plContext)); + + serverState = SERVER_LISTENING; + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_Create(PKIX_FALSE, timeout, &clientNetAddr, &cStat, &cSock, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList(cSock, &cCallbackList, plContext)); + + if ((timeout == 0) && (cStat == PR_IN_PROGRESS_ERROR)) { + clientState = CLIENT_WAITFORCONNECT; + } else { + clientState = CLIENT_SEND1; + } + + dispatcher(); + +cleanup: + + PKIX_TEST_DECREF_AC(sSock); + PKIX_TEST_DECREF_AC(cSock); + PKIX_TEST_DECREF_AC(rendezvousSock); + + PKIX_TEST_RETURN(); + + endTests("Socket"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/Makefile b/security/nss/cmd/libpkix/pkix_pl/pki/Makefile new file mode 100644 index 0000000000..802e7729d9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/manifest.mn b/security/nss/cmd/libpkix/pkix_pl/pki/manifest.mn new file mode 100644 index 0000000000..15fae7bb5f --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/manifest.mn @@ -0,0 +1,29 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = ../.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +CSRCS = test_cert.c \ + test_crl.c \ + test_crlentry.c \ + test_date.c \ + test_generalname.c \ + test_nameconstraints.c \ + test_x500name.c \ + test_authorityinfoaccess.c \ + test_subjectinfoaccess.c \ + $(NULL) + +LIBRARY_NAME = pkixtoolpki +SHARED_LIBRARY = $(NULL) + +SOURCE_LIB_DIR=$(PKIX_DEPTH)/$(OBJDIR) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_authorityinfoaccess.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_authorityinfoaccess.c new file mode 100644 index 0000000000..156b440f9c --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_authorityinfoaccess.c @@ -0,0 +1,105 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_authorityinfoaccess.c + * + * Test Authority InfoAccess Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +int +test_authorityinfoaccess(int argc, char *argv[]) +{ + + PKIX_PL_Cert *cert = NULL; + PKIX_PL_Cert *certDiff = NULL; + PKIX_List *aiaList = NULL; + PKIX_List *siaList = NULL; + PKIX_PL_InfoAccess *aia = NULL; + PKIX_PL_InfoAccess *aiaDup = NULL; + PKIX_PL_InfoAccess *aiaDiff = NULL; + char *certPathName = NULL; + char *dirName = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 size, i; + PKIX_UInt32 j = 0; + char *expectedAscii = "[method:caIssuers, location:ldap:" + "//betty.nist.gov/cn=CA,ou=Basic%20LDAP%20URI%20OU1," + "o=Test%20Certificates,c=US?cACertificate;binary," + "crossCertificatePair;binary]"; + + PKIX_TEST_STD_VARS(); + + startTests("AuthorityInfoAccess"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 5 + j) { + printf("Usage: %s <test-purpose> <cert> <diff-cert>\n", argv[0]); + } + + dirName = argv[2 + j]; + certPathName = argv[3 + j]; + + subTest("Creating Cert with Authority Info Access"); + cert = createCert(dirName, certPathName, plContext); + + certPathName = argv[4 + j]; + + subTest("Creating Cert with Subject Info Access"); + certDiff = createCert(dirName, certPathName, plContext); + + subTest("Getting Authority Info Access"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(cert, &aiaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aia, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aiaDup, plContext)); + + subTest("Getting Subject Info Access as difference comparison"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectInfoAccess(certDiff, &siaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(siaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(siaList, 0, (PKIX_PL_Object **)&aiaDiff, plContext)); + + subTest("Checking: Equal, Hash and ToString"); + PKIX_TEST_EQ_HASH_TOSTR_DUP(aia, aiaDup, aiaDiff, expectedAscii, InfoAccess, PKIX_FALSE); + +cleanup: + + PKIX_TEST_DECREF_AC(aia); + PKIX_TEST_DECREF_AC(aiaDup); + PKIX_TEST_DECREF_AC(aiaDiff); + PKIX_TEST_DECREF_AC(aiaList); + PKIX_TEST_DECREF_AC(siaList); + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(certDiff); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Authorityinfoaccess"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_cert.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_cert.c new file mode 100644 index 0000000000..274f818ab3 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_cert.c @@ -0,0 +1,2088 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_cert.c + * + * Test Cert Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static PKIX_PL_Cert *altNameNoneCert = NULL; +static PKIX_PL_Cert *altNameOtherCert = NULL; +static PKIX_PL_Cert *altNameOtherCert_diff = NULL; +static PKIX_PL_Cert *altNameRfc822Cert = NULL; +static PKIX_PL_Cert *altNameRfc822Cert_diff = NULL; +static PKIX_PL_Cert *altNameDnsCert = NULL; +static PKIX_PL_Cert *altNameDnsCert_diff = NULL; +static PKIX_PL_Cert *altNameX400Cert = NULL; +static PKIX_PL_Cert *altNameX400Cert_diff = NULL; +static PKIX_PL_Cert *altNameDnCert = NULL; +static PKIX_PL_Cert *altNameDnCert_diff = NULL; +static PKIX_PL_Cert *altNameEdiCert = NULL; +static PKIX_PL_Cert *altNameEdiCert_diff = NULL; +static PKIX_PL_Cert *altNameUriCert = NULL; +static PKIX_PL_Cert *altNameUriCert_diff = NULL; +static PKIX_PL_Cert *altNameIpCert = NULL; +static PKIX_PL_Cert *altNameIpCert_diff = NULL; +static PKIX_PL_Cert *altNameOidCert = NULL; +static PKIX_PL_Cert *altNameOidCert_diff = NULL; +static PKIX_PL_Cert *altNameMultipleCert = NULL; + +static void *plContext = NULL; + +static void +createCerts( + char *dataCentralDir, + char *goodInput, + char *diffInput, + PKIX_PL_Cert **goodObject, + PKIX_PL_Cert **equalObject, + PKIX_PL_Cert **diffObject) +{ + subTest("PKIX_PL_Cert_Create <goodObject>"); + *goodObject = createCert(dataCentralDir, goodInput, plContext); + + subTest("PKIX_PL_Cert_Create <equalObject>"); + *equalObject = createCert(dataCentralDir, goodInput, plContext); + + subTest("PKIX_PL_Cert_Create <diffObject>"); + *diffObject = createCert(dataCentralDir, diffInput, plContext); +} + +static void +createCertsWithSubjectAltNames(char *dataCentralDir) +{ + subTest("PKIX_PL_Cert_Create <altNameDNS>"); + altNameDnsCert = createCert(dataCentralDir, "generalName/altNameDnsCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameDNS_diff>"); + altNameDnsCert_diff = createCert(dataCentralDir, "generalName/altNameDnsCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameRFC822>"); + altNameRfc822Cert = createCert(dataCentralDir, "generalName/altNameRfc822Cert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameRFC822_diff>"); + altNameRfc822Cert_diff = createCert(dataCentralDir, "generalName/altNameRfc822Cert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameX400Cert>"); + altNameX400Cert = createCert(dataCentralDir, "generalName/altNameX400Cert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameX400_diff>"); + altNameX400Cert_diff = createCert(dataCentralDir, "generalName/altNameX400Cert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameDN>"); + altNameDnCert = createCert(dataCentralDir, "generalName/altNameDnCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameDN_diff>"); + altNameDnCert_diff = createCert(dataCentralDir, "generalName/altNameDnCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameEdiCert>"); + altNameEdiCert = createCert(dataCentralDir, "generalName/altNameEdiCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameEdi_diff>"); + altNameEdiCert_diff = createCert(dataCentralDir, "generalName/altNameEdiCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameURI>"); + altNameUriCert = createCert(dataCentralDir, "generalName/altNameUriCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameURI_diff>"); + altNameUriCert_diff = createCert(dataCentralDir, "generalName/altNameUriCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameIP>"); + altNameIpCert = createCert(dataCentralDir, "generalName/altNameIpCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameIP_diff>"); + altNameIpCert_diff = createCert(dataCentralDir, "generalName/altNameIpCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameOID>"); + altNameOidCert = createCert(dataCentralDir, "generalName/altNameOidCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameOID_diff>"); + altNameOidCert_diff = createCert(dataCentralDir, "generalName/altNameOidCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameOther>"); + altNameOtherCert = createCert(dataCentralDir, "generalName/altNameOtherCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameOther_diff>"); + altNameOtherCert_diff = createCert(dataCentralDir, "generalName/altNameOtherCert_diff", plContext); + + subTest("PKIX_PL_Cert_Create <altNameNone>"); + altNameNoneCert = createCert(dataCentralDir, "generalName/altNameNoneCert", plContext); + + subTest("PKIX_PL_Cert_Create <altNameMultiple>"); + altNameMultipleCert = createCert(dataCentralDir, "generalName/altNameRfc822DnsCert", plContext); +} + +static void +testGetVersion( + PKIX_PL_Cert *goodObject) +{ + PKIX_UInt32 goodVersion; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetVersion"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetVersion(goodObject, &goodVersion, plContext)); + + if (goodVersion != 2) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", goodVersion); + (void)printf("Expected value:\t2\n"); + goto cleanup; + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testGetSerialNumber( + PKIX_PL_Cert *goodObject, + PKIX_PL_Cert *equalObject, + PKIX_PL_Cert *diffObject) +{ + PKIX_PL_BigInt *goodSN = NULL; + PKIX_PL_BigInt *equalSN = NULL; + PKIX_PL_BigInt *diffSN = NULL; + char *expectedAscii = "37bc66ec"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetSerialNumber"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSerialNumber(goodObject, &goodSN, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSerialNumber(equalObject, &equalSN, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSerialNumber(diffObject, &diffSN, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodSN, equalSN, diffSN, expectedAscii, BigInt, PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodSN); + PKIX_TEST_DECREF_AC(equalSN); + PKIX_TEST_DECREF_AC(diffSN); + + PKIX_TEST_RETURN(); +} + +static void +testGetSubject( + PKIX_PL_Cert *goodObject, + PKIX_PL_Cert *equalObject, + PKIX_PL_Cert *diffObject) +{ + PKIX_PL_X500Name *goodSubject = NULL; + PKIX_PL_X500Name *equalSubject = NULL; + PKIX_PL_X500Name *diffSubject = NULL; + char *expectedAscii = "OU=bcn,OU=east,O=sun,C=us"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetSubject"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(goodObject, &goodSubject, plContext)); + + if (!goodSubject) { + testError("Certificate Subject should not be NULL"); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(equalObject, &equalSubject, plContext)); + + if (!equalSubject) { + testError("Certificate Subject should not be NULL"); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(diffObject, &diffSubject, plContext)); + + if (!diffSubject) { + testError("Certificate Subject should not be NULL"); + goto cleanup; + } + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodSubject, + equalSubject, + diffSubject, + expectedAscii, + X500Name, + PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodSubject); + PKIX_TEST_DECREF_AC(equalSubject); + PKIX_TEST_DECREF_AC(diffSubject); + + PKIX_TEST_RETURN(); +} + +static void +testGetIssuer( + PKIX_PL_Cert *goodObject, + PKIX_PL_Cert *equalObject, + PKIX_PL_Cert *diffObject) +{ + PKIX_PL_X500Name *goodIssuer = NULL; + PKIX_PL_X500Name *equalIssuer = NULL; + PKIX_PL_X500Name *diffIssuer = NULL; + char *expectedAscii = "CN=yassir,OU=bcn,OU=east,O=sun,C=us"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetIssuer"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetIssuer(goodObject, &goodIssuer, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetIssuer(equalObject, &equalIssuer, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetIssuer(diffObject, &diffIssuer, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodIssuer, + equalIssuer, + diffIssuer, + expectedAscii, + X500Name, + PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodIssuer); + PKIX_TEST_DECREF_AC(equalIssuer); + PKIX_TEST_DECREF_AC(diffIssuer); + + PKIX_TEST_RETURN(); +} + +static void +testAltNames( + PKIX_PL_Cert *goodCert, + PKIX_PL_Cert *diffCert, + char *expectedAscii) +{ + PKIX_List *goodAltNames = NULL; + PKIX_List *diffAltNames = NULL; + PKIX_PL_GeneralName *goodAltName = NULL; + PKIX_PL_GeneralName *diffAltName = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectAltNames(goodCert, &goodAltNames, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodAltNames, + 0, + (PKIX_PL_Object **)&goodAltName, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectAltNames(diffCert, &diffAltNames, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffAltNames, + 0, + (PKIX_PL_Object **)&diffAltName, + plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodAltName, goodAltName, diffAltName, + expectedAscii, GeneralName, PKIX_TRUE); + +cleanup: + PKIX_TEST_DECREF_AC(goodAltNames); + PKIX_TEST_DECREF_AC(goodAltName); + PKIX_TEST_DECREF_AC(diffAltNames); + PKIX_TEST_DECREF_AC(diffAltName); + PKIX_TEST_RETURN(); +} + +static void +testAltNamesNone(PKIX_PL_Cert *cert) +{ + + PKIX_List *altNames = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectAltNames(cert, &altNames, plContext)); + + if (altNames != NULL) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%p\n", (void *)altNames); + (void)printf("Expected value:\tNULL\n"); + goto cleanup; + } + +cleanup: + + PKIX_TEST_DECREF_AC(altNames); + PKIX_TEST_RETURN(); +} +static void +testAltNamesMultiple() +{ + PKIX_List *altNames = NULL; + PKIX_PL_GeneralName *firstAltName = NULL; + PKIX_Int32 firstExpectedType = PKIX_RFC822_NAME; + PKIX_PL_GeneralName *secondAltName = NULL; + PKIX_Int32 secondExpectedType = PKIX_DNS_NAME; + + char *expectedAscii = + "[\n" + "\tVersion: v3\n" + "\tSerialNumber: 2d\n" + "\tIssuer: OU=labs,O=sun,C=us\n" + "\tSubject: CN=yassir,OU=labs,O=sun,C=us\n" + "\tValidity: [From: Mon Feb 09, 2004\n" + /* "\tValidity: [From: Mon Feb 09 14:43:52 2004\n" */ + "\t To: Mon Feb 09, 2004]\n" + /* "\t To: Mon Feb 09 14:43:52 2004]\n" */ + "\tSubjectAltNames: (yassir@sun.com, sunray.sun.com)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (EMPTY)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: (null)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "\tAuthorityInfoAccess: (null)\n" + "\tSubjectInfoAccess: (null)\n" + "\tCacheFlag: 0\n" + "]\n"; + + PKIX_TEST_STD_VARS(); + + testToStringHelper((PKIX_PL_Object *)altNameMultipleCert, + expectedAscii, + plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectAltNames(altNameMultipleCert, &altNames, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(altNames, 0, (PKIX_PL_Object **)&firstAltName, plContext)); + + if (firstAltName->type != firstExpectedType) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", firstAltName->type); + (void)printf("Expected value:\t%d\n", firstExpectedType); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(altNames, 1, (PKIX_PL_Object **)&secondAltName, plContext)); + + if (secondAltName->type != secondExpectedType) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", secondAltName->type); + (void)printf("Expected value:\t%d\n", secondExpectedType); + goto cleanup; + } + +cleanup: + PKIX_TEST_DECREF_AC(altNames); + PKIX_TEST_DECREF_AC(firstAltName); + PKIX_TEST_DECREF_AC(secondAltName); + PKIX_TEST_RETURN(); +} + +static void +testGetSubjectAltNames(char *dataCentralDir) +{ + + char *expectedAscii = NULL; + + createCertsWithSubjectAltNames(dataCentralDir); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <DNS>"); + expectedAscii = "east.sun.com"; + testAltNames(altNameDnsCert, altNameDnsCert_diff, expectedAscii); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <RFC822>"); + expectedAscii = "alice.barnes@bcn.east.sun.com"; + testAltNames(altNameRfc822Cert, altNameRfc822Cert_diff, expectedAscii); + + /* + *this should work once bugzilla bug #233586 is fixed. + *subTest("PKIX_PL_Cert_GetSubjectAltNames <X400Address>"); + *expectedAscii = "X400Address: <DER-encoded value>"; + *testAltNames(altNameX400Cert, altNameX400Cert_diff, expectedAscii); + */ + + subTest("PKIX_PL_Cert_GetSubjectAltNames <DN>"); + expectedAscii = "CN=elley,OU=labs,O=sun,C=us"; + testAltNames(altNameDnCert, altNameDnCert_diff, expectedAscii); + + /* + * this should work once bugzilla bug #233586 is fixed. + * subTest("PKIX_PL_Cert_GetSubjectAltNames <EdiPartyName>"); + * expectedAscii = "EDIPartyName: <DER-encoded value>"; + * testAltNames(altNameEdiCert, altNameEdiCert_diff, expectedAscii); + */ + + subTest("PKIX_PL_Cert_GetSubjectAltNames <URI>"); + expectedAscii = "http://www.sun.com"; + testAltNames(altNameUriCert, altNameUriCert_diff, expectedAscii); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <IP>"); + expectedAscii = "1.2.3.4"; + testAltNames(altNameIpCert, altNameIpCert_diff, expectedAscii); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <OID>"); + expectedAscii = "1.2.39"; + testAltNames(altNameOidCert, altNameOidCert_diff, expectedAscii); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <Other>"); + expectedAscii = "1.7.26.97"; + testAltNames(altNameOtherCert, altNameOtherCert_diff, expectedAscii); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <none>"); + testAltNamesNone(altNameNoneCert); + + subTest("PKIX_PL_Cert_GetSubjectAltNames <Multiple>"); + testAltNamesMultiple(); +} + +static void +testGetSubjectPublicKey( + PKIX_PL_Cert *goodObject, + PKIX_PL_Cert *equalObject, + PKIX_PL_Cert *diffObject) +{ + PKIX_PL_PublicKey *goodPubKey = NULL; + PKIX_PL_PublicKey *equalPubKey = NULL; + PKIX_PL_PublicKey *diffPubKey = NULL; + char *expectedAscii = "ANSI X9.57 DSA Signature"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(goodObject, &goodPubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(equalObject, &equalPubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(diffObject, &diffPubKey, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodPubKey, equalPubKey, diffPubKey, + expectedAscii, PublicKey, PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodPubKey); + PKIX_TEST_DECREF_AC(equalPubKey); + PKIX_TEST_DECREF_AC(diffPubKey); + + PKIX_TEST_RETURN(); +} + +static void +testGetSubjectPublicKeyAlgId(PKIX_PL_Cert *goodObject) +{ + PKIX_PL_OID *pkixPubKeyOID = NULL; + char *expectedAscii = "1.2.840.10040.4.1"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetSubjectPublicKeyAlgId"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKeyAlgId(goodObject, &pkixPubKeyOID, plContext)); + + testToStringHelper((PKIX_PL_Object *)pkixPubKeyOID, expectedAscii, plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(pkixPubKeyOID); + PKIX_TEST_RETURN(); +} + +static void +testCritExtensionsPresent(PKIX_PL_Cert *cert) +{ + PKIX_List *critOIDList = NULL; + char *firstOIDAscii = "2.5.29.15"; + PKIX_PL_OID *firstOID = NULL; + char *secondOIDAscii = "2.5.29.19"; + PKIX_PL_OID *secondOID = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetCriticalExtensionOIDs(cert, &critOIDList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(critOIDList, 0, (PKIX_PL_Object **)&firstOID, plContext)); + testToStringHelper((PKIX_PL_Object *)firstOID, firstOIDAscii, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(critOIDList, 1, (PKIX_PL_Object **)&secondOID, plContext)); + + testToStringHelper((PKIX_PL_Object *)secondOID, secondOIDAscii, plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(critOIDList); + PKIX_TEST_DECREF_AC(firstOID); + PKIX_TEST_DECREF_AC(secondOID); + + PKIX_TEST_RETURN(); +} + +static void +testCritExtensionsAbsent(PKIX_PL_Cert *cert) +{ + PKIX_List *oidList = NULL; + PKIX_Boolean empty; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetCriticalExtensionOIDs(cert, &oidList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsEmpty(oidList, &empty, plContext)); + + if (!empty) { + pkixTestErrorMsg = "unexpected mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(oidList); + PKIX_TEST_RETURN(); +} + +static void +testAllExtensionsAbsent(char *dataCentralDir) +{ + PKIX_List *oidList = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_Boolean empty; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <noExtensionsCert>"); + cert = createCert(dataCentralDir, "noExtensionsCert", plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetCriticalExtensionOIDs(cert, &oidList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsEmpty(oidList, &empty, plContext)); + + if (!empty) { + pkixTestErrorMsg = "unexpected mismatch"; + } + +cleanup: + PKIX_TEST_DECREF_AC(oidList); + PKIX_TEST_DECREF_AC(cert); + + PKIX_TEST_RETURN(); +} + +static void +testGetCriticalExtensionOIDs(char *dataCentralDir, PKIX_PL_Cert *goodObject) +{ + subTest("PKIX_PL_Cert_GetCriticalExtensionOIDs " + "<CritExtensionsPresent>"); + testCritExtensionsPresent(goodObject); + + subTest("PKIX_PL_Cert_GetCriticalExtensionOIDs " + "<CritExtensionsAbsent>"); + testCritExtensionsAbsent(altNameOidCert); + + subTest("PKIX_PL_Cert_GetCriticalExtensionOIDs " + "<AllExtensionsAbsent>"); + testAllExtensionsAbsent(dataCentralDir); +} + +static void +testKeyIdentifiersMatching(char *dataCentralDir) +{ + PKIX_PL_Cert *subjKeyIDCert = NULL; + PKIX_PL_Cert *authKeyIDCert = NULL; + PKIX_PL_ByteArray *subjKeyID = NULL; + PKIX_PL_ByteArray *authKeyID = NULL; + PKIX_PL_ByteArray *subjKeyID_diff = NULL; + + char *expectedAscii = + "[116, 021, 213, 036, 028, 189, 094, 101, 136, 031, 225," + " 139, 009, 126, 127, 234, 025, 072, 078, 097]"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <subjKeyIDCert>"); + subjKeyIDCert = createCert(dataCentralDir, "keyIdentifier/subjKeyIDCert", plContext); + + subTest("PKIX_PL_Cert_Create <authKeyIDCert>"); + authKeyIDCert = createCert(dataCentralDir, "keyIdentifier/authKeyIDCert", plContext); + + subTest("PKIX_PL_Cert_GetSubjectKeyIdentifier <good>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectKeyIdentifier(subjKeyIDCert, &subjKeyID, plContext)); + + subTest("PKIX_PL_Cert_GetAuthorityKeyIdentifier <equal>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityKeyIdentifier(authKeyIDCert, &authKeyID, plContext)); + + subTest("PKIX_PL_Cert_GetSubjectKeyIdentifier <diff>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectKeyIdentifier(authKeyIDCert, &subjKeyID_diff, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(subjKeyID, + authKeyID, + subjKeyID_diff, + expectedAscii, + ByteArray, + PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(subjKeyIDCert); + PKIX_TEST_DECREF_AC(authKeyIDCert); + PKIX_TEST_DECREF_AC(subjKeyID); + PKIX_TEST_DECREF_AC(authKeyID); + PKIX_TEST_DECREF_AC(subjKeyID_diff); + + PKIX_TEST_RETURN(); +} + +static void +testKeyIdentifierAbsent(PKIX_PL_Cert *cert) +{ + PKIX_PL_ByteArray *subjKeyID = NULL; + PKIX_PL_ByteArray *authKeyID = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectKeyIdentifier(cert, &subjKeyID, plContext)); + + if (subjKeyID != NULL) { + pkixTestErrorMsg = "unexpected mismatch"; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityKeyIdentifier(cert, &authKeyID, plContext)); + + if (authKeyID != NULL) { + pkixTestErrorMsg = "unexpected mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(subjKeyID); + PKIX_TEST_DECREF_AC(authKeyID); + + PKIX_TEST_RETURN(); +} + +static void +testGetKeyIdentifiers(char *dataCentralDir, PKIX_PL_Cert *goodObject) +{ + testKeyIdentifiersMatching(dataCentralDir); + testKeyIdentifierAbsent(goodObject); +} + +static void +testVerifyKeyUsage( + char *dataCentralDir, + char *dataDir, + PKIX_PL_Cert *multiKeyUsagesCert) +{ + PKIX_PL_Cert *encipherOnlyCert = NULL; + PKIX_PL_Cert *decipherOnlyCert = NULL; + PKIX_PL_Cert *noKeyUsagesCert = NULL; + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <encipherOnlyCert>"); + encipherOnlyCert = createCert(dataCentralDir, "keyUsage/encipherOnlyCert", plContext); + + subTest("PKIX_PL_Cert_Create <decipherOnlyCert>"); + decipherOnlyCert = createCert(dataCentralDir, "keyUsage/decipherOnlyCert", plContext); + + subTest("PKIX_PL_Cert_Create <noKeyUsagesCert>"); + noKeyUsagesCert = createCert(dataCentralDir, "keyUsage/noKeyUsagesCert", plContext); + + subTest("PKIX_PL_Cert_VerifyKeyUsage <key_cert_sign>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_VerifyKeyUsage(multiKeyUsagesCert, PKIX_KEY_CERT_SIGN, plContext)); + + subTest("PKIX_PL_Cert_VerifyKeyUsage <multiKeyUsages>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_VerifyKeyUsage(multiKeyUsagesCert, + PKIX_KEY_CERT_SIGN | + PKIX_DIGITAL_SIGNATURE, + plContext)); + + subTest("PKIX_PL_Cert_VerifyKeyUsage <encipher_only>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_VerifyKeyUsage(encipherOnlyCert, PKIX_ENCIPHER_ONLY, plContext)); + + subTest("PKIX_PL_Cert_VerifyKeyUsage <noKeyUsages>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_VerifyKeyUsage(noKeyUsagesCert, PKIX_ENCIPHER_ONLY, plContext)); + + subTest("PKIX_PL_Cert_VerifyKeyUsage <decipher_only>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_VerifyKeyUsage(decipherOnlyCert, PKIX_DECIPHER_ONLY, plContext)); + +cleanup: + PKIX_TEST_DECREF_AC(encipherOnlyCert); + PKIX_TEST_DECREF_AC(decipherOnlyCert); + PKIX_TEST_DECREF_AC(noKeyUsagesCert); + + PKIX_TEST_RETURN(); +} + +static void +testGetExtendedKeyUsage(char *dataCentralDir) +{ + + PKIX_PL_Cert *codeSigningEKUCert = NULL; + PKIX_PL_Cert *multiEKUCert = NULL; + PKIX_PL_Cert *noEKUCert = NULL; + PKIX_List *firstExtKeyUsage = NULL; + PKIX_List *secondExtKeyUsage = NULL; + PKIX_List *thirdExtKeyUsage = NULL; + PKIX_PL_OID *firstOID = NULL; + char *oidAscii = "1.3.6.1.5.5.7.3.3"; + PKIX_PL_OID *secondOID = NULL; + char *secondOIDAscii = "1.3.6.1.5.5.7.3.1"; + PKIX_PL_OID *thirdOID = NULL; + char *thirdOIDAscii = "1.3.6.1.5.5.7.3.2"; + PKIX_PL_OID *fourthOID = NULL; + PKIX_UInt32 length = 0; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <codeSigningEKUCert>"); + codeSigningEKUCert = createCert(dataCentralDir, "extKeyUsage/codeSigningEKUCert", plContext); + + subTest("PKIX_PL_Cert_Create <multiEKUCert>"); + multiEKUCert = createCert(dataCentralDir, "extKeyUsage/multiEKUCert", plContext); + + subTest("PKIX_PL_Cert_Create <noEKUCert>"); + noEKUCert = createCert(dataCentralDir, "extKeyUsage/noEKUCert", plContext); + + subTest("PKIX_PL_Cert_ExtendedKeyUsage <codeSigningEKU>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetExtendedKeyUsage(codeSigningEKUCert, &firstExtKeyUsage, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(firstExtKeyUsage, 0, (PKIX_PL_Object **)&firstOID, plContext)); + testToStringHelper((PKIX_PL_Object *)firstOID, oidAscii, plContext); + + subTest("PKIX_PL_Cert_ExtendedKeyUsage <multiEKU>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetExtendedKeyUsage(multiEKUCert, &secondExtKeyUsage, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(secondExtKeyUsage, &length, plContext)); + + if (length != 3) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", length); + (void)printf("Expected value:\t3\n"); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(secondExtKeyUsage, + 0, + (PKIX_PL_Object **)&secondOID, + plContext)); + + testToStringHelper((PKIX_PL_Object *)secondOID, oidAscii, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(secondExtKeyUsage, + 1, + (PKIX_PL_Object **)&thirdOID, + plContext)); + + testToStringHelper((PKIX_PL_Object *)thirdOID, secondOIDAscii, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(secondExtKeyUsage, + 2, + (PKIX_PL_Object **)&fourthOID, + plContext)); + + testToStringHelper((PKIX_PL_Object *)fourthOID, thirdOIDAscii, plContext); + + subTest("PKIX_PL_Cert_ExtendedKeyUsage <noEKU>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetExtendedKeyUsage(noEKUCert, &thirdExtKeyUsage, plContext)); + + if (thirdExtKeyUsage != NULL) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%p\n", (void *)thirdExtKeyUsage); + (void)printf("Expected value:\tNULL\n"); + goto cleanup; + } + +cleanup: + + PKIX_TEST_DECREF_AC(firstOID); + PKIX_TEST_DECREF_AC(secondOID); + PKIX_TEST_DECREF_AC(thirdOID); + PKIX_TEST_DECREF_AC(fourthOID); + + PKIX_TEST_DECREF_AC(firstExtKeyUsage); + PKIX_TEST_DECREF_AC(secondExtKeyUsage); + PKIX_TEST_DECREF_AC(thirdExtKeyUsage); + + PKIX_TEST_DECREF_AC(codeSigningEKUCert); + PKIX_TEST_DECREF_AC(multiEKUCert); + PKIX_TEST_DECREF_AC(noEKUCert); + + PKIX_TEST_RETURN(); +} + +static void +testMakeInheritedDSAPublicKey(char *dataCentralDir) +{ + PKIX_PL_PublicKey *firstKey = NULL; + PKIX_PL_PublicKey *secondKey = NULL; + PKIX_PL_PublicKey *resultKeyPositive = NULL; + PKIX_PL_PublicKey *resultKeyNegative = NULL; + PKIX_PL_Cert *firstCert = NULL; + PKIX_PL_Cert *secondCert = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <dsaWithoutParams>"); + firstCert = createCert(dataCentralDir, "publicKey/dsaWithoutParams", plContext); + + subTest("PKIX_PL_Cert_Create <dsaWithParams>"); + secondCert = createCert(dataCentralDir, "publicKey/dsaWithParams", plContext); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <firstKey>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(firstCert, &firstKey, plContext)); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <secondKey>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(secondCert, &secondKey, plContext)); + + subTest("PKIX_PL_PublicKey_MakeInheritedDSAPublicKey <positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey(firstKey, secondKey, &resultKeyPositive, plContext)); + + if (resultKeyPositive == NULL) { + testError("PKIX_PL_PublicKey_MakeInheritedDSAPublicKey failed"); + } + + subTest("PKIX_PL_PublicKey_MakeInheritedDSAPublicKey <negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_PublicKey_MakeInheritedDSAPublicKey(firstKey, firstKey, &resultKeyNegative, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(firstCert); + PKIX_TEST_DECREF_AC(secondCert); + + PKIX_TEST_DECREF_AC(firstKey); + PKIX_TEST_DECREF_AC(secondKey); + PKIX_TEST_DECREF_AC(resultKeyPositive); + PKIX_TEST_DECREF_AC(resultKeyNegative); + + PKIX_TEST_RETURN(); +} + +static void +testVerifySignature(char *dataCentralDir) +{ + PKIX_PL_Cert *firstCert = NULL; + PKIX_PL_Cert *secondCert = NULL; + PKIX_PL_PublicKey *firstPubKey = NULL; + PKIX_PL_PublicKey *secondPubKey = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <labs2yassir>"); + firstCert = createCert(dataCentralDir, "publicKey/labs2yassir", plContext); + + subTest("PKIX_PL_Cert_Create <yassir2labs>"); + secondCert = createCert(dataCentralDir, "publicKey/yassir2labs", plContext); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <labs2yassir>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(firstCert, &firstPubKey, plContext)); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <yassir2labs>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(secondCert, &secondPubKey, plContext)); + + subTest("PKIX_PL_Cert_VerifySignature <positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_VerifySignature(secondCert, firstPubKey, plContext)); + + subTest("PKIX_PL_Cert_VerifySignature <negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_VerifySignature(secondCert, secondPubKey, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(firstCert); + PKIX_TEST_DECREF_AC(secondCert); + PKIX_TEST_DECREF_AC(firstPubKey); + PKIX_TEST_DECREF_AC(secondPubKey); + + PKIX_TEST_RETURN(); +} + +static void +testCheckValidity( + PKIX_PL_Cert *olderCert, + PKIX_PL_Cert *newerCert) +{ + /* + * olderCert has the following Validity: + * notBefore = August 19, 1999: 20:19:56 GMT + * notAfter = August 18, 2000: 20:19:56 GMT + * + * newerCert has the following Validity: + * notBefore = November 13, 2003: 16:46:03 GMT + * notAfter = February 13, 2009: 16:46:03 GMT + */ + + /* olderDateAscii = March 29, 2000: 13:48:47 GMT */ + char *olderAscii = "000329134847Z"; + PKIX_PL_String *olderString = NULL; + PKIX_PL_Date *olderDate = NULL; + + /* newerDateAscii = March 29, 2004: 13:48:47 GMT */ + char *newerAscii = "040329134847Z"; + PKIX_PL_String *newerString = NULL; + PKIX_PL_Date *newerDate = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_CheckValidity <creating Dates>"); + + /* create newer date when newer cert is valid but older cert is not */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, newerAscii, 0, &newerString, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(newerString, &newerDate, plContext)); + + /* create older date when older cert is valid but newer cert is not */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, olderAscii, 0, &olderString, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(olderString, &olderDate, plContext)); + + /* check validity of both certificates using olderDate */ + subTest("PKIX_PL_Cert_CheckValidity <olderDate:positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_CheckValidity(olderCert, olderDate, plContext)); + + subTest("PKIX_PL_Cert_CheckValidity <olderDate:negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckValidity(newerCert, olderDate, plContext)); + + /* check validity of both certificates using newerDate */ + subTest("PKIX_PL_Cert_CheckValidity <newerDate:positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_CheckValidity(newerCert, newerDate, plContext)); + + subTest("PKIX_PL_Cert_CheckValidity <newerDate:negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckValidity(olderCert, newerDate, plContext)); + + /* + * check validity of both certificates using current time + * NOTE: these "now" tests will not work when the current + * time is after newerCert.notAfter (~ February 13, 2009) + */ + subTest("PKIX_PL_Cert_CheckValidity <now:positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_CheckValidity(newerCert, NULL, plContext)); + + subTest("PKIX_PL_Cert_CheckValidity <now:negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckValidity(olderCert, NULL, plContext)); + +cleanup: + PKIX_TEST_DECREF_AC(olderString); + PKIX_TEST_DECREF_AC(newerString); + PKIX_TEST_DECREF_AC(olderDate); + PKIX_TEST_DECREF_AC(newerDate); + + PKIX_TEST_RETURN(); +} + +static void +readCertBasicConstraints( + char *dataDir, + char *goodCertName, + char *diffCertName, + PKIX_PL_CertBasicConstraints **goodBasicConstraints, + PKIX_PL_CertBasicConstraints **equalBasicConstraints, + PKIX_PL_CertBasicConstraints **diffBasicConstraints) +{ + + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + + PKIX_TEST_STD_VARS(); + + createCerts(dataDir, goodCertName, diffCertName, + &goodCert, &equalCert, &diffCert); + /* + * Warning: pointer will be NULL if BasicConstraints + * extension is not present in the certificate. */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints(goodCert, goodBasicConstraints, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints(equalCert, equalBasicConstraints, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints(diffCert, diffBasicConstraints, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(diffCert); + + PKIX_TEST_RETURN(); +} + +static void +testBasicConstraintsHelper( + char *dataDir, + char *goodCertName, + char *diffCertName, + char *expectedAscii) +{ + PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *equalBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL; + + PKIX_TEST_STD_VARS(); + + readCertBasicConstraints(dataDir, + goodCertName, + diffCertName, + &goodBasicConstraints, + &equalBasicConstraints, + &diffBasicConstraints); + + /* + * The standard test macro is applicable only + * if BasicConstraint extension is present + * in the certificate. Otherwise some + * pointers will be null. + */ + if ((goodBasicConstraints) && + (equalBasicConstraints) && + (diffBasicConstraints)) { + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodBasicConstraints, + equalBasicConstraints, + diffBasicConstraints, + expectedAscii, + BasicConstraints, + PKIX_TRUE); + } else { + /* Test what we can */ + if (goodBasicConstraints) { + if (!equalBasicConstraints) { + testError("Unexpected NULL value of equalBasicConstraints"); + goto cleanup; + } + subTest("PKIX_PL_BasicConstraints_Equals <match>"); + testEqualsHelper((PKIX_PL_Object *)(goodBasicConstraints), + (PKIX_PL_Object *)(equalBasicConstraints), + PKIX_TRUE, + plContext); + subTest("PKIX_PL_BasicConstraints_Hashcode <match>"); + testHashcodeHelper((PKIX_PL_Object *)(goodBasicConstraints), + (PKIX_PL_Object *)(equalBasicConstraints), + PKIX_TRUE, + plContext); + if (diffBasicConstraints) { + subTest("PKIX_PL_BasicConstraints_Equals <non-match>"); + testEqualsHelper((PKIX_PL_Object *)(goodBasicConstraints), + (PKIX_PL_Object *)(diffBasicConstraints), + PKIX_FALSE, + plContext); + subTest("PKIX_PL_BasicConstraints_Hashcode <non-match>"); + testHashcodeHelper((PKIX_PL_Object *)(goodBasicConstraints), + (PKIX_PL_Object *)(diffBasicConstraints), + PKIX_FALSE, + plContext); + } + subTest("PKIX_PL_BasicConstraints_Duplicate"); + testDuplicateHelper((PKIX_PL_Object *)goodBasicConstraints, plContext); + } + if (expectedAscii) { + subTest("PKIX_PL_BasicConstraints_ToString"); + testToStringHelper((PKIX_PL_Object *)(goodBasicConstraints), + expectedAscii, + plContext); + } + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodBasicConstraints); + PKIX_TEST_DECREF_AC(equalBasicConstraints); + PKIX_TEST_DECREF_AC(diffBasicConstraints); + + PKIX_TEST_RETURN(); +} + +static void +testBasicConstraints_GetCAFlag(char *dataCentralDir) +{ + /* + * XXX When we have a certificate with a non-null Basic + * Constraints field and a value of FALSE for CAFlag, + * this test should be modified to use that + * certificate for diffCertName, and to verify that + * GetCAFlag returns a FALSE value. But our certificates for + * non-CAs are created with no BasicConstraints extension. + */ + PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *equalBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL; + char *goodCertName = "yassir2yassir"; + char *diffCertName = "nss2alice"; + PKIX_Boolean goodCAFlag = PKIX_FALSE; + PKIX_Boolean diffCAFlag = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_BasicConstraints_GetCAFlag"); + + readCertBasicConstraints(dataCentralDir, + goodCertName, + diffCertName, + &goodBasicConstraints, + &equalBasicConstraints, + &diffBasicConstraints); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetCAFlag(goodBasicConstraints, &goodCAFlag, plContext)); + if (!goodCAFlag) { + testError("BasicConstraint CAFlag unexpectedly FALSE"); + goto cleanup; + } + + if (diffBasicConstraints) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetCAFlag(diffBasicConstraints, &diffCAFlag, plContext)); + if (diffCAFlag) { + testError("BasicConstraint CAFlag unexpectedly TRUE"); + goto cleanup; + } + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodBasicConstraints); + PKIX_TEST_DECREF_AC(equalBasicConstraints); + PKIX_TEST_DECREF_AC(diffBasicConstraints); + + PKIX_TEST_RETURN(); +} + +static void +testBasicConstraints_GetPathLenConstraint(char *dataCentralDir) +{ + PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *equalBasicConstraints = NULL; + PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL; + char *goodCertName = "yassir2yassir"; + char *diffCertName = "sun2sun"; + PKIX_Int32 goodPathLen = 0; + PKIX_Int32 diffPathLen = 0; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_BasicConstraints_GetPathLenConstraint"); + + readCertBasicConstraints(dataCentralDir, + goodCertName, + diffCertName, + &goodBasicConstraints, + &equalBasicConstraints, + &diffBasicConstraints); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint(goodBasicConstraints, &goodPathLen, plContext)); + if (0 != goodPathLen) { + testError("unexpected basicConstraint pathLen"); + (void)printf("Actual value:\t%d\n", goodPathLen); + (void)printf("Expected value:\t0\n"); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint(diffBasicConstraints, &diffPathLen, plContext)); + if (1 != diffPathLen) { + testError("unexpected basicConstraint pathLen"); + (void)printf("Actual value:\t%d\n", diffPathLen); + (void)printf("Expected value:\t1\n"); + goto cleanup; + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodBasicConstraints); + PKIX_TEST_DECREF_AC(equalBasicConstraints); + PKIX_TEST_DECREF_AC(diffBasicConstraints); + + PKIX_TEST_RETURN(); +} + +static void +testGetBasicConstraints(char *dataCentralDir) +{ + char *goodCertName = NULL; + char *diffCertName = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetBasicConstraints <CA(0) and non-CA>"); + goodCertName = "yassir2yassir"; + diffCertName = "nss2alice"; + testBasicConstraintsHelper(dataCentralDir, goodCertName, diffCertName, "CA(0)"); + + subTest("PKIX_PL_Cert_GetBasicConstraints <non-CA and CA(1)>"); + goodCertName = "nss2alice"; + diffCertName = "sun2sun"; + testBasicConstraintsHelper(dataCentralDir, goodCertName, diffCertName, NULL); + + subTest("PKIX_PL_Cert_GetBasicConstraints <CA(0) and CA(1)>"); + goodCertName = "yassir2bcn"; + diffCertName = "sun2sun"; + testBasicConstraintsHelper(dataCentralDir, goodCertName, diffCertName, "CA(0)"); + + subTest("PKIX_PL_Cert_GetBasicConstraints <CA(-1) and CA(1)>"); + goodCertName = "anchor2dsa"; + diffCertName = "sun2sun"; + testBasicConstraintsHelper(dataCentralDir, goodCertName, diffCertName, "CA(-1)"); + + PKIX_TEST_RETURN(); +} + +static void +testGetPolicyInformation(char *dataDir) +{ + + char *goodCertName = + "UserNoticeQualifierTest15EE.crt"; + char *equalCertName = + "UserNoticeQualifierTest15EE.crt"; + char *diffCertName = + "UserNoticeQualifierTest17EE.crt"; + PKIX_Boolean isImmutable = PKIX_FALSE; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_List *goodPolicyInfo = NULL; + PKIX_List *equalPolicyInfo = NULL; + PKIX_List *diffPolicyInfo = NULL; + PKIX_PL_CertPolicyInfo *goodPolicy = NULL; + PKIX_PL_CertPolicyInfo *equalPolicy = NULL; + PKIX_PL_CertPolicyInfo *diffPolicy = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_Cert_GetPolicyInformation"); + + /* + * Get the cert, then the list of policyInfos. + * Take the first policyInfo from the list. + */ + + /* Get the PolicyInfo objects */ + goodCert = createCert(dataDir, goodCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(goodCert, &goodPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodPolicyInfo, 0, (PKIX_PL_Object **)&goodPolicy, plContext)); + + equalCert = createCert(dataDir, equalCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(equalCert, &equalPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalPolicyInfo, + 0, + (PKIX_PL_Object **)&equalPolicy, + plContext)); + + diffCert = createCert(dataDir, diffCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &diffPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffPolicyInfo, 0, (PKIX_PL_Object **)&diffPolicy, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodPolicy, + equalPolicy, + diffPolicy, + NULL, + CertPolicyInfo, + PKIX_FALSE); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable(goodPolicyInfo, &isImmutable, plContext)); + + if (isImmutable != PKIX_TRUE) { + testError("PolicyInfo List is not immutable"); + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffPolicy); + PKIX_TEST_DECREF_AC(goodPolicyInfo); + PKIX_TEST_DECREF_AC(equalPolicyInfo); + PKIX_TEST_DECREF_AC(diffPolicyInfo); + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(diffCert); + PKIX_TEST_RETURN(); +} + +static void +testCertPolicy_GetPolicyId(char *dataDir) +{ + char *goodCertName = + "UserNoticeQualifierTest15EE.crt"; + char *equalCertName = + "UserNoticeQualifierTest16EE.crt"; + char *diffCertName = + "UserNoticeQualifierTest17EE.crt"; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_List *goodPolicyInfo = NULL; + PKIX_List *equalPolicyInfo = NULL; + PKIX_List *diffPolicyInfo = NULL; + PKIX_PL_CertPolicyInfo *goodPolicy = NULL; + PKIX_PL_CertPolicyInfo *equalPolicy = NULL; + PKIX_PL_CertPolicyInfo *diffPolicy = NULL; + PKIX_PL_OID *goodID = NULL; + PKIX_PL_OID *equalID = NULL; + PKIX_PL_OID *diffID = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_CertPolicyInfo_GetPolicyId"); + + /* + * Get the cert, then the list of policyInfos. + * Take the first policyInfo from the list. + * Finally, get the policyInfo's ID. + */ + + /* Get the PolicyInfo objects */ + goodCert = createCert(dataDir, goodCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(goodCert, &goodPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodPolicyInfo, 0, (PKIX_PL_Object **)&goodPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId(goodPolicy, &goodID, plContext)); + + equalCert = createCert(dataDir, equalCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(equalCert, &equalPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalPolicyInfo, + 0, + (PKIX_PL_Object **)&equalPolicy, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId(equalPolicy, &equalID, plContext)); + + diffCert = createCert(dataDir, diffCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &diffPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffPolicyInfo, 0, (PKIX_PL_Object **)&diffPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId(diffPolicy, &diffID, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodID, equalID, diffID, NULL, OID, PKIX_FALSE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodID); + PKIX_TEST_DECREF_AC(equalID); + PKIX_TEST_DECREF_AC(diffID); + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffPolicy); + PKIX_TEST_DECREF_AC(goodPolicyInfo); + PKIX_TEST_DECREF_AC(equalPolicyInfo); + PKIX_TEST_DECREF_AC(diffPolicyInfo); + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(diffCert); + PKIX_TEST_RETURN(); +} + +static void +testCertPolicy_GetPolQualifiers(char *dataDir) +{ + char *goodCertName = + "UserNoticeQualifierTest15EE.crt"; + char *equalCertName = + "UserNoticeQualifierTest16EE.crt"; + char *diffCertName = + "UserNoticeQualifierTest18EE.crt"; + PKIX_Boolean isImmutable = PKIX_FALSE; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_List *goodPolicyInfo = NULL; + PKIX_List *equalPolicyInfo = NULL; + PKIX_List *diffPolicyInfo = NULL; + PKIX_PL_CertPolicyInfo *goodPolicy = NULL; + PKIX_PL_CertPolicyInfo *equalPolicy = NULL; + PKIX_PL_CertPolicyInfo *diffPolicy = NULL; + PKIX_List *goodQuals = NULL; + PKIX_List *equalQuals = NULL; + PKIX_List *diffQuals = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_CertPolicyInfo_GetPolQualifiers"); + + /* + * Get the cert, then the list of policyInfos. + * Take the first policyInfo from the list. + * Get its list of PolicyQualifiers. + */ + + /* Get the PolicyInfo objects */ + goodCert = createCert(dataDir, goodCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(goodCert, &goodPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodPolicyInfo, 0, (PKIX_PL_Object **)&goodPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(goodPolicy, &goodQuals, plContext)); + + equalCert = createCert(dataDir, equalCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(equalCert, &equalPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalPolicyInfo, + 0, + (PKIX_PL_Object **)&equalPolicy, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(equalPolicy, &equalQuals, plContext)); + + diffCert = createCert(dataDir, diffCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &diffPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffPolicyInfo, 0, (PKIX_PL_Object **)&diffPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(diffPolicy, &diffQuals, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodQuals, + equalQuals, + diffQuals, + NULL, + List, + PKIX_FALSE); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable(goodQuals, &isImmutable, plContext)); + + if (isImmutable != PKIX_TRUE) { + testError("PolicyQualifier List is not immutable"); + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(goodPolicyInfo); + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(goodQuals); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(equalPolicyInfo); + PKIX_TEST_DECREF_AC(equalQuals); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffCert); + PKIX_TEST_DECREF_AC(diffPolicyInfo); + PKIX_TEST_DECREF_AC(diffPolicy); + PKIX_TEST_DECREF_AC(diffQuals); + + PKIX_TEST_RETURN(); +} + +static void +testPolicyQualifier_GetQualifier(char *dataDir) +{ + char *goodCertName = + "UserNoticeQualifierTest15EE.crt"; + char *equalCertName = + "UserNoticeQualifierTest16EE.crt"; + char *diffCertName = + "UserNoticeQualifierTest18EE.crt"; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_List *goodPolicyInfo = NULL; + PKIX_List *equalPolicyInfo = NULL; + PKIX_List *diffPolicyInfo = NULL; + PKIX_PL_CertPolicyInfo *goodPolicy = NULL; + PKIX_PL_CertPolicyInfo *equalPolicy = NULL; + PKIX_PL_CertPolicyInfo *diffPolicy = NULL; + PKIX_List *goodQuals = NULL; + PKIX_List *equalQuals = NULL; + PKIX_List *diffQuals = NULL; + PKIX_PL_CertPolicyQualifier *goodPolQualifier = NULL; + PKIX_PL_CertPolicyQualifier *equalPolQualifier = NULL; + PKIX_PL_CertPolicyQualifier *diffPolQualifier = NULL; + PKIX_PL_ByteArray *goodArray = NULL; + PKIX_PL_ByteArray *equalArray = NULL; + PKIX_PL_ByteArray *diffArray = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_PolicyQualifier_GetQualifier"); + + /* + * Get the cert, then the list of policyInfos. + * Take the first policyInfo from the list. + * Get its list of PolicyQualifiers. + * Take the first policyQualifier from the list. + * Finally, get the policyQualifier's ByteArray. + */ + + /* Get the PolicyInfo objects */ + goodCert = createCert(dataDir, goodCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(goodCert, &goodPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodPolicyInfo, 0, (PKIX_PL_Object **)&goodPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(goodPolicy, &goodQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodQuals, + 0, + (PKIX_PL_Object **)&goodPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetQualifier(goodPolQualifier, &goodArray, plContext)); + + equalCert = createCert(dataDir, equalCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(equalCert, &equalPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalPolicyInfo, + 0, + (PKIX_PL_Object **)&equalPolicy, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(equalPolicy, &equalQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalQuals, + 0, + (PKIX_PL_Object **)&equalPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetQualifier(equalPolQualifier, &equalArray, plContext)); + + diffCert = createCert(dataDir, diffCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &diffPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffPolicyInfo, 0, (PKIX_PL_Object **)&diffPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(diffPolicy, &diffQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffQuals, + 0, + (PKIX_PL_Object **)&diffPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetQualifier(diffPolQualifier, &diffArray, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodArray, equalArray, diffArray, NULL, ByteArray, PKIX_FALSE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodArray); + PKIX_TEST_DECREF_AC(equalArray); + PKIX_TEST_DECREF_AC(diffArray); + PKIX_TEST_DECREF_AC(goodPolQualifier); + PKIX_TEST_DECREF_AC(equalPolQualifier); + PKIX_TEST_DECREF_AC(diffPolQualifier); + PKIX_TEST_DECREF_AC(goodQuals); + PKIX_TEST_DECREF_AC(equalQuals); + PKIX_TEST_DECREF_AC(diffQuals); + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffPolicy); + PKIX_TEST_DECREF_AC(goodPolicyInfo); + PKIX_TEST_DECREF_AC(equalPolicyInfo); + PKIX_TEST_DECREF_AC(diffPolicyInfo); + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(diffCert); + PKIX_TEST_RETURN(); +} + +static void +testPolicyQualifier_GetPolicyQualifierId(char *dataDir) +{ + char *goodCertName = + "UserNoticeQualifierTest15EE.crt"; + char *equalCertName = + "UserNoticeQualifierTest16EE.crt"; + char *diffCertName = + "CPSPointerQualifierTest20EE.crt"; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_Cert *equalCert = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_List *goodPolicyInfo = NULL; + PKIX_List *equalPolicyInfo = NULL; + PKIX_List *diffPolicyInfo = NULL; + PKIX_PL_CertPolicyInfo *goodPolicy = NULL; + PKIX_PL_CertPolicyInfo *equalPolicy = NULL; + PKIX_PL_CertPolicyInfo *diffPolicy = NULL; + PKIX_List *goodQuals = NULL; + PKIX_List *equalQuals = NULL; + PKIX_List *diffQuals = NULL; + PKIX_PL_CertPolicyQualifier *goodPolQualifier = NULL; + PKIX_PL_CertPolicyQualifier *equalPolQualifier = NULL; + PKIX_PL_CertPolicyQualifier *diffPolQualifier = NULL; + PKIX_PL_OID *goodID = NULL; + PKIX_PL_OID *equalID = NULL; + PKIX_PL_OID *diffID = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_PolicyQualifier_GetPolicyQualifierId"); + + /* + * Get the cert, then the list of policyInfos. + * Take the first policyInfo from the list. + * Get its list of PolicyQualifiers. + * Take the first policyQualifier from the list. + * Finally, get the policyQualifier's ID. + */ + + /* Get the PolicyQualifier objects */ + goodCert = createCert(dataDir, goodCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(goodCert, &goodPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodPolicyInfo, 0, (PKIX_PL_Object **)&goodPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(goodPolicy, &goodQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(goodQuals, + 0, + (PKIX_PL_Object **)&goodPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetPolicyQualifierId(goodPolQualifier, &goodID, plContext)); + + equalCert = createCert(dataDir, equalCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(equalCert, &equalPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalPolicyInfo, + 0, + (PKIX_PL_Object **)&equalPolicy, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(equalPolicy, &equalQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(equalQuals, + 0, + (PKIX_PL_Object **)&equalPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetPolicyQualifierId(equalPolQualifier, &equalID, plContext)); + + diffCert = createCert(dataDir, diffCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &diffPolicyInfo, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffPolicyInfo, 0, (PKIX_PL_Object **)&diffPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(diffPolicy, &diffQuals, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(diffQuals, + 0, + (PKIX_PL_Object **)&diffPolQualifier, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_PolicyQualifier_GetPolicyQualifierId(diffPolQualifier, &diffID, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodID, equalID, diffID, NULL, OID, PKIX_FALSE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodID); + PKIX_TEST_DECREF_AC(equalID); + PKIX_TEST_DECREF_AC(diffID); + PKIX_TEST_DECREF_AC(goodPolQualifier); + PKIX_TEST_DECREF_AC(equalPolQualifier); + PKIX_TEST_DECREF_AC(diffPolQualifier); + PKIX_TEST_DECREF_AC(goodQuals); + PKIX_TEST_DECREF_AC(equalQuals); + PKIX_TEST_DECREF_AC(diffQuals); + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffPolicy); + PKIX_TEST_DECREF_AC(goodPolicyInfo); + PKIX_TEST_DECREF_AC(equalPolicyInfo); + PKIX_TEST_DECREF_AC(diffPolicyInfo); + PKIX_TEST_DECREF_AC(goodCert); + PKIX_TEST_DECREF_AC(equalCert); + PKIX_TEST_DECREF_AC(diffCert); + PKIX_TEST_RETURN(); +} + +static void +testAreCertPoliciesCritical(char *dataCentralDir, char *dataDir) +{ + + char *trueCertName = "CertificatePoliciesCritical.crt"; + char *falseCertName = "UserNoticeQualifierTest15EE.crt"; + PKIX_PL_Cert *trueCert = NULL; + PKIX_PL_Cert *falseCert = NULL; + PKIX_Boolean trueVal = PKIX_FALSE; + PKIX_Boolean falseVal = PKIX_FALSE; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_Cert_AreCertPoliciesCritical - <true>"); + + trueCert = createCert(dataCentralDir, trueCertName, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_AreCertPoliciesCritical(trueCert, &trueVal, plContext)); + + if (trueVal != PKIX_TRUE) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", trueVal); + (void)printf("Expected value:\t1\n"); + goto cleanup; + } + + subTest("PKIX_PL_Cert_AreCertPoliciesCritical - <false>"); + + falseCert = createCert(dataDir, falseCertName, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_AreCertPoliciesCritical(falseCert, &falseVal, plContext)); + + if (falseVal != PKIX_FALSE) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", falseVal); + (void)printf("Expected value:\t0\n"); + goto cleanup; + } + +cleanup: + + PKIX_TEST_DECREF_AC(trueCert); + PKIX_TEST_DECREF_AC(falseCert); + + PKIX_TEST_RETURN(); +} + +static void +testCertPolicyConstraints(char *dataDir) +{ + char *requireExplicitPolicy2CertName = + "requireExplicitPolicy2CACert.crt"; + char *inhibitPolicyMapping5CertName = + "inhibitPolicyMapping5CACert.crt"; + char *inhibitAnyPolicy5CertName = + "inhibitAnyPolicy5CACert.crt"; + char *inhibitAnyPolicy0CertName = + "inhibitAnyPolicy0CACert.crt"; + PKIX_PL_Cert *requireExplicitPolicy2Cert = NULL; + PKIX_PL_Cert *inhibitPolicyMapping5Cert = NULL; + PKIX_PL_Cert *inhibitAnyPolicy5Cert = NULL; + PKIX_PL_Cert *inhibitAnyPolicy0Cert = NULL; + PKIX_Int32 skipCerts = 0; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetRequireExplicitPolicy"); + requireExplicitPolicy2Cert = createCert(dataDir, requireExplicitPolicy2CertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetRequireExplicitPolicy(requireExplicitPolicy2Cert, &skipCerts, NULL)); + PR_ASSERT(skipCerts == 2); + + subTest("PKIX_PL_Cert_GetPolicyMappingInhibited"); + inhibitPolicyMapping5Cert = createCert(dataDir, inhibitPolicyMapping5CertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyMappingInhibited(inhibitPolicyMapping5Cert, &skipCerts, NULL)); + PR_ASSERT(skipCerts == 5); + + subTest("PKIX_PL_Cert_GetInhibitAnyPolicy"); + inhibitAnyPolicy5Cert = createCert(dataDir, inhibitAnyPolicy5CertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetInhibitAnyPolicy(inhibitAnyPolicy5Cert, &skipCerts, NULL)); + PR_ASSERT(skipCerts == 5); + + inhibitAnyPolicy0Cert = createCert(dataDir, inhibitAnyPolicy0CertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetInhibitAnyPolicy(inhibitAnyPolicy0Cert, &skipCerts, NULL)); + PR_ASSERT(skipCerts == 0); + +cleanup: + + PKIX_TEST_DECREF_AC(requireExplicitPolicy2Cert); + PKIX_TEST_DECREF_AC(inhibitPolicyMapping5Cert); + PKIX_TEST_DECREF_AC(inhibitAnyPolicy5Cert); + PKIX_TEST_DECREF_AC(inhibitAnyPolicy0Cert); + + PKIX_TEST_RETURN(); +} + +static void +testCertPolicyMaps(char *dataDir) +{ + char *policyMappingsCertName = + "P1Mapping1to234CACert.crt"; + char *expectedAscii = + "2.16.840.1.101.3.2.1.48.1=>2.16.840.1.101.3.2.1.48.2"; + + PKIX_PL_Cert *policyMappingsCert = NULL; + PKIX_List *mappings = NULL; + PKIX_PL_CertPolicyMap *goodMap = NULL; + PKIX_PL_CertPolicyMap *equalMap = NULL; + PKIX_PL_CertPolicyMap *diffMap = NULL; + PKIX_PL_OID *goodOID = NULL; + PKIX_PL_OID *equalOID = NULL; + PKIX_PL_OID *diffOID = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_GetPolicyMappings"); + + policyMappingsCert = createCert(dataDir, policyMappingsCertName, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyMappings(policyMappingsCert, &mappings, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(mappings, 0, (PKIX_PL_Object **)&goodMap, NULL)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(mappings, 0, (PKIX_PL_Object **)&equalMap, NULL)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(mappings, 2, (PKIX_PL_Object **)&diffMap, NULL)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodMap, + equalMap, + diffMap, + expectedAscii, + CertPolicyMap, + PKIX_TRUE); + + subTest("PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy(goodMap, &goodOID, NULL)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyMap_GetIssuerDomainPolicy(diffMap, &equalOID, NULL)); + subTest("PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyMap_GetSubjectDomainPolicy(diffMap, &diffOID, NULL)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodOID, + equalOID, + diffOID, + "2.16.840.1.101.3.2.1.48.1", + OID, + PKIX_FALSE); + + subTest("pkix_pl_CertPolicyMap_Destroy"); + PKIX_TEST_DECREF_BC(goodMap); + PKIX_TEST_DECREF_BC(equalMap); + PKIX_TEST_DECREF_BC(diffMap); + +cleanup: + PKIX_TEST_DECREF_AC(policyMappingsCert); + PKIX_TEST_DECREF_AC(mappings); + PKIX_TEST_DECREF_AC(goodOID); + PKIX_TEST_DECREF_AC(equalOID); + PKIX_TEST_DECREF_AC(diffOID); + + PKIX_TEST_RETURN(); +} + +static void +testNameConstraints(char *dataDir) +{ + char *firstPname = "nameConstraintsDN3subCA2Cert.crt"; + char *secondPname = "nameConstraintsDN4CACert.crt"; + char *thirdPname = "nameConstraintsDN5CACert.crt"; + char *lastPname = "InvalidDNnameConstraintsTest3EE.crt"; + PKIX_PL_Cert *firstCert = NULL; + PKIX_PL_Cert *secondCert = NULL; + PKIX_PL_Cert *thirdCert = NULL; + PKIX_PL_Cert *lastCert = NULL; + PKIX_PL_CertNameConstraints *firstNC = NULL; + PKIX_PL_CertNameConstraints *secondNC = NULL; + PKIX_PL_CertNameConstraints *thirdNC = NULL; + PKIX_PL_CertNameConstraints *firstMergedNC = NULL; + PKIX_PL_CertNameConstraints *secondMergedNC = NULL; + char *firstExpectedAscii = + "[\n" + "\t\tPermitted Name: (O=Test Certificates,C=US)\n" + "\t\tExcluded Name: (OU=excludedSubtree1,O=Test Certificates," + "C=US, OU=excludedSubtree2,O=Test Certificates,C=US)\n" + "\t]\n"; + char *secondExpectedAscii = + "[\n" + "\t\tPermitted Name: (O=Test Certificates,C=US, " + "OU=permittedSubtree1,O=Test Certificates,C=US)\n" + "\t\tExcluded Name: (OU=excludedSubtree1," + "O=Test Certificates," + "C=US, OU=excludedSubtree2,O=Test Certificates,C=US, " + "OU=excludedSubtree1,OU=permittedSubtree1," + "O=Test Certificates,C=US)\n" + "\t]\n"; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_PL_CertNameConstraints"); + + firstCert = createCert(dataDir, firstPname, plContext); + secondCert = createCert(dataDir, secondPname, plContext); + thirdCert = createCert(dataDir, thirdPname, plContext); + lastCert = createCert(dataDir, lastPname, plContext); + + subTest("PKIX_PL_Cert_GetNameConstraints <total=3>"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(firstCert, &firstNC, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(secondCert, &secondNC, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(thirdCert, &thirdNC, NULL)); + + subTest("PKIX_PL_Cert_MergeNameConstraints <1st and 2nd>"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_MergeNameConstraints(firstNC, secondNC, &firstMergedNC, NULL)); + + subTest("PKIX_PL_Cert_MergeNameConstraints <1st+2nd and 3rd>"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_MergeNameConstraints(firstMergedNC, thirdNC, &secondMergedNC, NULL)); + + testToStringHelper((PKIX_PL_Object *)firstMergedNC, + firstExpectedAscii, + plContext); + + testToStringHelper((PKIX_PL_Object *)secondMergedNC, + secondExpectedAscii, + plContext); + + subTest("PKIX_PL_Cert_CheckNameConstraints <permitted>"); + + /* Subject: CN=nameConstraints DN3 subCA2,O=Test Certificates,C=US */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_CheckNameConstraints(firstCert, firstMergedNC, NULL)); + + subTest("PKIX_PL_Cert_CheckNameConstraints <OU in excluded>"); + + /* + * Subject: CN=Invalid DN nameConstraints EE Certificate Test3, + * OU=permittedSubtree1,O=Test Certificates,C=US + */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckNameConstraints(lastCert, secondMergedNC, NULL)); + + subTest("PKIX_PL_Cert_CheckNameConstraints <excluded>"); + + /* + * Subject: CN=Invalid DN nameConstraints EE Certificate Test3, + * OU=permittedSubtree1,O=Test Certificates,C=US + * SubjectAltNames: CN=Invalid DN nameConstraints EE Certificate + * Test3,OU=excludedSubtree1,O=Test Certificates,C=US + */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckNameConstraints(lastCert, firstMergedNC, NULL)); + + subTest("PKIX_PL_Cert_CheckNameConstraints <excluded>"); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Cert_CheckNameConstraints(firstCert, secondMergedNC, NULL)); + +cleanup: + + PKIX_TEST_DECREF_AC(firstCert); + PKIX_TEST_DECREF_AC(secondCert); + PKIX_TEST_DECREF_AC(thirdCert); + PKIX_TEST_DECREF_AC(lastCert); + PKIX_TEST_DECREF_AC(firstNC); + PKIX_TEST_DECREF_AC(secondNC); + PKIX_TEST_DECREF_AC(thirdNC); + PKIX_TEST_DECREF_AC(firstMergedNC); + PKIX_TEST_DECREF_AC(secondMergedNC); + + PKIX_TEST_RETURN(); +} + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + + PKIX_TEST_DECREF_BC(altNameNoneCert); + PKIX_TEST_DECREF_BC(altNameOtherCert); + PKIX_TEST_DECREF_BC(altNameOtherCert_diff); + PKIX_TEST_DECREF_BC(altNameRfc822Cert); + PKIX_TEST_DECREF_BC(altNameRfc822Cert_diff); + PKIX_TEST_DECREF_BC(altNameDnsCert); + PKIX_TEST_DECREF_BC(altNameDnsCert_diff); + PKIX_TEST_DECREF_BC(altNameX400Cert); + PKIX_TEST_DECREF_BC(altNameX400Cert_diff); + PKIX_TEST_DECREF_BC(altNameDnCert); + PKIX_TEST_DECREF_BC(altNameDnCert_diff); + PKIX_TEST_DECREF_BC(altNameEdiCert); + PKIX_TEST_DECREF_BC(altNameEdiCert_diff); + PKIX_TEST_DECREF_BC(altNameUriCert); + PKIX_TEST_DECREF_BC(altNameUriCert_diff); + PKIX_TEST_DECREF_BC(altNameIpCert); + PKIX_TEST_DECREF_BC(altNameIpCert_diff); + PKIX_TEST_DECREF_BC(altNameOidCert); + PKIX_TEST_DECREF_BC(altNameOidCert_diff); + PKIX_TEST_DECREF_BC(altNameMultipleCert); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_cert <test-purpose> <data-central-dir> <data-dir>\n\n"); +} + +int +test_cert(int argc, char *argv[]) +{ + + PKIX_PL_Cert *goodObject = NULL; + PKIX_PL_Cert *equalObject = NULL; + PKIX_PL_Cert *diffObject = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *dataCentralDir = NULL; + char *dataDir = NULL; + char *goodInput = "yassir2bcn"; + char *diffInput = "nss2alice"; + + char *expectedAscii = + "[\n" + "\tVersion: v3\n" + "\tSerialNumber: 37bc66ec\n" + "\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tSubject: OU=bcn,OU=east,O=sun,C=us\n" + "\tValidity: [From: Thu Aug 19, 1999\n" + /* "\tValidity: [From: Thu Aug 19 16:19:56 1999\n" */ + "\t To: Fri Aug 18, 2000]\n" + /* "\t To: Fri Aug 18 16:19:56 2000]\n" */ + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(0)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "\tAuthorityInfoAccess: (null)\n" + "\tSubjectInfoAccess: (null)\n" + "\tCacheFlag: 0\n" + "]\n"; + + PKIX_TEST_STD_VARS(); + + startTests("Cert"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 3 + j) { + printUsage(); + return (0); + } + + dataCentralDir = argv[2 + j]; + dataDir = argv[3 + j]; + + createCerts(dataCentralDir, + goodInput, + diffInput, + &goodObject, + &equalObject, + &diffObject); + + testToStringHelper((PKIX_PL_Object *)goodObject, expectedAscii, plContext); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + Cert, + PKIX_TRUE); + + testVerifyKeyUsage(dataCentralDir, dataDir, goodObject); + + testGetExtendedKeyUsage(dataCentralDir); + testGetKeyIdentifiers(dataCentralDir, goodObject); + + testGetVersion(goodObject); + testGetSerialNumber(goodObject, equalObject, diffObject); + + testGetSubject(goodObject, equalObject, diffObject); + testGetIssuer(goodObject, equalObject, diffObject); + + testGetSubjectAltNames(dataCentralDir); + testGetCriticalExtensionOIDs(dataCentralDir, goodObject); + + testGetSubjectPublicKey(goodObject, equalObject, diffObject); + testGetSubjectPublicKeyAlgId(goodObject); + testMakeInheritedDSAPublicKey(dataCentralDir); + + testCheckValidity(goodObject, diffObject); + + testBasicConstraints_GetCAFlag(dataCentralDir); + testBasicConstraints_GetPathLenConstraint(dataCentralDir); + testGetBasicConstraints(dataCentralDir); + + /* Basic Policy Processing */ + testGetPolicyInformation(dataDir); + testCertPolicy_GetPolicyId(dataDir); + testCertPolicy_GetPolQualifiers(dataDir); + testPolicyQualifier_GetPolicyQualifierId(dataDir); + testPolicyQualifier_GetQualifier(dataDir); + testAreCertPoliciesCritical(dataCentralDir, dataDir); + + /* Advanced Policy Processing */ + testCertPolicyConstraints(dataDir); + testCertPolicyMaps(dataDir); + + testNameConstraints(dataDir); + + testVerifySignature(dataCentralDir); + + testDestroy(goodObject, equalObject, diffObject); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Cert"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_crl.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_crl.c new file mode 100644 index 0000000000..6372c7a370 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_crl.c @@ -0,0 +1,302 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_crl.c + * + * Test CRL Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createCRLs( + char *dataDir, + char *goodInput, + char *diffInput, + PKIX_PL_CRL **goodObject, + PKIX_PL_CRL **equalObject, + PKIX_PL_CRL **diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CRL_Create <goodObject>"); + *goodObject = createCRL(dataDir, goodInput, plContext); + + subTest("PKIX_PL_CRL_Create <equalObject>"); + *equalObject = createCRL(dataDir, goodInput, plContext); + + subTest("PKIX_PL_CRL_Create <diffObject>"); + *diffObject = createCRL(dataDir, diffInput, plContext); + + PKIX_TEST_RETURN(); +} + +static void +testGetCRLEntryForSerialNumber( + PKIX_PL_CRL *goodObject) +{ + PKIX_PL_BigInt *bigInt; + PKIX_PL_String *bigIntString = NULL; + PKIX_PL_CRLEntry *crlEntry = NULL; + PKIX_PL_String *crlEntryString = NULL; + char *snAscii = "3039"; + char *expectedAscii = + "\n\t[\n" + "\tSerialNumber: 3039\n" + "\tReasonCode: 257\n" + "\tRevocationDate: Fri Jan 07, 2005\n" + /* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */ + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n\t"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CRL_GetCRLEntryForSerialNumber"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + snAscii, + PL_strlen(snAscii), + &bigIntString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create( + bigIntString, + &bigInt, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber( + goodObject, bigInt, &crlEntry, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString( + (PKIX_PL_Object *)crlEntry, + &crlEntryString, + plContext)); + + testToStringHelper((PKIX_PL_Object *)crlEntryString, + expectedAscii, plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(bigIntString); + PKIX_TEST_DECREF_AC(bigInt); + PKIX_TEST_DECREF_AC(crlEntryString); + PKIX_TEST_DECREF_AC(crlEntry); + PKIX_TEST_RETURN(); +} + +static void +testGetIssuer( + PKIX_PL_CRL *goodObject, + PKIX_PL_CRL *equalObject, + PKIX_PL_CRL *diffObject) +{ + PKIX_PL_X500Name *goodIssuer = NULL; + PKIX_PL_X500Name *equalIssuer = NULL; + PKIX_PL_X500Name *diffIssuer = NULL; + char *expectedAscii = "CN=hanfeiyu,O=sun,C=us"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CRL_GetIssuer"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_CRL_GetIssuer(goodObject, &goodIssuer, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_CRL_GetIssuer(equalObject, &equalIssuer, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_CRL_GetIssuer(diffObject, &diffIssuer, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodIssuer, + equalIssuer, + diffIssuer, + expectedAscii, + X500Name, + PKIX_TRUE); + +cleanup: + + PKIX_TEST_DECREF_AC(goodIssuer); + PKIX_TEST_DECREF_AC(equalIssuer); + PKIX_TEST_DECREF_AC(diffIssuer); + + PKIX_TEST_RETURN(); +} + +static void +testCritExtensionsAbsent(PKIX_PL_CRL *crl) +{ + PKIX_List *oidList = NULL; + PKIX_UInt32 numOids = 0; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCriticalExtensionOIDs(crl, &oidList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(oidList, &numOids, plContext)); + if (numOids != 0) { + pkixTestErrorMsg = "unexpected mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(oidList); + + PKIX_TEST_RETURN(); +} + +static void +testGetCriticalExtensionOIDs(PKIX_PL_CRL *goodObject) +{ + subTest("PKIX_PL_CRL_GetCriticalExtensionOIDs " + "<0 element>"); + testCritExtensionsAbsent(goodObject); +} + +static void +testVerifySignature(char *dataCentralDir, PKIX_PL_CRL *crl) +{ + PKIX_PL_Cert *firstCert = NULL; + PKIX_PL_Cert *secondCert = NULL; + PKIX_PL_PublicKey *firstPubKey = NULL; + PKIX_PL_PublicKey *secondPubKey = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Cert_Create <hanfeiyu2hanfeiyu>"); + firstCert = createCert(dataCentralDir, "hanfeiyu2hanfeiyu", plContext); + + subTest("PKIX_PL_Cert_Create <hy2hy-bc0>"); + secondCert = createCert(dataCentralDir, "hy2hy-bc0", plContext); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfeiyu2hanfeiyu>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(firstCert, &firstPubKey, plContext)); + + subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfei2hanfei>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(secondCert, &secondPubKey, plContext)); + + subTest("PKIX_PL_CRL_VerifySignature <positive>"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_VerifySignature(crl, firstPubKey, plContext)); + + subTest("PKIX_PL_CRL_VerifySignature <negative>"); + PKIX_TEST_EXPECT_ERROR(PKIX_PL_CRL_VerifySignature(crl, secondPubKey, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(firstCert); + PKIX_TEST_DECREF_AC(secondCert); + PKIX_TEST_DECREF_AC(firstPubKey); + PKIX_TEST_DECREF_AC(secondPubKey); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_crl <test-purpose> <data-central-dir>\n\n"); +} + +/* Functional tests for CRL public functions */ + +int +test_crl(int argc, char *argv[]) +{ + PKIX_PL_CRL *goodObject = NULL; + PKIX_PL_CRL *equalObject = NULL; + PKIX_PL_CRL *diffObject = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *dataCentralDir = NULL; + char *goodInput = "crlgood.crl"; + char *diffInput = "crldiff.crl"; + char *expectedAscii = + "[\n" + "\tVersion: v2\n" + "\tIssuer: CN=hanfeiyu,O=sun,C=us\n" + "\tUpdate: [Last: Fri Jan 07, 2005\n" + /* "\tUpdate: [Last: Fri Jan 07 15:09:10 2005\n" */ + "\t Next: Sat Jan 07, 2006]\n" + /* "\t Next: Sat Jan 07 15:09:10 2006]\n" */ + "\tSignatureAlgId: 1.2.840.10040.4.3\n" + "\tCRL Number : (null)\n" + "\n\tEntry List: (\n" + "\t[\n" + "\tSerialNumber: 010932\n" + "\tReasonCode: 260\n" + "\tRevocationDate: Fri Jan 07, 2005\n" + /* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */ + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n\t" + ", " + "\n\t[\n" + "\tSerialNumber: 3039\n" + "\tReasonCode: 257\n" + "\tRevocationDate: Fri Jan 07, 2005\n" + /* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */ + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n\t" + ")" + "\n\n" + "\tCritExtOIDs: (EMPTY)\n" + "]\n"; + /* Note XXX serialnumber and reasoncode need debug */ + + PKIX_TEST_STD_VARS(); + + startTests("CRL"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 3 + j) { + printUsage(); + return (0); + } + + dataCentralDir = argv[2 + j]; + + createCRLs(dataCentralDir, + goodInput, + diffInput, + &goodObject, + &equalObject, + &diffObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + CRL, + PKIX_TRUE); + + testGetIssuer(goodObject, equalObject, diffObject); + + testGetCriticalExtensionOIDs(goodObject); + + testGetCRLEntryForSerialNumber(goodObject); + + testVerifySignature(dataCentralDir, goodObject); + +cleanup: + + PKIX_TEST_DECREF_AC(goodObject); + PKIX_TEST_DECREF_AC(equalObject); + PKIX_TEST_DECREF_AC(diffObject); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("CRL"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_crlentry.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_crlentry.c new file mode 100644 index 0000000000..30a008b4cf --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_crlentry.c @@ -0,0 +1,208 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_crlentry.c + * + * Test CRLENTRY Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createCRLEntries( + char *dataDir, + char *crlInput, + PKIX_PL_CRL **pCrl, + PKIX_PL_CRLEntry **goodObject, + PKIX_PL_CRLEntry **equalObject, + PKIX_PL_CRLEntry **diffObject) +{ + PKIX_PL_CRL *crl = NULL; + PKIX_PL_BigInt *firstSNBigInt = NULL; + PKIX_PL_BigInt *secondSNBigInt = NULL; + PKIX_PL_String *firstSNString = NULL; + PKIX_PL_String *secondSNString = NULL; + char *firstSNAscii = "010932"; + char *secondSNAscii = "3039"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CRL_Create <crl>"); + crl = createCRL(dataDir, crlInput, plContext); + + subTest("PKIX_PL_CRL_GetCRLEntryForSerialNumber"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + firstSNAscii, + PL_strlen(firstSNAscii), + &firstSNString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create( + firstSNString, + &firstSNBigInt, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber( + crl, firstSNBigInt, goodObject, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber( + crl, firstSNBigInt, equalObject, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + secondSNAscii, + PL_strlen(secondSNAscii), + &secondSNString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create( + secondSNString, + &secondSNBigInt, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber( + crl, secondSNBigInt, diffObject, plContext)); + + *pCrl = crl; + +cleanup: + PKIX_TEST_DECREF_AC(firstSNBigInt); + PKIX_TEST_DECREF_AC(secondSNBigInt); + PKIX_TEST_DECREF_AC(firstSNString); + PKIX_TEST_DECREF_AC(secondSNString); + PKIX_TEST_RETURN(); +} + +static void +testGetReasonCode( + PKIX_PL_CRLEntry *goodObject) +{ + PKIX_Int32 reasonCode = 0; + PKIX_Int32 expectedReasonCode = 260; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CRLEntry_GetCRLEntryReasonCode"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRLEntry_GetCRLEntryReasonCode( + goodObject, &reasonCode, plContext)); + + if (reasonCode != expectedReasonCode) { + testError("unexpected value of CRL Entry Reason Code"); + (void)printf("Actual value:\t%d\n", reasonCode); + (void)printf("Expected value:\t%d\n", expectedReasonCode); + goto cleanup; + } + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testCritExtensionsAbsent(PKIX_PL_CRLEntry *crlEntry) +{ + PKIX_List *oidList = NULL; + PKIX_UInt32 numOids = 0; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRLEntry_GetCriticalExtensionOIDs(crlEntry, &oidList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(oidList, &numOids, plContext)); + if (numOids != 0) { + pkixTestErrorMsg = "unexpected mismatch"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(oidList); + + PKIX_TEST_RETURN(); +} + +static void +testGetCriticalExtensionOIDs(PKIX_PL_CRLEntry *goodObject) +{ + subTest("PKIX_PL_CRL_GetCriticalExtensionOIDs " + "<CritExtensionsAbsent>"); + testCritExtensionsAbsent(goodObject); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_crlentry <data-dir>\n\n"); +} + +/* Functional tests for CRLENTRY public functions */ + +int +test_crlentry(int argc, char *argv[]) +{ + PKIX_PL_CRL *crl = NULL; + PKIX_PL_CRLEntry *goodObject = NULL; + PKIX_PL_CRLEntry *equalObject = NULL; + PKIX_PL_CRLEntry *diffObject = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *dataDir = NULL; + char *goodInput = "crlgood.crl"; + char *expectedAscii = + "\n\t[\n" + "\tSerialNumber: 010932\n" + "\tReasonCode: 260\n" + "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" + "\tCritExtOIDs: (EMPTY)\n" + "\t]\n\t"; + + /* Note XXX serialnumber and reasoncode need debug */ + + PKIX_TEST_STD_VARS(); + + startTests("CRLEntry"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 1 + j) { + printUsage(); + return (0); + } + + dataDir = argv[1 + j]; + + createCRLEntries(dataDir, goodInput, &crl, &goodObject, &equalObject, &diffObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + NULL, /* expectedAscii, */ + CRLENTRY, + PKIX_TRUE); + + testGetReasonCode(goodObject); + + testGetCriticalExtensionOIDs(goodObject); + +cleanup: + + PKIX_TEST_DECREF_AC(crl); + PKIX_TEST_DECREF_AC(goodObject); + PKIX_TEST_DECREF_AC(equalObject); + PKIX_TEST_DECREF_AC(diffObject); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("CRLEntry"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_date.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_date.c new file mode 100644 index 0000000000..4fb3718c19 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_date.c @@ -0,0 +1,106 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_date.c + * + * Test Date Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createDates(char *goodInput, char *diffInput, + PKIX_PL_Date **goodDate, + PKIX_PL_Date **equalDate, + PKIX_PL_Date **diffDate) +{ + + subTest("PKIX_PL_Date_Create <goodDate>"); + *goodDate = createDate(goodInput, plContext); + + subTest("PKIX_PL_Date_Create <equalDate>"); + *equalDate = createDate(goodInput, plContext); + + subTest("PKIX_PL_Date_Create <diffDate>"); + *diffDate = createDate(diffInput, plContext); +} + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_Date_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDate(char *goodInput, char *diffInput) +{ + + PKIX_PL_Date *goodDate = NULL; + PKIX_PL_Date *equalDate = NULL; + PKIX_PL_Date *diffDate = NULL; + + /* + * The ASCII rep of the date will vary by platform and locale + * This particular string was generated on a SPARC running Solaris 9 + * in an English locale + */ + /* char *expectedAscii = "Mon Mar 29 08:48:47 2004"; */ + char *expectedAscii = "Mon Mar 29, 2004"; + + PKIX_TEST_STD_VARS(); + + createDates(goodInput, diffInput, + &goodDate, &equalDate, &diffDate); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodDate, equalDate, diffDate, expectedAscii, Date, PKIX_TRUE); + + testDestroy(goodDate, equalDate, diffDate); + + PKIX_TEST_RETURN(); +} + +int +test_date(int argc, char *argv[]) +{ + + char *goodInput = NULL; + char *diffInput = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Date"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + goodInput = "040329134847Z"; + diffInput = "050329135847Z"; + testDate(goodInput, diffInput); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Date"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_generalname.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_generalname.c new file mode 100644 index 0000000000..88181e3f20 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_generalname.c @@ -0,0 +1,123 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_generalname.c + * + * Test GeneralName Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createGeneralNames(PKIX_UInt32 nameType, char *goodInput, char *diffInput, + PKIX_PL_GeneralName **goodName, + PKIX_PL_GeneralName **equalName, + PKIX_PL_GeneralName **diffName) +{ + + subTest("PKIX_PL_GeneralName_Create <goodName>"); + *goodName = createGeneralName(nameType, goodInput, plContext); + + subTest("PKIX_PL_GeneralName_Create <equalName>"); + *equalName = createGeneralName(nameType, goodInput, plContext); + + subTest("PKIX_PL_GeneralName_Create <diffName>"); + *diffName = createGeneralName(nameType, diffInput, plContext); +} + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_GeneralName_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testNameType(PKIX_UInt32 nameType, char *goodInput, char *diffInput, char *expectedAscii) +{ + + PKIX_PL_GeneralName *goodName = NULL; + PKIX_PL_GeneralName *equalName = NULL; + PKIX_PL_GeneralName *diffName = NULL; + + createGeneralNames(nameType, goodInput, diffInput, + &goodName, &equalName, &diffName); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodName, + equalName, + diffName, + expectedAscii, + GeneralName, + PKIX_TRUE); + + testDestroy(goodName, equalName, diffName); +} + +int +test_generalname(int argc, char *argv[]) +{ + + char *goodInput = NULL; + char *diffInput = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("GeneralName"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + goodInput = "john@sun.com"; + diffInput = "john@labs.com"; + testNameType(PKIX_RFC822_NAME, goodInput, diffInput, goodInput); + + goodInput = "example1.com"; + diffInput = "ex2.net"; + testNameType(PKIX_DNS_NAME, goodInput, diffInput, goodInput); + + goodInput = "cn=yassir, ou=labs, o=sun, c=us"; + diffInput = "cn=alice, ou=labs, o=sun, c=us"; + testNameType(PKIX_DIRECTORY_NAME, + goodInput, + diffInput, + "CN=yassir,OU=labs,O=sun,C=us"); + + goodInput = "http://example1.com"; + diffInput = "http://ex2.net"; + testNameType(PKIX_URI_NAME, goodInput, diffInput, goodInput); + + goodInput = "1.2.840.11"; + diffInput = "1.2.840.115349"; + testNameType(PKIX_OID_NAME, goodInput, diffInput, goodInput); + + /* + * We don't support creating PKIX_EDIPARTY_NAME, + * PKIX_IP_NAME, OTHER_NAME, X400_ADDRESS from strings + */ + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("GeneralName"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_nameconstraints.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_nameconstraints.c new file mode 100644 index 0000000000..636ba3ead3 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_nameconstraints.c @@ -0,0 +1,127 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_nameconstraints.c + * + * Test CERT Name Constraints Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static char * +catDirName(char *platform, char *dir, void *plContext) +{ + char *pathName = NULL; + PKIX_UInt32 dirLen; + PKIX_UInt32 platformLen; + + PKIX_TEST_STD_VARS(); + + dirLen = PL_strlen(dir); + platformLen = PL_strlen(platform); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(platformLen + + dirLen + + 2, + (void **)&pathName, plContext)); + + PL_strcpy(pathName, platform); + PL_strcat(pathName, "/"); + PL_strcat(pathName, dir); + +cleanup: + + PKIX_TEST_RETURN(); + + return (pathName); +} + +static void +testNameConstraints(char *dataDir) +{ + char *goodPname = "nameConstraintsDN5CACert.crt"; + PKIX_PL_Cert *goodCert = NULL; + PKIX_PL_CertNameConstraints *goodNC = NULL; + char *expectedAscii = + "[\n" + "\t\tPermitted Name: (OU=permittedSubtree1," + "O=Test Certificates,C=US)\n" + "\t\tExcluded Name: (OU=excludedSubtree1," + "OU=permittedSubtree1,O=Test Certificates,C=US)\n" + "\t]\n"; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CertNameConstraints"); + + goodCert = createCert(dataDir, goodPname, plContext); + + subTest("PKIX_PL_Cert_GetNameConstraints"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(goodCert, &goodNC, plContext)); + + testToStringHelper((PKIX_PL_Object *)goodNC, expectedAscii, plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(goodNC); + PKIX_TEST_DECREF_AC(goodCert); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_nameconstraints <test-purpose>" + " <data-dir> <platform-prefix>\n\n"); +} + +/* Functional tests for CRL public functions */ + +int +test_nameconstraints(int argc, char *argv[]) +{ + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + char *platformDir = NULL; + char *dataDir = NULL; + char *combinedDir = NULL; + + /* Note XXX serialnumber and reasoncode need debug */ + + PKIX_TEST_STD_VARS(); + + startTests("NameConstraints"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 3 + j) { + printUsage(); + return (0); + } + + dataDir = argv[2 + j]; + platformDir = argv[3 + j]; + combinedDir = catDirName(platformDir, dataDir, plContext); + + testNameConstraints(combinedDir); + +cleanup: + + pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("NameConstraints"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_subjectinfoaccess.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_subjectinfoaccess.c new file mode 100644 index 0000000000..8f2ff9ec7e --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_subjectinfoaccess.c @@ -0,0 +1,121 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_subjectinfoaccess.c + * + * Test Subject InfoAccess Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +int +test_subjectinfoaccess(int argc, char *argv[]) +{ + + PKIX_PL_Cert *cert = NULL; + PKIX_PL_Cert *certDiff = NULL; + PKIX_List *aiaList = NULL; + PKIX_List *siaList = NULL; + PKIX_PL_InfoAccess *sia = NULL; + PKIX_PL_InfoAccess *siaDup = NULL; + PKIX_PL_InfoAccess *siaDiff = NULL; + PKIX_PL_GeneralName *location = NULL; + char *certPathName = NULL; + char *dirName = NULL; + PKIX_UInt32 method = 0; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 size, i; + PKIX_UInt32 j = 0; + char *expectedAscii = "[method:caRepository, " + "location:http://betty.nist.gov/pathdiscoverytestsuite/" + "p7cfiles/IssuedByTrustAnchor1.p7c]"; + + PKIX_TEST_STD_VARS(); + + startTests("SubjectInfoAccess"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 5 + j) { + printf("Usage: %s <test-purpose> <cert> <diff-cert>\n", argv[0]); + } + + dirName = argv[2 + j]; + certPathName = argv[3 + j]; + + subTest("Creating Cert with Subject Info Access"); + cert = createCert(dirName, certPathName, plContext); + + certPathName = argv[4 + j]; + + subTest("Creating Cert with Subject Info Access"); + certDiff = createCert(dirName, certPathName, plContext); + + subTest("Getting Subject Info Access"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectInfoAccess(cert, &siaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(siaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(siaList, 0, (PKIX_PL_Object **)&sia, plContext)); + + subTest("PKIX_PL_InfoAccess_GetMethod"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetMethod(sia, &method, plContext)); + if (method != PKIX_INFOACCESS_CA_REPOSITORY) { + pkixTestErrorMsg = "unexpected method of AIA"; + goto cleanup; + } + + subTest("PKIX_PL_InfoAccess_GetLocation"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation(sia, &location, plContext)); + if (!location) { + pkixTestErrorMsg = "Cannot get AIA location"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(siaList, 0, (PKIX_PL_Object **)&siaDup, plContext)); + + subTest("Getting Authority Info Access as difference comparison"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(certDiff, &aiaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&siaDiff, plContext)); + + subTest("Checking: Equal, Hash and ToString"); + PKIX_TEST_EQ_HASH_TOSTR_DUP(sia, siaDup, siaDiff, expectedAscii, InfoAccess, PKIX_FALSE); + +cleanup: + + PKIX_TEST_DECREF_AC(location); + PKIX_TEST_DECREF_AC(sia); + PKIX_TEST_DECREF_AC(siaDup); + PKIX_TEST_DECREF_AC(siaDiff); + PKIX_TEST_DECREF_AC(aiaList); + PKIX_TEST_DECREF_AC(siaList); + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(certDiff); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Subjectinfoaccess"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/pki/test_x500name.c b/security/nss/cmd/libpkix/pkix_pl/pki/test_x500name.c new file mode 100644 index 0000000000..91ff63fd0a --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/pki/test_x500name.c @@ -0,0 +1,169 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_x500name.c + * + * Test X500Name Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static PKIX_PL_X500Name * +createX500Name(char *asciiName, PKIX_Boolean expectedToPass) +{ + + PKIX_PL_X500Name *x500Name = NULL; + PKIX_PL_String *plString = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiName, 0, &plString, plContext)); + + if (expectedToPass) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create(plString, &x500Name, plContext)); + } else { + PKIX_TEST_EXPECT_ERROR(PKIX_PL_X500Name_Create(plString, &x500Name, plContext)); + } + +cleanup: + + PKIX_TEST_DECREF_AC(plString); + + PKIX_TEST_RETURN(); + + return (x500Name); +} + +static void +createX500Names(char *goodInput, char *diffInput, char *diffInputMatch, + PKIX_PL_X500Name **goodObject, + PKIX_PL_X500Name **equalObject, + PKIX_PL_X500Name **diffObject, + PKIX_PL_X500Name **diffObjectMatch) +{ + char *badAscii = "cn=yas#sir,ou=labs,o=sun,c=us"; + PKIX_PL_X500Name *badObject = NULL; + + subTest("PKIX_PL_X500Name_Create <goodObject>"); + *goodObject = createX500Name(goodInput, PKIX_TRUE); + + subTest("PKIX_PL_X500Name_Create <equalObject>"); + *equalObject = createX500Name(goodInput, PKIX_TRUE); + + subTest("PKIX_PL_X500Name_Create <diffObject>"); + *diffObject = createX500Name(diffInput, PKIX_TRUE); + + subTest("PKIX_PL_X500Name_Create <diffObjectMatch>"); + *diffObjectMatch = createX500Name(diffInputMatch, PKIX_TRUE); + + subTest("PKIX_PL_X500Name_Create <negative>"); + badObject = createX500Name(badAscii, PKIX_FALSE); +} + +static void +testMatchHelper(PKIX_PL_X500Name *goodName, PKIX_PL_X500Name *otherName, PKIX_Boolean match) +{ + PKIX_Boolean cmpResult; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Match(goodName, + otherName, + &cmpResult, + plContext)); + + if ((match && !cmpResult) || (!match && cmpResult)) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", cmpResult); + (void)printf("Expected value:\t%d\n", match); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testMatch(void *goodObject, void *diffObject, void *diffObjectMatch) +{ + subTest("PKIX_PL_X500Name_Match <match>"); + testMatchHelper((PKIX_PL_X500Name *)diffObject, + (PKIX_PL_X500Name *)diffObjectMatch, + PKIX_TRUE); + + subTest("PKIX_PL_X500Name_Match <non-match>"); + testMatchHelper((PKIX_PL_X500Name *)goodObject, + (PKIX_PL_X500Name *)diffObject, + PKIX_FALSE); +} + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject, void *diffObjectMatch) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_X500Name_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + PKIX_TEST_DECREF_BC(diffObjectMatch); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_x500name(int argc, char *argv[]) +{ + + PKIX_PL_X500Name *goodObject = NULL; + PKIX_PL_X500Name *equalObject = NULL; + PKIX_PL_X500Name *diffObject = NULL; + PKIX_PL_X500Name *diffObjectMatch = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + /* goodInput is encoded in PKIX_ESCASCII */ + char *goodInput = "cn=Strauß,ou=labs,o=sun,c=us"; + char *diffInput = "cn=steve,ou=labs,o=sun,c=us"; + char *diffInputMatch = "Cn=SteVe,Ou=lABs,o=SUn,c=uS"; + char *expectedAscii = "CN=Strauß,OU=labs,O=sun,C=us"; + + PKIX_TEST_STD_VARS(); + + startTests("X500Name"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + createX500Names(goodInput, diffInput, diffInputMatch, + &goodObject, &equalObject, &diffObject, &diffObjectMatch); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + X500Name, + PKIX_TRUE); + + testMatch(goodObject, diffObject, diffObjectMatch); + + testDestroy(goodObject, equalObject, diffObject, diffObjectMatch); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("X500Name"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/Makefile b/security/nss/cmd/libpkix/pkix_pl/system/Makefile new file mode 100644 index 0000000000..802e7729d9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk diff --git a/security/nss/cmd/libpkix/pkix_pl/system/manifest.mn b/security/nss/cmd/libpkix/pkix_pl/system/manifest.mn new file mode 100644 index 0000000000..52bb34ece0 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/manifest.mn @@ -0,0 +1,38 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = ../.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +# test_rwlock.c is taken out, need to link to libpkix internals +# +# The test is using LIBPKIX PL call directly, which violates our +# code convention. +# +CSRCS = test_bigint.c \ + test_bytearray.c \ + test_hashtable.c \ + test_mem.c \ + test_mutex.c \ + test_mutex2.c \ + test_mutex3.c \ + test_monitorlock.c \ + test_object.c \ + test_oid.c \ + stress_test.c \ + test_string.c \ + test_string2.c \ + $(NULL) + +LIBRARY_NAME = pkixtoolsys +SHARED_LIBRARY = $(NULL) + +SOURCE_LIB_DIR=$(PKIX_DEPTH)/$(OBJDIR) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/libpkix/pkix_pl/system/stress_test.c b/security/nss/cmd/libpkix/pkix_pl/system/stress_test.c new file mode 100644 index 0000000000..839dc068d1 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/stress_test.c @@ -0,0 +1,146 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * stress_test.c + * + * Creates and deletes many objects + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +int +stress_test(int argc, char *argv[]) +{ + + PKIX_UInt32 i, k, length, hashcode; + PKIX_UInt32 size = 17576; + char temp[4]; + PKIX_Boolean result; + PKIX_PL_String *strings[17576], *tempString; + PKIX_PL_String *utf16strings[17576]; + PKIX_PL_ByteArray *byteArrays[17576]; + void *dest; + PKIX_PL_HashTable *ht = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Stress Test"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + /* ---------------------------- */ + subTest("Create every three letter String"); + + for (i = 0; i < 26; i++) + for (j = 0; j < 26; j++) + for (k = 0; k < 26; k++) { + temp[0] = (char)('a' + i); + temp[1] = (char)('a' + j); + temp[2] = (char)('a' + k); + temp[3] = 0; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, temp, 3, + &strings[26 * (i * 26 + j) + k], + plContext)); + } + + /* ---------------------------- */ + subTest("Create a bytearray from each string's UTF-16 encoding"); + for (i = 0; i < size; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(strings[i], + PKIX_UTF16, + &dest, + &length, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(dest, length, &byteArrays[i], plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + } + + /* ---------------------------- */ + subTest("Create a copy string from each bytearray"); + for (i = 0; i < size; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_UTF16, *(void **)byteArrays[i], 6, + &utf16strings[i], plContext)); + } + + /* ---------------------------- */ + subTest("Compare each original string with the copy"); + for (i = 0; i < size; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)strings[i], + (PKIX_PL_Object *)utf16strings[i], + &result, + plContext)); + if (result == 0) + testError("Strings do not match"); + } + + /* ---------------------------- */ + subTest("Put each string into a Hashtable"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create(size / + 2, + 0, &ht, plContext)); + + for (i = 0; i < size; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Hashcode((PKIX_PL_Object *)strings[i], + &hashcode, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (void *)&hashcode, + (void *)strings[i], + plContext)); + } + + /* ---------------------------- */ + subTest("Compare each copy string with the hashtable entries "); + for (i = 0; i < size; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Hashcode((PKIX_PL_Object *)utf16strings[i], + &hashcode, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (void *)&hashcode, + (PKIX_PL_Object **)&tempString, + plContext)); + + if (tempString == NULL) + testError("String not found in hashtable"); + else { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)tempString, + (PKIX_PL_Object *)utf16strings[i], + &result, + plContext)); + if (result == 0) + testError("Strings do not match"); + PKIX_TEST_DECREF_BC(tempString); + } + } + +cleanup: + + /* ---------------------------- */ + subTest("Destroy All Objects"); + + PKIX_TEST_DECREF_AC(ht); + + for (i = 0; i < size; i++) { + PKIX_TEST_DECREF_AC(strings[i]); + PKIX_TEST_DECREF_AC(utf16strings[i]); + PKIX_TEST_DECREF_AC(byteArrays[i]); + } + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Stress Test"); + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_bigint.c b/security/nss/cmd/libpkix/pkix_pl/system/test_bigint.c new file mode 100644 index 0000000000..281e373790 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_bigint.c @@ -0,0 +1,189 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_bigint.c + * + * Tests BigInt Types + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createBigInt( + PKIX_PL_BigInt **bigInts, + char *bigIntAscii, + PKIX_Boolean errorHandling) +{ + PKIX_PL_String *bigIntString = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + bigIntAscii, + PL_strlen(bigIntAscii), + &bigIntString, + plContext)); + + if (errorHandling) { + PKIX_TEST_EXPECT_ERROR(PKIX_PL_BigInt_Create(bigIntString, + bigInts, + plContext)); + } else { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create(bigIntString, + bigInts, + plContext)); + } + +cleanup: + + PKIX_TEST_DECREF_AC(bigIntString); + + PKIX_TEST_RETURN(); +} + +static void +testToString( + PKIX_PL_BigInt *bigInt, + char *expAscii) +{ + PKIX_PL_String *bigIntString = NULL; + char *temp = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)bigInt, + &bigIntString, plContext)); + + temp = PKIX_String2ASCII(bigIntString, plContext); + if (temp == plContext) { + testError("PKIX_String2Ascii failed"); + goto cleanup; + } + + if (PL_strcmp(temp, expAscii) != 0) { + (void)printf("\tBigInt ToString: %s %s\n", temp, expAscii); + testError("Output string does not match source"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(bigIntString); + + PKIX_TEST_RETURN(); +} + +static void +testCompare( + PKIX_PL_BigInt *firstBigInt, + PKIX_PL_BigInt *secondBigInt, + PKIX_Int32 *cmpResult) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)firstBigInt, + (PKIX_PL_Object *)secondBigInt, + cmpResult, plContext)); +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_BigInt *bigInt) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(bigInt); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_bigint(int argc, char *argv[]) +{ + + PKIX_UInt32 size = 4, badSize = 3, i = 0; + PKIX_PL_BigInt *testBigInt[4] = { NULL }; + PKIX_Int32 cmpResult; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *bigIntValue[4] = { + "03", + "ff", + "1010101010101010101010101010101010101010", + "1010101010101010101010101010101010101010", + }; + + char *badValue[3] = { "00ff", "fff", "-ff" }; + + PKIX_TEST_STD_VARS(); + + startTests("BigInts"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + for (i = 0; i < badSize; i++) { + subTest("PKIX_PL_BigInt_Create <error_handling>"); + createBigInt(&testBigInt[i], badValue[i], PKIX_TRUE); + } + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_BigInt_Create"); + createBigInt(&testBigInt[i], bigIntValue[i], PKIX_FALSE); + } + + PKIX_TEST_EQ_HASH_TOSTR_DUP(testBigInt[2], + testBigInt[3], + testBigInt[1], + bigIntValue[2], + BigInt, + PKIX_TRUE); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_BigInt_ToString"); + testToString(testBigInt[i], bigIntValue[i]); + } + + subTest("PKIX_PL_BigInt_Compare <gt>"); + testCompare(testBigInt[2], testBigInt[1], &cmpResult); + if (cmpResult <= 0) { + testError("Invalid Result from String Compare"); + } + + subTest("PKIX_PL_BigInt_Compare <lt>"); + testCompare(testBigInt[1], testBigInt[2], &cmpResult); + if (cmpResult >= 0) { + testError("Invalid Result from String Compare"); + } + + subTest("PKIX_PL_BigInt_Compare <eq>"); + testCompare(testBigInt[2], testBigInt[3], &cmpResult); + if (cmpResult != 0) { + testError("Invalid Result from String Compare"); + } + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_BigInt_Destroy"); + testDestroy(testBigInt[i]); + } + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("BigInt"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_bytearray.c b/security/nss/cmd/libpkix/pkix_pl/system/test_bytearray.c new file mode 100644 index 0000000000..402685b59d --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_bytearray.c @@ -0,0 +1,231 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_bytearray.c + * + * Tests ByteArray types. + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createByteArray( + PKIX_PL_ByteArray **byteArray, + char *bytes, + PKIX_UInt32 length) +{ + PKIX_TEST_STD_VARS(); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create((void *)bytes, + length, + byteArray, + plContext)); +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testZeroLength(void) +{ + PKIX_PL_ByteArray *byteArray = NULL; + void *array = NULL; + PKIX_UInt32 length = 2; + + PKIX_TEST_STD_VARS(); + + createByteArray(&byteArray, NULL, 0); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetLength(byteArray, &length, plContext)); + if (length != 0) { + testError("Length should be zero"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetPointer(byteArray, &array, plContext)); + if (array) { + testError("Array should be NULL"); + } + + testToStringHelper((PKIX_PL_Object *)byteArray, "[]", plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(byteArray); + + PKIX_TEST_RETURN(); +} + +static void +testToString( + PKIX_PL_ByteArray *byteArray, + char *expAscii) +{ + PKIX_PL_String *string = NULL; + char *temp = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)byteArray, + &string, plContext)); + + temp = PKIX_String2ASCII(string, plContext); + if (temp == NULL) { + testError("PKIX_String2Ascii failed"); + goto cleanup; + } + + if (PL_strcmp(temp, expAscii) != 0) { + (void)printf("\tByteArray ToString: %s %s\n", temp, expAscii); + testError("Output string does not match source"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(string); + + PKIX_TEST_RETURN(); +} + +static void +testGetLength( + PKIX_PL_ByteArray *byteArray, + PKIX_UInt32 expLength) +{ + PKIX_UInt32 arrayLength; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetLength(byteArray, &arrayLength, plContext)); + + if (arrayLength != expLength) { + (void)printf("\tByteArray GetLength: %d %d\n", + arrayLength, expLength); + testError("Incorrect Array Length returned"); + } + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testGetPointer( + PKIX_PL_ByteArray *byteArray, + char *expBytes, + PKIX_UInt32 arrayLength) +{ + char *temp = NULL; + PKIX_UInt32 j; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetPointer(byteArray, (void **)&temp, plContext)); + + for (j = 0; j < arrayLength; j++) { + if (temp[j] != expBytes[j]) { + testError("Incorrect Byte Array Contents"); + } + } + +cleanup: + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + PKIX_TEST_RETURN(); +} + +void +testDestroy( + PKIX_PL_ByteArray *byteArray) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(byteArray); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_bytearray(int argc, char *argv[]) +{ + + PKIX_PL_ByteArray *testByteArray[4]; + + PKIX_UInt32 i, size = 4; + PKIX_UInt32 lengths[4] = { 5, 6, 1, 5 }; + char dArray0[5] = { 1, 2, 3, 4, 5 }; + unsigned char dArray1[6] = { 127, 128, 129, 254, 255, 0 }; + char dArray2[1] = { 100 }; + char dArray3[5] = { 1, 2, 3, 4, 5 }; + + char *expected[4] = { + "[001, 002, 003, 004, 005]", + "[127, 128, 129, 254, 255, 000]", + "[100]", + "[001, 002, 003, 004, 005]" + }; + + char *dummyArray[4]; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + dummyArray[0] = dArray0; + dummyArray[1] = (char *)dArray1; + dummyArray[2] = dArray2; + dummyArray[3] = dArray3; + + startTests("ByteArrays"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_ByteArray_Create <zero length>"); + testZeroLength(); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_ByteArray_Create"); + createByteArray(&testByteArray[i], dummyArray[i], lengths[i]); + } + + PKIX_TEST_EQ_HASH_TOSTR_DUP(testByteArray[0], + testByteArray[3], + testByteArray[1], + "[001, 002, 003, 004, 005]", + ByteArray, + PKIX_TRUE); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_ByteArray_ToString"); + testToString(testByteArray[i], expected[i]); + } + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_ByteArray_GetLength"); + testGetLength(testByteArray[i], lengths[i]); + } + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_ByteArray_GetPointer"); + testGetPointer(testByteArray[i], dummyArray[i], lengths[i]); + } + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_ByteArray_Destroy"); + testDestroy(testByteArray[i]); + } + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("ByteArray"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_hashtable.c b/security/nss/cmd/libpkix/pkix_pl/system/test_hashtable.c new file mode 100644 index 0000000000..663bfc9fac --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_hashtable.c @@ -0,0 +1,380 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_hashtable.c + * + * Tests Hashtables + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createHashTables( + PKIX_PL_HashTable **ht, + PKIX_PL_HashTable **ht2, + PKIX_PL_HashTable **ht3, + PKIX_PL_HashTable **ht4) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create(1, 0, ht, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create(5, 0, ht2, plContext)); + + /* at most two entries per bucket */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create(1, 2, ht4, plContext)); + + *ht3 = *ht; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)*ht3, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testAdd( + PKIX_PL_HashTable *ht, + PKIX_PL_HashTable *ht2, + PKIX_PL_String **testString, + PKIX_PL_String **testString2, + PKIX_PL_String **testString3, + PKIX_PL_OID **testOID) +{ + char *dummyString = "test string 1"; + char *dummyString2 = "test string 2"; + char *dummyString3 = "test string 3"; + char *dummyOID = "2.11.22222.33333"; + + PKIX_TEST_STD_VARS(); + + /* Make some dummy objects */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + dummyString, + PL_strlen(dummyString), + testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + dummyString2, + PL_strlen(dummyString2), + testString2, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + dummyString3, + PL_strlen(dummyString3), + testString3, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(dummyOID, testOID, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testString, + (PKIX_PL_Object *)*testString2, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht2, + (PKIX_PL_Object *)*testString, + (PKIX_PL_Object *)*testString2, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testString2, + (PKIX_PL_Object *)*testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht2, + (PKIX_PL_Object *)*testString2, + (PKIX_PL_Object *)*testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testOID, + (PKIX_PL_Object *)*testOID, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht2, + (PKIX_PL_Object *)*testOID, + (PKIX_PL_Object *)*testOID, + plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testAddFIFO( + PKIX_PL_HashTable *ht, + PKIX_PL_String **testString, + PKIX_PL_String **testString2, + PKIX_PL_String **testString3) +{ + PKIX_PL_String *targetString = NULL; + PKIX_Boolean cmpResult; + + PKIX_TEST_STD_VARS(); + + /* + * ht is created as one bucket, two entries per bucket. Since we add + * three items to the ht, we expect the first one to be deleted. + */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testString, + (PKIX_PL_Object *)*testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testString2, + (PKIX_PL_Object *)*testString2, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add(ht, + (PKIX_PL_Object *)*testString3, + (PKIX_PL_Object *)*testString3, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (PKIX_PL_Object *)*testString, + (PKIX_PL_Object **)&targetString, + plContext)); + if (targetString != NULL) { + testError("HashTable_Lookup retrieved a supposed deleted item"); + PKIX_TEST_DECREF_BC(targetString); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (PKIX_PL_Object *)*testString3, + (PKIX_PL_Object **)&targetString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetString, + (PKIX_PL_Object *)*testString3, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testLookup( + PKIX_PL_HashTable *ht, + PKIX_PL_HashTable *ht2, + PKIX_PL_String *testString, + PKIX_PL_String *testString2, + PKIX_PL_String *testString3, + PKIX_PL_OID *testOID) +{ + PKIX_PL_String *targetString = NULL; + PKIX_PL_String *targetOID = NULL; + PKIX_Boolean cmpResult; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (PKIX_PL_Object *)testString, + (PKIX_PL_Object **)&targetString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetString, + (PKIX_PL_Object *)testString2, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht2, + (PKIX_PL_Object *)testString, + (PKIX_PL_Object **)&targetString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetString, + (PKIX_PL_Object *)testString2, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht2, + (PKIX_PL_Object *)testString2, + (PKIX_PL_Object **)&targetString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetString, + (PKIX_PL_Object *)testString, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (PKIX_PL_Object *)testOID, + (PKIX_PL_Object **)&targetOID, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)targetOID, &targetString, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetOID, + (PKIX_PL_Object *)testOID, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + PKIX_TEST_DECREF_BC(targetOID); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht2, + (PKIX_PL_Object *)testOID, + (PKIX_PL_Object **)&targetOID, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)targetOID, &targetString, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals( + (PKIX_PL_Object *)targetOID, + (PKIX_PL_Object *)testOID, + &cmpResult, + plContext)); + if (cmpResult != PKIX_TRUE) { + testError("HashTable_Lookup failed"); + } + PKIX_TEST_DECREF_BC(targetString); + PKIX_TEST_DECREF_BC(targetOID); + + (void)printf("Looking up item not in HashTable.\n"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup(ht, + (PKIX_PL_Object *)testString3, + (PKIX_PL_Object **)&targetString, + plContext)); + if (targetString == NULL) + (void)printf("\tCorrectly returned NULL.\n"); + else + testError("Hashtable did not return NULL value as expected"); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testRemove( + PKIX_PL_HashTable *ht, + PKIX_PL_HashTable *ht2, + PKIX_PL_String *testString, + PKIX_PL_String *testString2, + PKIX_PL_OID *testOID) +{ + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove(ht, + (PKIX_PL_Object *)testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove(ht, + (PKIX_PL_Object *)testOID, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove(ht2, + (PKIX_PL_Object *)testString2, + plContext)); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_HashTable_Remove(ht, + (PKIX_PL_Object *)testString, + plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_HashTable *ht, + PKIX_PL_HashTable *ht2, + PKIX_PL_HashTable *ht3, + PKIX_PL_HashTable *ht4) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(ht); + PKIX_TEST_DECREF_BC(ht2); + PKIX_TEST_DECREF_BC(ht3); + PKIX_TEST_DECREF_BC(ht4); + +cleanup: + PKIX_TEST_RETURN(); +} + +int +test_hashtable(int argc, char *argv[]) +{ + + PKIX_PL_HashTable *ht, *ht2, *ht3, *ht4; + PKIX_PL_String *testString, *testString2, *testString3; + PKIX_PL_OID *testOID; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("HashTables"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_HashTable_Create"); + createHashTables(&ht, &ht2, &ht3, &ht4); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(ht, + ht3, + ht2, + NULL, + HashTable, + PKIX_FALSE); + + subTest("PKIX_PL_HashTable_Add"); + testAdd(ht, ht2, &testString, &testString2, &testString3, &testOID); + + subTest("PKIX_PL_HashTable_ADD - with Bucket Size limit"); + testAddFIFO(ht4, &testString, &testString2, &testString3); + + subTest("PKIX_PL_HashTable_Lookup"); + testLookup(ht, ht2, testString, testString2, testString3, testOID); + + subTest("PKIX_PL_HashTable_Remove"); + testRemove(ht, ht2, testString, testString2, testOID); + + PKIX_TEST_DECREF_BC(testString); + PKIX_TEST_DECREF_BC(testString2); + PKIX_TEST_DECREF_BC(testString3); + PKIX_TEST_DECREF_BC(testOID); + + subTest("PKIX_PL_HashTable_Destroy"); + testDestroy(ht, ht2, ht3, ht4); + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("BigInt"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_mem.c b/security/nss/cmd/libpkix/pkix_pl/system/test_mem.c new file mode 100644 index 0000000000..3a4e5f7135 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_mem.c @@ -0,0 +1,133 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_mem.c + * + * Tests Malloc, Realloc and Free + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +testMalloc(PKIX_UInt32 **array) +{ + PKIX_UInt32 i, arraySize = 10; + PKIX_TEST_STD_VARS(); + + /* Create an integer array of size 10 */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc( + (PKIX_UInt32)(arraySize * sizeof(unsigned int)), + (void **)array, plContext)); + + /* Fill in some values */ + (void)printf("Setting array[i] = i...\n"); + for (i = 0; i < arraySize; i++) { + (*array)[i] = i; + if ((*array)[i] != i) + testError("Array has incorrect contents"); + } + + /* Memory now reflects changes */ + (void)printf("\tArray: a[0] = %d, a[5] = %d, a[7] = %d.\n", + (*array[0]), (*array)[5], (*array)[7]); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testRealloc(PKIX_UInt32 **array) +{ + PKIX_UInt32 i, arraySize = 20; + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Realloc(*array, + (PKIX_UInt32)(arraySize * + sizeof(unsigned int)), + (void **)array, plContext)); + + /* Fill in the new elements */ + (void)printf("Setting new portion of array to a[i] = i...\n"); + for (i = arraySize / 2; i < arraySize; i++) { + (*array)[i] = i; + if ((*array)[i] != i) + testError("Array has incorrect contents"); + } + + /* New elements should be reflected. The old should be the same */ + (void)printf("\tArray: a[0] = %d, a[15] = %d, a[17] = %d.\n", + (*array)[0], (*array)[15], (*array)[17]); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testFree(PKIX_UInt32 *array) +{ + + PKIX_TEST_STD_VARS(); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(array, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +int +test_mem(int argc, char *argv[]) +{ + + unsigned int *array = NULL; + int arraySize = 10; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Memory Allocation"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_Malloc"); + testMalloc(&array); + + subTest("PKIX_PL_Realloc"); + testRealloc(&array); + + subTest("PKIX_PL_Free"); + testFree(array); + + /* --Negative Test Cases------------------- */ + /* Create an integer array of size 10 */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc( + (PKIX_UInt32)(arraySize * sizeof(unsigned int)), + (void **)&array, plContext)); + + (void)printf("Attempting to reallocate 0 sized memory...\n"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Realloc(array, 0, (void **)&array, plContext)); + + (void)printf("Attempting to allocate to null pointer...\n"); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Malloc(10, NULL, plContext)); + + (void)printf("Attempting to reallocate to null pointer...\n"); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Realloc(NULL, 10, NULL, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(array, plContext)); + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("Memory Allocation"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_monitorlock.c b/security/nss/cmd/libpkix/pkix_pl/system/test_monitorlock.c new file mode 100644 index 0000000000..21974258f9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_monitorlock.c @@ -0,0 +1,104 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_monitorlock.c + * + * Tests basic MonitorLock object functionality. No multi-threading. + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createMonitorLockes( + PKIX_PL_MonitorLock **monitorLock, + PKIX_PL_MonitorLock **monitorLock2, + PKIX_PL_MonitorLock **monitorLock3) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Create(monitorLock, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Create(monitorLock2, plContext)); + + *monitorLock3 = *monitorLock; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)*monitorLock3, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testLock(PKIX_PL_MonitorLock *monitorLock) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Enter(monitorLock, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Enter(monitorLock, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Exit(monitorLock, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Exit(monitorLock, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_MonitorLock *monitorLock, + PKIX_PL_MonitorLock *monitorLock2, + PKIX_PL_MonitorLock *monitorLock3) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(monitorLock); + PKIX_TEST_DECREF_BC(monitorLock2); + PKIX_TEST_DECREF_BC(monitorLock3); + +cleanup: + PKIX_TEST_RETURN(); +} + +int +test_monitorlock(int argc, char *argv[]) +{ + + PKIX_PL_MonitorLock *monitorLock, *monitorLock2, *monitorLock3; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("MonitorLocks"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_MonitorLock_Create"); + createMonitorLockes(&monitorLock, &monitorLock2, &monitorLock3); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(monitorLock, + monitorLock3, + monitorLock2, + NULL, + MonitorLock, + PKIX_FALSE); + + subTest("PKIX_PL_MonitorLock_Lock/Unlock"); + testLock(monitorLock); + + subTest("PKIX_PL_MonitorLock_Destroy"); + testDestroy(monitorLock, monitorLock2, monitorLock3); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("MonitorLockes"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_mutex.c b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex.c new file mode 100644 index 0000000000..bb0e7a0246 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex.c @@ -0,0 +1,102 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_mutex.c + * + * Tests basic mutex object functionality. No multi-threading. + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createMutexes( + PKIX_PL_Mutex **mutex, + PKIX_PL_Mutex **mutex2, + PKIX_PL_Mutex **mutex3) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(mutex, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(mutex2, plContext)); + + *mutex3 = *mutex; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)*mutex3, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testLock(PKIX_PL_Mutex *mutex) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Lock(mutex, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Unlock(mutex, plContext)); + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_Mutex *mutex, + PKIX_PL_Mutex *mutex2, + PKIX_PL_Mutex *mutex3) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(mutex); + PKIX_TEST_DECREF_BC(mutex2); + PKIX_TEST_DECREF_BC(mutex3); + +cleanup: + PKIX_TEST_RETURN(); +} + +int +test_mutex(int argc, char *argv[]) +{ + + PKIX_PL_Mutex *mutex, *mutex2, *mutex3; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Mutexes"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_Mutex_Create"); + createMutexes(&mutex, &mutex2, &mutex3); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(mutex, + mutex3, + mutex2, + NULL, + Mutex, + PKIX_FALSE); + + subTest("PKIX_PL_Mutex_Lock/Unlock"); + testLock(mutex); + + subTest("PKIX_PL_Mutex_Destroy"); + testDestroy(mutex, mutex2, mutex3); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Mutexes"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_mutex2.c b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex2.c new file mode 100644 index 0000000000..197eba2b44 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex2.c @@ -0,0 +1,166 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_mutex2.c + * + * Tests multi-threaded functionality of Mutex + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static int box1 = 0, box2 = 0, box3 = 0; +static PKIX_PL_Mutex *mutex; +static PRCondVar *cv; +static void *plContext = NULL; + +static void +consumer(/* ARGSUSED */ void *arg) +{ + PRStatus status = PR_SUCCESS; + PKIX_Error *errorResult; + int i = 0; + for (i = 0; i < 5; i++) { + (void)PKIX_PL_Mutex_Lock(mutex, plContext); + while (((box1 == 0) || + (box2 == 0) || + (box3 == 0)) && + (status == PR_SUCCESS)) + status = PR_WaitCondVar(cv, PR_INTERVAL_NO_TIMEOUT); + + (void)printf("\tConsumer got Box1 = %d ", box1); + box1 = 0; + (void)printf("Box2 = %d ", box2); + box2 = 0; + (void)printf("Box3 = %d\n", box3); + box3 = 0; + + status = PR_NotifyAllCondVar(cv); + if (status == PR_FAILURE) + (void)printf("Consumer error while notifying condvar\n"); + errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Unlock failed"); + } + (void)printf("Consumer exiting...\n"); +} + +static void +producer(void *arg) +{ + PRStatus status = PR_SUCCESS; + int value = *(int *)arg; + int i = 0; + int *box; + PKIX_Error *errorResult; + if (value == 10) + box = &box1; + else if (value == 20) + box = &box2; + else if (value == 30) + box = &box3; + + for (i = 0; i < 5; i++) { + (void)PKIX_PL_Mutex_Lock(mutex, plContext); + while ((*box != 0) && (status == PR_SUCCESS)) + status = PR_WaitCondVar(cv, PR_INTERVAL_NO_TIMEOUT); + + *box = i + 1; + (void)printf("\tProducer %d put value: %d\n", value, *box); + + status = PR_NotifyAllCondVar(cv); + if (status == PR_FAILURE) + (void)printf("Producer %d error while notifying condvar\n", + value); + errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Unlock failed"); + } +} + +int +test_mutex2(int argc, char *argv[]) +{ + + PRThread *consThread, *prodThread, *prodThread2, *prodThread3; + int x = 10, y = 20, z = 30; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Mutex and Threads"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + (void)printf("Attempting to create new mutex...\n"); + subTest("Mutex Creation"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(&mutex, plContext)); + + cv = PR_NewCondVar(*(PRLock **)mutex); + + subTest("Starting consumer thread"); + consThread = PR_CreateThread(PR_USER_THREAD, + consumer, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + subTest("Starting producer thread 1"); + prodThread = PR_CreateThread(PR_USER_THREAD, + producer, + &x, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + subTest("Starting producer thread 2"); + prodThread2 = PR_CreateThread(PR_USER_THREAD, + producer, + &y, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + subTest("Starting producer thread 3"); + prodThread3 = PR_CreateThread(PR_USER_THREAD, + producer, + &z, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + PR_JoinThread(consThread); + + (void)PR_DestroyCondVar(cv); + PKIX_TEST_DECREF_BC(mutex); + + /* + * Note: we should also be freeing each thread's stack, but we + * don't have access to the prodThread->stack variable (since + * it is not exported). As a result, we have 120 bytes of memory + * leakage. + */ + + PR_Free(prodThread); + PR_Free(prodThread2); + PR_Free(prodThread3); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Mutex and Threads"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_mutex3.c b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex3.c new file mode 100644 index 0000000000..9f42f629b1 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_mutex3.c @@ -0,0 +1,104 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_mutex3.c + * + * Tests multi-threaded functionality of Mutex + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static PKIX_PL_Mutex *mutex; +static void *plContext = NULL; + +static void +t1(/* ARGSUSED */ void *arg) +{ + PKIX_Error *errorResult; + + (void)printf("t1 acquiring lock...\n"); + errorResult = PKIX_PL_Mutex_Lock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Lock failed"); + + (void)printf("t1 sleeplng for 3 seconds\n"); + PR_Sleep(PR_SecondsToInterval(3)); + (void)printf("t1 releasing lock...\n"); + + errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Unlock failed"); + + (void)printf("t1 exiting...\n"); +} + +static void +t2(/* ARGSUSED */ void *arg) +{ + PKIX_Error *errorResult; + + (void)printf("t2 acquiring lock...\n"); + errorResult = PKIX_PL_Mutex_Lock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Lock failed"); + + (void)printf("t2 releasing lock...\n"); + errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext); + if (errorResult) + testError("PKIX_PL_Mutex_Unlock failed"); + + (void)printf("t2 exiting...\n"); +} + +int +test_mutex3(int argc, char *argv[]) +{ + PRThread *thread, *thread2; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Mutex and Threads"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("Mutex Creation"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(&mutex, plContext)); + + subTest("Starting thread"); + thread = PR_CreateThread(PR_USER_THREAD, + t1, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + thread2 = PR_CreateThread(PR_USER_THREAD, + t2, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + PR_JoinThread(thread2); + PR_JoinThread(thread); + +cleanup: + + PKIX_TEST_DECREF_AC(mutex); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Mutex and Threads"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_object.c b/security/nss/cmd/libpkix/pkix_pl/system/test_object.c new file mode 100644 index 0000000000..ebb691ba63 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_object.c @@ -0,0 +1,281 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_object.c + * + * Test Object Allocation, toString, Equals, Destruction + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static PKIX_Error * +destructor( + /* ARGSUSED */ PKIX_PL_Object *object, + /* ARGSUSED */ void *plContext) +{ + (void)printf("\tUser defined destructor called\n"); + return (NULL); +} + +static PKIX_Error * +toStringCallback( + PKIX_PL_Object *obj, + PKIX_PL_String **pString, + /* ARGSUSED */ void *plContext) +{ + + PKIX_Error *errorResult; + PKIX_UInt32 type; + char *format = "(addr: %x, type: %d)"; + PKIX_PL_String *formatString = NULL; + + errorResult = PKIX_PL_String_Create( + PKIX_ESCASCII, + format, + PL_strlen(format), + &formatString, + plContext); + if (errorResult) + testError("PKIX_PL_String_Create failed"); + + if (pString == plContext) + testError("Null String"); + + type = (unsigned int)0; + + (void)PKIX_PL_Object_GetType(obj, &type, plContext); + + errorResult = PKIX_PL_Sprintf(pString, plContext, + formatString, + (int)obj, type); + if (errorResult) + testError("PKIX_PL_Sprintf failed"); + + errorResult = PKIX_PL_Object_DecRef((PKIX_PL_Object *)formatString, + plContext); + if (errorResult) + testError("PKIX_PL_Object_DecRef failed"); + + return (NULL); +} + +static PKIX_Error * +comparator( + PKIX_PL_Object *first, + PKIX_PL_Object *second, + PKIX_Int32 *pValue, + /* ARGSUSED */ void *plContext) +{ + if (*(char *)first > *(char *)second) + *pValue = 1; + else if (*(char *)first < *(char *)second) + *pValue = -1; + else + *pValue = 0; + return (NULL); +} + +static PKIX_Error * +hashcodeCallback( + PKIX_PL_Object *object, + PKIX_UInt32 *pValue, + /* ARGSUSED */ void *plContext) +{ + *pValue = 123456789; + return (NULL); +} + +static PKIX_Error * +equalsCallback( + PKIX_PL_Object *first, + PKIX_PL_Object *second, + PKIX_Boolean *result, + void *plContext) +{ + + PKIX_UInt32 firstType = 0, secondType = 0; + + if ((first == plContext) || (second == plContext)) + testError("Null Object"); + + (void)PKIX_PL_Object_GetType(first, &firstType, plContext); + + (void)PKIX_PL_Object_GetType(second, &secondType, plContext); + + *result = (firstType == secondType) ? PKIX_TRUE : PKIX_FALSE; + + return (NULL); +} + +static void +createObjects( + PKIX_PL_Object **obj, + PKIX_PL_Object **obj2, + PKIX_PL_Object **obj3, + PKIX_PL_Object **obj4) +{ + PKIX_TEST_STD_VARS(); + +#ifdef PKIX_USER_OBJECT_TYPE + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_RegisterType(1000, /* type */ + "thousand", /* description */ + NULL, /* destructor */ + NULL, /* equals */ + (PKIX_PL_HashcodeCallback)hashcodeCallback, + NULL, /* toString */ + NULL, /* Comparator */ + NULL, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc(1000, /* type */ + 12, /* size */ + obj, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_RegisterType(2000, /* type */ + "two thousand" /* description */, + (PKIX_PL_DestructorCallback)destructor, + (PKIX_PL_EqualsCallback)equalsCallback, + NULL, /* hashcode */ + (PKIX_PL_ToStringCallback)toStringCallback, + (PKIX_PL_ComparatorCallback)comparator, + NULL, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc(2000, /* type */ + 1, /* size */ + obj2, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc(2000, /* type */ + 1, /* size */ + obj4, + plContext)); + + *obj3 = *obj; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef(*obj3, plContext)); + +cleanup: +#endif /* PKIX_USER_OBJECT_TYPE */ + PKIX_TEST_RETURN(); +} + +static void +testGetType( + PKIX_PL_Object *obj, + PKIX_PL_Object *obj2, + PKIX_PL_Object *obj3) +{ + PKIX_UInt32 testType; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_GetType(obj, &testType, plContext)); + + if (testType != 1000) + testError("Object 1 returned the wrong type"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_GetType(obj2, &testType, plContext)); + if (testType != 2000) + testError("Object 2 returned the wrong type"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_GetType(obj3, &testType, plContext)); + if (testType != 1000) + testError("Object 3 returned the wrong type"); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testCompare( + PKIX_PL_Object *obj2, + PKIX_PL_Object *obj4) +{ + PKIX_Int32 cmpResult; + PKIX_TEST_STD_VARS(); + + *(char *)obj2 = 0x20; + *(char *)obj4 = 0x10; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare(obj2, obj4, &cmpResult, plContext)); + if (cmpResult <= 0) + testError("Invalid Result from Object Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare(obj4, obj2, &cmpResult, plContext)); + if (cmpResult >= 0) + testError("Invalid Result from Object Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare(obj4, obj4, &cmpResult, plContext)); + + *(char *)obj2 = 0x10; + if (cmpResult != 0) + testError("Invalid Result from Object Compare"); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_Object *obj, + PKIX_PL_Object *obj2, + PKIX_PL_Object *obj3, + PKIX_PL_Object *obj4) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(obj); + PKIX_TEST_DECREF_BC(obj2); + PKIX_TEST_DECREF_BC(obj3); + PKIX_TEST_DECREF_BC(obj4); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_object(int argc, char *argv[]) +{ + +#ifdef PKIX_USER_OBJECT_TYPE + PKIX_PL_Object *obj, *obj2, *obj3, *obj4; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Objects"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_Object_Create"); + createObjects(&obj, &obj2, &obj3, &obj4); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(obj, obj3, obj2, NULL, Object, PKIX_FALSE); + + subTest("PKIX_PL_Object_GetType"); + testGetType(obj, obj2, obj3); + + subTest("PKIX_PL_Object_Compare"); + testCompare(obj2, obj4); + + subTest("PKIX_PL_Object_Destroy"); + testDestroy(obj, obj2, obj3, obj4); + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("Objects"); +#endif /* PKIX_USER_OBJECT_TYPE */ + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_oid.c b/security/nss/cmd/libpkix/pkix_pl/system/test_oid.c new file mode 100644 index 0000000000..09cddaeea9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_oid.c @@ -0,0 +1,212 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_oid.c + * + * Test OID Types + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createOID( + PKIX_PL_OID **testOID, + char *oidAscii, + PKIX_Boolean errorHandling) +{ + PKIX_TEST_STD_VARS(); + + if (errorHandling) { + PKIX_TEST_EXPECT_ERROR(PKIX_PL_OID_Create(oidAscii, testOID, plContext)); + } else { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(oidAscii, testOID, plContext)); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testToString( + PKIX_PL_OID *oid, + char *expAscii) +{ + PKIX_PL_String *oidString = NULL; + char *temp = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)oid, + &oidString, plContext)); + + temp = PKIX_String2ASCII(oidString, plContext); + if (temp == NULL) { + testError("PKIX_String2Ascii failed"); + goto cleanup; + } + + if (PL_strcmp(temp, expAscii) != 0) { + (void)printf("\tOid ToString: %s %s\n", temp, expAscii); + testError("Output string does not match source"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(oidString); + + PKIX_TEST_RETURN(); +} + +static void +testCompare( + PKIX_PL_OID *oid0, + PKIX_PL_OID *oid1, + PKIX_PL_OID *oid2, + PKIX_PL_OID *oid3) +{ + PKIX_Int32 cmpResult; + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)oid0, + (PKIX_PL_Object *)oid1, + &cmpResult, plContext)); + if (cmpResult <= 0) + testError("Invalid Result from OID Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)oid1, + (PKIX_PL_Object *)oid0, + &cmpResult, plContext)); + if (cmpResult >= 0) + testError("Invalid Result from OID Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)oid1, + (PKIX_PL_Object *)oid2, + &cmpResult, plContext)); + if (cmpResult >= 0) + testError("Invalid Result from OID Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)oid2, + (PKIX_PL_Object *)oid1, + &cmpResult, plContext)); + if (cmpResult <= 0) + testError("Invalid Result from OID Compare"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object *)oid1, + (PKIX_PL_Object *)oid3, + &cmpResult, plContext)); + if (cmpResult != 0) + testError("Invalid Result from OID Compare"); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_OID *oid) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(oid); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_oid(int argc, char *argv[]) +{ + + PKIX_PL_OID *testOID[6] = { NULL }; + PKIX_PL_OID *badTestOID = NULL; + PKIX_UInt32 i, size = 6; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *validOID[6] = { + "2.11.22222.33333", + "1.2.3.004.5.6.7", + "2.11.22222.33333", + "1.2.3.4.5.6.7", + "1.2.3", + "2.39.3" + }; + + char *expected[6] = { + "2.11.22222.33333", + "1.2.3.4.5.6.7", + "2.11.22222.33333", + "1.2.3.4.5.6.7", + "1.2.3", + "2.39.3" + }; + + char *badOID[11] = { + "1.2.4294967299", + "this. is. a. bad. oid", + "00a1000.002b", + "100.-5.10", + "1.2..3", + ".1.2.3", + "1.2.3.", + "00010.1.2.3", + "1.000041.2.3", + "000000000000000000000000000000000000000010.3.2", + "1" + }; + + PKIX_TEST_STD_VARS(); + + startTests("OIDs"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_OID_Create"); + createOID(&testOID[i], validOID[i], PKIX_FALSE); + } + + PKIX_TEST_EQ_HASH_TOSTR_DUP(testOID[0], + testOID[2], + testOID[1], + NULL, + OID, + PKIX_FALSE); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_OID_ToString"); + testToString(testOID[i], expected[i]); + } + + subTest("PKIX_PL_OID_Compare"); + testCompare(testOID[0], testOID[1], testOID[2], testOID[3]); + + for (i = 0; i < size; i++) { + subTest("PKIX_PL_OID_Destroy"); + testDestroy(testOID[i]); + } + + for (i = 0; i < 11; i++) { + subTest("PKIX_PL_OID Error Handling"); + createOID(&badTestOID, badOID[i], PKIX_TRUE); + } + +cleanup: + + PKIX_Shutdown(plContext); + + endTests("OIDs"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_rwlock.c b/security/nss/cmd/libpkix/pkix_pl/system/test_rwlock.c new file mode 100644 index 0000000000..9c09d6479e --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_rwlock.c @@ -0,0 +1,204 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_rwlock.c + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static PKIX_PL_RWLock *rwlock = NULL, *rwlock2 = NULL, *rwlock3 = NULL; +static PRThread *thread = NULL, *thread2 = NULL, *thread3 = NULL; +static void *plContext = NULL; + +static void +reader(void) +{ + PKIX_Error *errorResult; + + errorResult = PKIX_PL_AcquireReaderLock(rwlock, NULL); + if (errorResult) + testError("PKIX_PL_AcquireReaderLock failed"); + + (void)printf("\t[Thread #1 Read Lock #1.]\n"); + (void)printf("\t[Thread #1 Sleeplng for 1 seconds.]\n"); + PR_Sleep(PR_SecondsToInterval(1)); + PKIX_PL_ReleaseReaderLock(rwlock, NULL); + if (errorResult) + testError("PKIX_PL_ReleaseReaderLock failed"); + (void)printf("\t[Thread #1 Read UNLock #1.]\n"); +} + +static void +writer(void) +{ + PKIX_Error *errorResult; + /* This thread should stick here until lock 1 is released */ + PKIX_PL_AcquireWriterLock(rwlock, NULL); + if (errorResult) + testError("PKIX_PL_AcquireWriterLock failed"); + + (void)printf("\t[Thread #2 Write Lock #1.]\n"); + + PKIX_PL_AcquireWriterLock(rwlock2, NULL); + if (errorResult) + testError("PKIX_PL_AcquireWriterLock failed"); + (void)printf("\t[Thread #2 Write Lock #2.]\n"); + + (void)printf("\t[Thread #2 Sleeplng for 1 seconds.]\n"); + PR_Sleep(PR_SecondsToInterval(1)); + + PKIX_PL_ReleaseWriterLock(rwlock2, NULL); + if (errorResult) + testError("PKIX_PL_ReleaseWriterLock failed"); + (void)printf("\t[Thread #2 Write UNLock #2.]\n"); + + (void)printf("\t[Thread #2 Sleeplng for 1 seconds.]\n"); + PR_Sleep(PR_SecondsToInterval(1)); + + PKIX_PL_ReleaseWriterLock(rwlock, NULL); + if (errorResult) + testError("PKIX_PL_ReleaseWriterLock failed"); + (void)printf("\t[Thread #2 Write UNLock #1.]\n"); + + PR_JoinThread(thread3); +} + +static void +reader2(void) +{ + PKIX_Error *errorResult; + /* Reader 2 should yield here until the writer is done */ + + PKIX_PL_AcquireReaderLock(rwlock2, NULL); + if (errorResult) + testError("PKIX_PL_AcquireReaderLock failed"); + + (void)printf("\t[Thread #3 Read Lock #2.]\n"); + + PKIX_PL_AcquireReaderLock(rwlock3, NULL); + if (errorResult) + testError("PKIX_PL_AcquireReaderLock failed"); + (void)printf("\t[Thread #3 Read Lock #3.]\n"); + + (void)printf("\t[Thread #3 Sleeplng for 1 seconds.]\n"); + PR_Sleep(PR_SecondsToInterval(1)); + + PKIX_PL_ReleaseReaderLock(rwlock3, NULL); + if (errorResult) + testError("PKIX_PL_ReleaseReaderLock failed"); + (void)printf("\t[Thread #3 Read UNLock #3.]\n"); + + (void)printf("\t[Thread #3 Sleeplng for 1 seconds.]\n"); + PR_Sleep(PR_SecondsToInterval(1)); + + PKIX_PL_ReleaseReaderLock(rwlock2, NULL); + if (errorResult) + testError("PKIX_PL_ReleaseReaderLock failed"); + (void)printf("\t[Thread #3 Read UNLock #2.]\n"); +} + +int +test_rwlock() +{ + PKIX_PL_String *outputString = NULL; + PKIX_UInt32 j = 0; + PKIX_Boolean bool; + PKIX_UInt32 actualMinorVersion; + + PKIX_TEST_STD_VARS(); + startTests("RWLocks"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + (void)printf("Attempting to create new rwlock...\n"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock2, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock3, plContext)); + + /* Test toString functionality */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)rwlock, &outputString, plContext)); + + (void)printf("Testing RWLock toString: %s\n", + PKIX_String2ASCII(outputString)); + + PKIX_TEST_DECREF_BC(outputString); + + /* Call Equals on two different objects */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)rwlock, + (PKIX_PL_Object *)rwlock2, + &bool, + plContext)); + + (void)printf("Testing RWLock Equals: %d (should be 0)\n", bool); + + if (bool != 0) + testError("Error in RWLock_Equals"); + + /* Call Equals on two equal objects */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)rwlock, + (PKIX_PL_Object *)rwlock, &bool, plContext)); + + (void)printf("Testing RWLock Equals: %d (should be 1)\n", bool); + if (bool != 1) + testError("Error in RWLock_Equals"); + + subTest("Multi-Thread Read/Write Lock Testing"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_AcquireReaderLock(rwlock, plContext)); + (void)printf("\t[Main Thread Read Lock #1.]\n"); + + thread = PR_CreateThread(PR_USER_THREAD, + reader, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + thread2 = PR_CreateThread(PR_USER_THREAD, + writer, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + thread3 = PR_CreateThread(PR_USER_THREAD, + reader2, + NULL, + PR_PRIORITY_NORMAL, + PR_LOCAL_THREAD, + PR_JOINABLE_THREAD, + 0); + + PR_JoinThread(thread); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ReleaseReaderLock(rwlock, plContext)); + (void)printf("\t[Main Thread Read Unlock #1.]\n"); + + PR_JoinThread(thread2); + +cleanup: + + /* Test destructor */ + subTest("Testing destructor..."); + PKIX_TEST_DECREF_AC(rwlock); + PKIX_TEST_DECREF_AC(rwlock2); + PKIX_TEST_DECREF_AC(rwlock3); + + pkixTestTempResult = PKIX_Shutdown(plContext); + if (pkixTestTempResult) + pkixTestErrorResult = pkixTestTempResult; + + PKIX_TEST_RETURN(); + + endTests("RWLocks"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_string.c b/security/nss/cmd/libpkix/pkix_pl/system/test_string.c new file mode 100644 index 0000000000..9b84f94d9c --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_string.c @@ -0,0 +1,434 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_string.c + * + * Tests Strings. + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createString( + PKIX_PL_String **testString, + PKIX_UInt32 format, + char *stringAscii, + PKIX_UInt32 length) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(format, stringAscii, length, testString, plContext)); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +createStringOther( + PKIX_PL_String **testEscAscii, + PKIX_PL_String **testUtf16, + PKIX_PL_String **ampString, + PKIX_PL_String **testDebugAscii, + PKIX_PL_String **testNullString, + PKIX_UInt32 *utf16data) +{ + char *nullText = "Hi� there!"; + + char *escAsciiString = + "¡𐀀࿿􀀁"; + + char *debugAsciiString = + "string with
newlines and	tabs"; + + char *utfAmp = "\x00&"; + + PKIX_TEST_STD_VARS(); + + createString(testEscAscii, + PKIX_ESCASCII, + escAsciiString, + PL_strlen(escAsciiString)); + + createString(testUtf16, PKIX_UTF16, (char *)utf16data, 12); + + createString(ampString, PKIX_UTF16, utfAmp, 2); + + createString(testDebugAscii, + PKIX_ESCASCII_DEBUG, + debugAsciiString, + PL_strlen(debugAsciiString)); + + createString(testNullString, + PKIX_ESCASCII_DEBUG, + nullText, + PL_strlen(nullText)); + + goto cleanup; + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testGetEncoded( + PKIX_PL_String *testEscAscii, + PKIX_PL_String *testString0, + PKIX_PL_String *testDebugAscii, + PKIX_PL_String *testNullString, + PKIX_UInt32 *utf16data) +{ + char *temp = NULL; + void *dest = NULL; + void *dest2 = NULL; + char *plainText = "string with\nnewlines and\ttabs"; + PKIX_UInt32 length, length2, i; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testEscAscii, + PKIX_UTF16, + &dest, + &length, + plContext)); + for (i = 0; i < length; i++) { + if (((char *)dest)[i] != ((char *)utf16data)[i]) { + testError("UTF-16 Data Differs from Source"); + printf("%d-th char is different -%c-%c-\n", i, + ((char *)dest)[i], ((char *)utf16data)[i]); + } + } + + length = 0; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testNullString, + PKIX_UTF16, + &dest, + &length, + plContext)); + + length = 0; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testString0, + PKIX_ESCASCII_DEBUG, + &dest, + &length, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testDebugAscii, + PKIX_ESCASCII_DEBUG, + &dest2, + &length2, + plContext)); + + for (i = 0; (i < length) && (i < length2); i++) + if (((char *)dest)[i] != ((char *)dest2)[i]) { + testError("Equivalent strings are unequal"); + break; + } + + length = 0; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + length2 = 0; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest2, plContext)); + + temp = PKIX_String2ASCII(testDebugAscii, plContext); + if (temp) { + if (PL_strcmp(plainText, temp) != 0) + testError("Debugged ASCII does not match " + "equivalent EscAscii"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testSprintf(void) +{ + PKIX_Int32 x = 0xCAFE; + PKIX_Int32 y = -12345; + PKIX_PL_String *testString = NULL; + PKIX_PL_String *formatString = NULL; + PKIX_PL_String *sprintfString = NULL; + char *plainText = "Testing Sprintf"; + char *format = "%s %x %u %d"; + char *convertedFormat = "%s %lx %lu %ld"; + char *temp = NULL; + char *temp2 = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + plainText, + PL_strlen(plainText), + &testString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + format, + 11, + &formatString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Sprintf(&sprintfString, + plContext, + formatString, + testString, x, y, y)); + PKIX_TEST_DECREF_BC(testString); + + temp = PR_smprintf(convertedFormat, plainText, x, y, y); + temp2 = PKIX_String2ASCII(sprintfString, plContext); + + if (PL_strcmp(temp, temp2) != 0) + testError("Sprintf produced incorrect output"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp2, plContext)); + + PKIX_TEST_DECREF_BC(sprintfString); + + PKIX_TEST_DECREF_BC(formatString); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testErrorHandling(void) +{ + char *debugAsciiString = + "string with
newlines and	tabs"; + + PKIX_PL_String *testString = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + NULL, + 50, + &testString, + plContext)); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + "blah", 4, NULL, plContext)); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_Sprintf(&testString, plContext, NULL)); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_GetString(0, NULL, &testString, plContext)); + + PKIX_TEST_EXPECT_ERROR(PKIX_PL_GetString(0, "blah", 0, plContext)); + + /* ---------------------------- */ + subTest("Unicode Error Handling"); + + /* &#x must be followed by 4 hexadecimal digits */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "k;", + 7, + &testString, + plContext)); + + /* &#x must be followed by 4 hexadecimal digits */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "abc�", + 8, + &testString, + plContext)); + + /* &#x must be between 00010000-0010FFFF */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "�", + 11, + &testString, + plContext)); + + /* &#x must be followed by 8 hexadecimal digits */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "က", + 10, + &testString, + plContext)); + + /* &#x must be followed by 8 hexadecimal digits */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "m00;", + 10, + &testString, + plContext)); + + /* Byte values D800-DFFF are reserved */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "�", + 7, + &testString, + plContext)); + + /* Can't use &#x for regular characters */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "2", + 7, + &testString, + plContext)); + + /* Can't use non-printable characters */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "\xA1", + 1, + &testString, + plContext)); + + /* Only legal \\ characters are \\, u and U */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + "&blah", + 5, + &testString, + plContext)); + + /* Surrogate pairs must be legal */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_UTF16, + "\xd8\x00\x0\x66", + 4, + &testString, + plContext)); + + /* Debugged EscASCII should not be accepted as EscASCII */ + PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + debugAsciiString, + PL_strlen(debugAsciiString), + &testString, + plContext)); +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_String *string) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(string); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_string(int argc, char *argv[]) +{ + + PKIX_PL_String *testString[6] = { NULL }; + PKIX_PL_String *testNullString = NULL; + PKIX_PL_String *testDebugAscii = NULL; + PKIX_PL_String *testEscAscii = NULL; + PKIX_PL_String *testUtf16 = NULL; + PKIX_PL_String *ampString = NULL; + unsigned char utf16Data[] = { 0x00, 0xA1, 0xD8, 0x00, + 0xDC, 0x00, 0x0F, 0xFF, + 0xDB, 0xC0, 0xDC, 0x01 }; + PKIX_UInt32 i, size = 6; + + char *plainText[6] = { + "string with\nnewlines and\ttabs", + "Not an escaped char: &#x0012;", + "Encode & with &amp; in ASCII", + "¡", + "&", + "string with\nnewlines and\ttabs" + }; + + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Strings"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_String_Create <ascii format>"); + for (i = 0; i < size; i++) { + testString[i] = NULL; + createString(&testString[i], + PKIX_ESCASCII, + plainText[i], + PL_strlen(plainText[i])); + } + + subTest("PKIX_PL_String_Create <other formats>"); + createStringOther(&testEscAscii, + &testUtf16, + &String, + &testDebugAscii, + &testNullString, + (PKIX_UInt32 *)utf16Data); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(testString[0], + testString[5], + testString[1], + plainText[0], + String, + PKIX_TRUE); + + subTest("PKIX_PL_String_GetEncoded"); + testGetEncoded(testEscAscii, + testString[0], + testDebugAscii, + testNullString, + (PKIX_UInt32 *)utf16Data); + + subTest("PKIX_PL_Sprintf"); + testSprintf(); + + subTest("PKIX_PL_String_Create <error_handling>"); + testErrorHandling(); + + subTest("PKIX_PL_String_Destroy"); + for (i = 0; i < size; i++) { + testDestroy(testString[i]); + } + testDestroy(testEscAscii); + testDestroy(testUtf16); + testDestroy(ampString); + testDestroy(testDebugAscii); + testDestroy(testNullString); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("String"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/system/test_string2.c b/security/nss/cmd/libpkix/pkix_pl/system/test_string2.c new file mode 100644 index 0000000000..c76d1e9ac8 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/system/test_string2.c @@ -0,0 +1,337 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_string2.c + * + * Tests International Strings + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createString( + PKIX_PL_String **vivaEspanaString, + PKIX_PL_String **straussString, + PKIX_PL_String **gorbachevString, + PKIX_PL_String **testUTF16String, + PKIX_PL_String **chineseString, + PKIX_PL_String **jeanRenoString) +{ + /* this is meant to fail - it highlights bug 0002 */ + unsigned char utf16String[4] = { 0xF8, 0x60, + 0xFC, 0x60 }; + + unsigned char chinese[16] = { 0xe7, 0xab, 0xa0, + 0xe5, 0xad, 0x90, + 0xe6, 0x80, 0xa1, + 0x20, + 0xe4, 0xb8, 0xad, + 0xe5, 0x9b, 0xbd }; + + char *jeanReno = "Jean R\303\251no is an actor."; + char *gorbachev = /* This is the name "Gorbachev" in cyrllic */ + "\xd0\x93\xd0\xbe\xd1\x80\xd0\xb1\xd0\xb0\xd1\x87\xd1\x91\xd0\xb2"; + + char *vivaEspana = + "¡Viva España!"; + + char *strauss = + "Strauß was born in Österreich"; + + PKIX_TEST_STD_VARS(); + + /* ---------------------------- */ + subTest("String Creation"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + vivaEspana, + PL_strlen(vivaEspana), + vivaEspanaString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_ESCASCII, + strauss, + PL_strlen(strauss), + straussString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_UTF8, + gorbachev, + PL_strlen(gorbachev), + gorbachevString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_UTF16, + utf16String, + 4, + testUTF16String, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_UTF8, + chinese, + 16, + chineseString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create( + PKIX_UTF8, + jeanReno, + PL_strlen(jeanReno), + jeanRenoString, + plContext)); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testGetEncoded(PKIX_PL_String *string, PKIX_UInt32 format) +{ + void *dest = NULL; + PKIX_UInt32 length; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(string, + format, + &dest, + &length, + plContext)); + + if (dest) { + (void)printf("\tResult: %s\n", (char *)dest); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + } + +cleanup: + PKIX_TEST_RETURN(); +} + +static void +testHTMLOutput( + PKIX_PL_String *vivaEspanaString, + PKIX_PL_String *straussString, + PKIX_PL_String *gorbachevString, + PKIX_PL_String *testUTF16String, + PKIX_PL_String *chineseString, + PKIX_PL_String *jeanRenoString) +{ + void *dest = NULL; + PKIX_UInt32 length; + + FILE *htmlFile = NULL; + + PKIX_TEST_STD_VARS(); + + /* Opening a file for output */ + htmlFile = fopen("utf8.html", "w"); + + if (htmlFile != plContext) { + (void)fprintf(htmlFile, "<html><head>\n"); + (void)fprintf(htmlFile, "<meta http-equiv=\"Content-Type\""); + (void)fprintf(htmlFile, + "content = \"text/html; charset = UTF-8\">\n"); + (void)fprintf(htmlFile, "</head><body>\n"); + (void)fprintf(htmlFile, "<font size =\"+2\">\n"); + } else + (void)printf("Could not open HTML file\n"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testUTF16String, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(chineseString, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(jeanRenoString, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(vivaEspanaString, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(straussString, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(straussString, + PKIX_UTF8, + &dest, + &length, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(gorbachevString, + PKIX_UTF8, + &dest, + &length, + plContext)); + if (htmlFile != plContext) { + (void)printf("%d bytes written to HTML file\n", + fwrite(dest, length, 1, htmlFile)); + (void)fprintf(htmlFile, "<BR>\n"); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext)); + dest = NULL; + length = 0; + + if (htmlFile != plContext) { + (void)fprintf(htmlFile, "</font>\n"); + (void)fprintf(htmlFile, "</body></html>\n"); + (void)fclose(htmlFile); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testDestroy( + PKIX_PL_String *string) +{ + PKIX_TEST_STD_VARS(); + + PKIX_TEST_DECREF_BC(string); + +cleanup: + + PKIX_TEST_RETURN(); +} + +int +test_string2(int argc, char *argv[]) +{ + + PKIX_PL_String *vivaEspanaString, *straussString, *testUTF16String; + PKIX_PL_String *chineseString, *jeanRenoString, *gorbachevString; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + PKIX_TEST_STD_VARS(); + + startTests("Unicode Strings"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + subTest("PKIX_PL_String_Create"); + createString(&vivaEspanaString, + &straussString, + &gorbachevString, + &testUTF16String, + &chineseString, + &jeanRenoString); + + subTest("Converting UTF-16 to EscASCII"); + testGetEncoded(testUTF16String, PKIX_ESCASCII); + + subTest("Converting UTF-8 to EscASCII"); + testGetEncoded(chineseString, PKIX_ESCASCII); + + subTest("Converting UTF-8 to EscASCII"); + testGetEncoded(jeanRenoString, PKIX_ESCASCII); + + subTest("Converting EscASCII to UTF-16"); + testGetEncoded(vivaEspanaString, PKIX_UTF16); + + subTest("Converting UTF-8 to UTF-16"); + testGetEncoded(chineseString, PKIX_UTF16); + + subTest("Creating HTML Output File \'utf8.html\'"); + testHTMLOutput(vivaEspanaString, + straussString, + gorbachevString, + testUTF16String, + chineseString, + jeanRenoString); + + subTest("Unicode Destructors"); + testDestroy(testUTF16String); + testDestroy(chineseString); + testDestroy(jeanRenoString); + testDestroy(vivaEspanaString); + testDestroy(straussString); + testDestroy(gorbachevString); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("Unicode Strings"); + + return (0); +} |