diff options
Diffstat (limited to 'security/nss/cmd/libpkix/pkix/params/test_trustanchor.c')
-rw-r--r-- | security/nss/cmd/libpkix/pkix/params/test_trustanchor.c | 251 |
1 files changed, 251 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/pkix/params/test_trustanchor.c b/security/nss/cmd/libpkix/pkix/params/test_trustanchor.c new file mode 100644 index 0000000000..4bd9d174ce --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/params/test_trustanchor.c @@ -0,0 +1,251 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_trustanchor.c + * + * Test TrustAnchor Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +createTrustAnchors( + char *dirName, + char *goodInput, + PKIX_TrustAnchor **goodObject, + PKIX_TrustAnchor **equalObject, + PKIX_TrustAnchor **diffObject) +{ + subTest("PKIX_TrustAnchor_CreateWithNameKeyPair <goodObject>"); + *goodObject = createTrustAnchor(dirName, goodInput, PKIX_FALSE, plContext); + + subTest("PKIX_TrustAnchor_CreateWithNameKeyPair <equalObject>"); + *equalObject = createTrustAnchor(dirName, goodInput, PKIX_FALSE, plContext); + + subTest("PKIX_TrustAnchor_CreateWithCert <diffObject>"); + *diffObject = createTrustAnchor(dirName, goodInput, PKIX_TRUE, plContext); +} + +static void +testGetCAName( + PKIX_PL_Cert *diffCert, + PKIX_TrustAnchor *equalObject) +{ + + PKIX_PL_X500Name *diffCAName = NULL; + PKIX_PL_X500Name *equalCAName = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_TrustAnchor_GetCAName"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(diffCert, &diffCAName, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetCAName(equalObject, &equalCAName, plContext)); + + testEqualsHelper((PKIX_PL_Object *)diffCAName, + (PKIX_PL_Object *)equalCAName, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(diffCAName); + PKIX_TEST_DECREF_AC(equalCAName); + + PKIX_TEST_RETURN(); +} + +static void +testGetCAPublicKey( + PKIX_PL_Cert *diffCert, + PKIX_TrustAnchor *equalObject) +{ + + PKIX_PL_PublicKey *diffPubKey = NULL; + PKIX_PL_PublicKey *equalPubKey = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_TrustAnchor_GetCAPublicKey"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(diffCert, &diffPubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetCAPublicKey(equalObject, &equalPubKey, plContext)); + + testEqualsHelper((PKIX_PL_Object *)diffPubKey, + (PKIX_PL_Object *)equalPubKey, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(diffPubKey); + PKIX_TEST_DECREF_AC(equalPubKey); + + PKIX_TEST_RETURN(); +} + +static void +testGetNameConstraints(char *dirName) +{ + PKIX_TrustAnchor *goodObject = NULL; + PKIX_TrustAnchor *equalObject = NULL; + PKIX_TrustAnchor *diffObject = NULL; + PKIX_PL_Cert *diffCert; + PKIX_PL_CertNameConstraints *diffNC = NULL; + PKIX_PL_CertNameConstraints *equalNC = NULL; + char *goodInput = "nameConstraintsDN5CACert.crt"; + char *expectedAscii = + "[\n" + "\tTrusted CA Name: CN=nameConstraints DN5 CA," + "O=Test Certificates,C=US\n" + "\tTrusted CA PublicKey: PKCS #1 RSA Encryption\n" + "\tInitial Name Constraints:[\n" + "\t\tPermitted Name: (OU=permittedSubtree1," + "O=Test Certificates,C=US)\n" + "\t\tExcluded Name: (OU=excludedSubtree1," + "OU=permittedSubtree1,O=Test Certificates,C=US)\n" + "\t]\n" + "\n" + "]\n"; + + PKIX_TEST_STD_VARS(); + + subTest("Create TrustAnchors and compare"); + + createTrustAnchors(dirName, goodInput, &goodObject, &equalObject, &diffObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + TrustAnchor, + PKIX_TRUE); + + subTest("PKIX_TrustAnchor_GetTrustedCert"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetTrustedCert(diffObject, &diffCert, plContext)); + + subTest("PKIX_PL_Cert_GetNameConstraints"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(diffCert, &diffNC, plContext)); + + subTest("PKIX_TrustAnchor_GetNameConstraints"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetNameConstraints(equalObject, &equalNC, plContext)); + + testEqualsHelper((PKIX_PL_Object *)diffNC, + (PKIX_PL_Object *)equalNC, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(diffNC); + PKIX_TEST_DECREF_AC(equalNC); + PKIX_TEST_DECREF_BC(diffCert); + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + + PKIX_TEST_RETURN(); +} + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_TrustAnchor_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_trustanchor <NIST_FILES_DIR> <central-data-dir>\n\n"); +} + +int +test_trustanchor(int argc, char *argv[]) +{ + + PKIX_TrustAnchor *goodObject = NULL; + PKIX_TrustAnchor *equalObject = NULL; + PKIX_TrustAnchor *diffObject = NULL; + PKIX_PL_Cert *diffCert = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *goodInput = "yassir2yassir"; + char *expectedAscii = + "[\n" + "\tTrusted CA Name: " + "CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n" + "\tInitial Name Constraints:(null)\n" + "]\n"; + char *dirName = NULL; + char *dataCentralDir = NULL; + + PKIX_TEST_STD_VARS(); + + startTests("TrustAnchor"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 3) { + printUsage(); + return (0); + } + + dirName = argv[j + 1]; + dataCentralDir = argv[j + 2]; + + createTrustAnchors(dataCentralDir, + goodInput, + &goodObject, + &equalObject, + &diffObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + TrustAnchor, + PKIX_TRUE); + + subTest("PKIX_TrustAnchor_GetTrustedCert"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetTrustedCert(diffObject, &diffCert, plContext)); + + testGetCAName(diffCert, equalObject); + testGetCAPublicKey(diffCert, equalObject); + + testGetNameConstraints(dirName); + + testDestroy(goodObject, equalObject, diffObject); + +cleanup: + + PKIX_TEST_DECREF_AC(diffCert); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("TrustAnchor"); + + return (0); +} |