summaryrefslogtreecommitdiff
path: root/tests/pkcs11/distrust-after.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/pkcs11/distrust-after.c')
-rw-r--r--tests/pkcs11/distrust-after.c174
1 files changed, 89 insertions, 85 deletions
diff --git a/tests/pkcs11/distrust-after.c b/tests/pkcs11/distrust-after.c
index 05165baa5a..c95e8720d6 100644
--- a/tests/pkcs11/distrust-after.c
+++ b/tests/pkcs11/distrust-after.c
@@ -20,7 +20,7 @@
*/
#ifdef HAVE_CONFIG_H
-# include <config.h>
+#include <config.h>
#endif
#include <stdbool.h>
@@ -36,14 +36,14 @@ int main(void)
#else
-# include <string.h>
-# include <unistd.h>
-# include <gnutls/gnutls.h>
-# include <assert.h>
+#include <string.h>
+#include <unistd.h>
+#include <gnutls/gnutls.h>
+#include <assert.h>
-# include "cert-common.h"
-# include "pkcs11/softhsm.h"
-# include "utils.h"
+#include "cert-common.h"
+#include "pkcs11/softhsm.h"
+#include "utils.h"
/* This program tests that CKA_NSS_SERVER_DISTRUST_AFTER is honored
* while validating certificate chain.
@@ -54,64 +54,64 @@ static void tls_log_func(int level, const char *str)
fprintf(stderr, "server|<%d>| %s", level, str);
}
-# define PIN "1234"
+#define PIN "1234"
-# define CONFIG_NAME "softhsm-distrust-after"
-# define CONFIG CONFIG_NAME".config"
+#define CONFIG_NAME "softhsm-distrust-after"
+#define CONFIG CONFIG_NAME ".config"
static const unsigned char chain_pem[] =
- "-----BEGIN CERTIFICATE-----"
- "MIID5zCCAp+gAwIBAgIUIXzLE8ObVwBGHepbjMWRwW/NpDgwDQYJKoZIhvcNAQEL"
- "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MTAwNDAzWhgP"
- "OTk5OTEyMzEyMzU5NTlaMDcxGzAZBgNVBAoTEkdudVRMUyB0ZXN0IHNlcnZlcjEY"
- "MBYGA1UEAxMPdGVzdC5nbnV0bHMub3JnMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8A"
- "MIIBOgKCATEAtGsnmCWvwf8eyrB+9Ni87UOGZ1Rd2rQewpBfgzwCEfwTcoWyiKRl"
- "QQt2XyO+ip/+eUtzOy7HSzy/FsmXVTUX86FySzDC4CeUEvNWAObOgksRXaQem/r6"
- "uRsqTRi1uqXmDMeoqKFtqoiE3JYOsmwcNarnx5Q9+dXHwqINS7NuevcIX8UJzRWT"
- "GveY3ypMZokk7R/QFmOBZaVYO6HNJWKbmYFUCBcY7HwvCKI7KFcynRdHCob7YrFB"
- "meb73qjqIH7zG+666pohZCmS8q1z5RkFnTdT4hGfGF8iuuKLDQCMni+nhz1Avkqi"
- "pZIIDC5hwFh8mpnh1qyDOSXPPhvt66NtncvFON7Bx26bNBS+MD6CkB65Spp25O8z"
- "DEaiMXL2w2EL+KpnifSl5XY3oSmfgHmqdQIDAQABo4GmMIGjMAwGA1UdEwEB/wQC"
- "MAAwGgYDVR0RBBMwEYIPdGVzdC5nbnV0bHMub3JnMCcGA1UdJQQgMB4GCCsGAQUF"
- "BwMBBggrBgEFBQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW"
- "BBRIIzRTCokxOEpa6sq20qbezh0rGDAfBgNVHSMEGDAWgBQedyNtZzEfkQebli/s"
- "/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAYbQLlr74D62lPEevV/HWLOMG8taY"
- "gPld7Z5VApIhsJa913Jya7AOsW+lz48LX3QNTc8Xgj7FVwQeNP1GtBZXCe6U73KB"
- "Z+qp1rIEwn2cQVmFG+ShxmUA/gxxmWql2BAORNd5ZCVOcZbMh9uwWjhIQN/SImtW"
- "x3ebFgV5N7GPFbw+5NUITLXoLrD7Bixv3iQS8hWwmAmmPZbHAENRauL6jYSjniru"
- "SSFYjzJ1trJB6VgpJ2yWfKdcGZmB3osnGshWbayVOaprbH0AWKwOZ/d7sAldjdVw"
- "ZsaOhA+6NbvpKYZuw6Tdt0+VmUwGC1ATJGpc0dEXRBaFlt/e+gqQ43Mo+YwiMDYq"
- "LDU5nLC6uTSZLtgQHTqb32xmQ/D/y6NkUTH3f4OcxPGxBRVBHjOTk6MhRA=="
- "-----END CERTIFICATE-----"
- "-----BEGIN CERTIFICATE-----"
- "MIIDjTCCAkWgAwIBAgIUejTcfGbOAc9l4IBW+kpAN6A7Sj4wDQYJKoZIhvcNAQEL"
- "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MDk1NzU1WhgP"
- "OTk5OTEyMzEyMzU5NTlaMBkxFzAVBgNVBAMTDkdudVRMUyB0ZXN0IENBMIIBUjAN"
- "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEAnORCsX1unl//fy2d1054XduIg/3C"
- "qVBaT3Hca65SEoDwh0KiPtQoOgZLdKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJ"
- "U95v4TQdC4OLMiE56eIGq252hZAbHoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8"
- "vFGs8SzfXw63+MI6Fq6iMAQIqP08WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwW"
- "PJB91M9/lx5gFH5k9/iPfi3s2Kg3F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vG"
- "VYHigXMEZC2FezlwIHaZzpEoFlY3a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7"
- "FA9RCjeO3bUIoYaIdVTUGWEGHWSeoxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQAB"
- "o2swaTAPBgNVHRMBAf8EBTADAQH/MCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEF"
- "BQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQedyNtZzEf"
- "kQebli/s/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAa37UdOTvdUfRGwjrodhE"
- "tEnRnfrwfQ61RMK5GY07UAks7CjdeWFDLoQfv9oP9kH122hEGAA683xg/CH5OeN0"
- "8zrayQKqwcH40SJQDzc748lTgxUIDaf2rrkoF8butpaDaI0fageqjlEvCeZZSuIC"
- "KCfZK9NPN47DknuerjOTwrWxvXYRepfSo8VVbjRj8R4qsgJsmJZYQfrAg0XrnKf/"
- "UibNPXRCYABsxH4ZFtivg93LaQ05z4IrPSWGOTDQxNBoEC0DVGfSc8XElP0MkF/K"
- "BIPsl3Rt2oFNhfViF9Gpzy9Dj1P1kMD6kE7nBDiRBUPNJZBiJSGVTMZTMc2tg42W"
- "QcUYnUUzOpQWg1tcOZy4s+EuJ0bEWhSkFfSN3ENxsHXNCYYHgeadATcGbzTxD6ib"
- "eA==" "-----END CERTIFICATE-----";
-
-static const gnutls_datum_t chain = {
- (unsigned char *)chain_pem, sizeof(chain_pem) - 1
-};
-
-static
-int pin_func(void *userdata, int attempt, const char *url, const char *label,
- unsigned flags, char *pin, size_t pin_max)
+ "-----BEGIN CERTIFICATE-----"
+ "MIID5zCCAp+gAwIBAgIUIXzLE8ObVwBGHepbjMWRwW/NpDgwDQYJKoZIhvcNAQEL"
+ "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MTAwNDAzWhgP"
+ "OTk5OTEyMzEyMzU5NTlaMDcxGzAZBgNVBAoTEkdudVRMUyB0ZXN0IHNlcnZlcjEY"
+ "MBYGA1UEAxMPdGVzdC5nbnV0bHMub3JnMIIBUjANBgkqhkiG9w0BAQEFAAOCAT8A"
+ "MIIBOgKCATEAtGsnmCWvwf8eyrB+9Ni87UOGZ1Rd2rQewpBfgzwCEfwTcoWyiKRl"
+ "QQt2XyO+ip/+eUtzOy7HSzy/FsmXVTUX86FySzDC4CeUEvNWAObOgksRXaQem/r6"
+ "uRsqTRi1uqXmDMeoqKFtqoiE3JYOsmwcNarnx5Q9+dXHwqINS7NuevcIX8UJzRWT"
+ "GveY3ypMZokk7R/QFmOBZaVYO6HNJWKbmYFUCBcY7HwvCKI7KFcynRdHCob7YrFB"
+ "meb73qjqIH7zG+666pohZCmS8q1z5RkFnTdT4hGfGF8iuuKLDQCMni+nhz1Avkqi"
+ "pZIIDC5hwFh8mpnh1qyDOSXPPhvt66NtncvFON7Bx26bNBS+MD6CkB65Spp25O8z"
+ "DEaiMXL2w2EL+KpnifSl5XY3oSmfgHmqdQIDAQABo4GmMIGjMAwGA1UdEwEB/wQC"
+ "MAAwGgYDVR0RBBMwEYIPdGVzdC5nbnV0bHMub3JnMCcGA1UdJQQgMB4GCCsGAQUF"
+ "BwMBBggrBgEFBQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW"
+ "BBRIIzRTCokxOEpa6sq20qbezh0rGDAfBgNVHSMEGDAWgBQedyNtZzEfkQebli/s"
+ "/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAYbQLlr74D62lPEevV/HWLOMG8taY"
+ "gPld7Z5VApIhsJa913Jya7AOsW+lz48LX3QNTc8Xgj7FVwQeNP1GtBZXCe6U73KB"
+ "Z+qp1rIEwn2cQVmFG+ShxmUA/gxxmWql2BAORNd5ZCVOcZbMh9uwWjhIQN/SImtW"
+ "x3ebFgV5N7GPFbw+5NUITLXoLrD7Bixv3iQS8hWwmAmmPZbHAENRauL6jYSjniru"
+ "SSFYjzJ1trJB6VgpJ2yWfKdcGZmB3osnGshWbayVOaprbH0AWKwOZ/d7sAldjdVw"
+ "ZsaOhA+6NbvpKYZuw6Tdt0+VmUwGC1ATJGpc0dEXRBaFlt/e+gqQ43Mo+YwiMDYq"
+ "LDU5nLC6uTSZLtgQHTqb32xmQ/D/y6NkUTH3f4OcxPGxBRVBHjOTk6MhRA=="
+ "-----END CERTIFICATE-----"
+ "-----BEGIN CERTIFICATE-----"
+ "MIIDjTCCAkWgAwIBAgIUejTcfGbOAc9l4IBW+kpAN6A7Sj4wDQYJKoZIhvcNAQEL"
+ "BQAwGTEXMBUGA1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjMwMzE0MDk1NzU1WhgP"
+ "OTk5OTEyMzEyMzU5NTlaMBkxFzAVBgNVBAMTDkdudVRMUyB0ZXN0IENBMIIBUjAN"
+ "BgkqhkiG9w0BAQEFAAOCAT8AMIIBOgKCATEAnORCsX1unl//fy2d1054XduIg/3C"
+ "qVBaT3Hca65SEoDwh0KiPtQoOgZLdKY2cobGs/ojYtOjcs0KnlPYdmtjEh6WEhuJ"
+ "U95v4TQdC4OLMiE56eIGq252hZAbHoTL84Q14DxQWGuzQK830iml7fbw2WcIcRQ8"
+ "vFGs8SzfXw63+MI6Fq6iMAQIqP08WzGmRRzL5wvCiPhCVkrPmwbXoABub6AAsYwW"
+ "PJB91M9/lx5gFH5k9/iPfi3s2Kg3F8MOcppqFYjxDSnsfiz6eMh1+bYVIAo367vG"
+ "VYHigXMEZC2FezlwIHaZzpEoFlY3a7LFJ00yrjQ910r8UE+CEMTYzE40D0olCMo7"
+ "FA9RCjeO3bUIoYaIdVTUGWEGHWSeoxGei9Gkm6u+ASj8f+i0jxdD2qXsewIDAQAB"
+ "o2swaTAPBgNVHRMBAf8EBTADAQH/MCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEF"
+ "BQcDAwYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQedyNtZzEf"
+ "kQebli/s/MhG/ozhAzANBgkqhkiG9w0BAQsFAAOCATEAa37UdOTvdUfRGwjrodhE"
+ "tEnRnfrwfQ61RMK5GY07UAks7CjdeWFDLoQfv9oP9kH122hEGAA683xg/CH5OeN0"
+ "8zrayQKqwcH40SJQDzc748lTgxUIDaf2rrkoF8butpaDaI0fageqjlEvCeZZSuIC"
+ "KCfZK9NPN47DknuerjOTwrWxvXYRepfSo8VVbjRj8R4qsgJsmJZYQfrAg0XrnKf/"
+ "UibNPXRCYABsxH4ZFtivg93LaQ05z4IrPSWGOTDQxNBoEC0DVGfSc8XElP0MkF/K"
+ "BIPsl3Rt2oFNhfViF9Gpzy9Dj1P1kMD6kE7nBDiRBUPNJZBiJSGVTMZTMc2tg42W"
+ "QcUYnUUzOpQWg1tcOZy4s+EuJ0bEWhSkFfSN3ENxsHXNCYYHgeadATcGbzTxD6ib"
+ "eA=="
+ "-----END CERTIFICATE-----";
+
+static const gnutls_datum_t chain = { (unsigned char *)chain_pem,
+ sizeof(chain_pem) - 1 };
+
+static int pin_func(void *userdata, int attempt, const char *url,
+ const char *label, unsigned flags, char *pin,
+ size_t pin_max)
{
if (attempt == 0) {
strcpy(pin, PIN);
@@ -154,23 +154,22 @@ static void test(const char *provider, const char *purpose, bool succeeds)
fail("gnutls_pkcs11_token_init: %s\n", gnutls_strerror(ret));
}
- ret =
- gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN,
- GNUTLS_PIN_USER);
+ ret = gnutls_pkcs11_token_set_pin(SOFTHSM_URL, NULL, PIN,
+ GNUTLS_PIN_USER);
if (ret < 0) {
fail("gnutls_pkcs11_token_set_pin: %s\n", gnutls_strerror(ret));
}
gnutls_x509_trust_list_init(&tl, 0);
- ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL,
- 0, 0, 0);
+ ret = gnutls_x509_trust_list_add_trust_file(tl, SOFTHSM_URL, NULL, 0, 0,
+ 0);
if (ret < 0) {
fail("gnutls_x509_trust_list_add_trust_file\n");
}
- ret = gnutls_x509_crt_list_import2(&certs, &count,
- &chain, GNUTLS_X509_FMT_PEM, 0);
+ ret = gnutls_x509_crt_list_import2(&certs, &count, &chain,
+ GNUTLS_X509_FMT_PEM, 0);
if (ret < 0) {
fail("gnutls_x509_crt_import: %s\n", gnutls_strerror(ret));
}
@@ -178,10 +177,11 @@ static void test(const char *provider, const char *purpose, bool succeeds)
assert(count == 2);
/* Use the ICA (instead of the actual root CA) for simplicity. */
- ret = gnutls_pkcs11_copy_x509_crt(SOFTHSM_URL, certs[1], "ca",
- GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED |
- GNUTLS_PKCS11_OBJ_FLAG_MARK_CA |
- GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO);
+ ret = gnutls_pkcs11_copy_x509_crt(
+ SOFTHSM_URL, certs[1], "ca",
+ GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED |
+ GNUTLS_PKCS11_OBJ_FLAG_MARK_CA |
+ GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO);
if (ret < 0) {
fail("gnutls_pkcs11_copy_x509_crt: %s\n", gnutls_strerror(ret));
}
@@ -189,8 +189,8 @@ static void test(const char *provider, const char *purpose, bool succeeds)
vdata.type = GNUTLS_DT_KEY_PURPOSE_OID;
vdata.data = (void *)purpose;
- ret = gnutls_x509_trust_list_verify_crt2(tl, certs, 1, &vdata, 1,
- 0, &status, NULL);
+ ret = gnutls_x509_trust_list_verify_crt2(tl, certs, 1, &vdata, 1, 0,
+ &status, NULL);
if (ret < 0) {
fail("gnutls_x509_trust_list_verify_crt2: %s\n",
gnutls_strerror(ret));
@@ -236,16 +236,18 @@ void doit(void)
set_softhsm_conf(CONFIG);
snprintf(buf, sizeof(buf),
- "%s --init-token --slot 0 --label test --so-pin " PIN " --pin "
- PIN, bin);
+ "%s --init-token --slot 0 --label test --so-pin " PIN
+ " --pin " PIN,
+ bin);
system(buf);
test(lib, GNUTLS_KP_TLS_WWW_SERVER, true);
set_softhsm_conf(CONFIG);
snprintf(buf, sizeof(buf),
- "%s --init-token --slot 0 --label test --so-pin " PIN " --pin "
- PIN, bin);
+ "%s --init-token --slot 0 --label test --so-pin " PIN
+ " --pin " PIN,
+ bin);
system(buf);
test(lib, GNUTLS_KP_EMAIL_PROTECTION, true);
@@ -257,18 +259,20 @@ void doit(void)
set_softhsm_conf(CONFIG);
snprintf(buf, sizeof(buf),
- "%s --init-token --slot 0 --label test --so-pin " PIN " --pin "
- PIN, bin);
+ "%s --init-token --slot 0 --label test --so-pin " PIN
+ " --pin " PIN,
+ bin);
system(buf);
test(lib, GNUTLS_KP_TLS_WWW_SERVER, false);
set_softhsm_conf(CONFIG);
snprintf(buf, sizeof(buf),
- "%s --init-token --slot 0 --label test --so-pin " PIN " --pin "
- PIN, bin);
+ "%s --init-token --slot 0 --label test --so-pin " PIN
+ " --pin " PIN,
+ bin);
system(buf);
test(lib, GNUTLS_KP_EMAIL_PROTECTION, true);
}
-#endif /* _WIN32 */
+#endif /* _WIN32 */
View Lorry Controller Status