diff options
author | richard.freedman%sun.com <devnull@localhost> | 2006-05-18 18:53:20 +0000 |
---|---|---|
committer | richard.freedman%sun.com <devnull@localhost> | 2006-05-18 18:53:20 +0000 |
commit | d65901edfea96e63f14bc475b65459989d12d353 (patch) | |
tree | 2680ffd00b8ccdf45dbd0f1d84d7f729c96f339b | |
parent | 8596fd97a9e9737222c33e08d37ec71114afb400 (diff) | |
download | nss-hg-d65901edfea96e63f14bc475b65459989d12d353.tar.gz |
Add new ocsp and httpcertstore tests to the scripts that compile
the tests.
6 files changed, 860 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/pkix/top/ocspchecker/Makefile b/security/nss/cmd/libpkix/pkix/top/ocspchecker/Makefile new file mode 100755 index 000000000..15a060b07 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/top/ocspchecker/Makefile @@ -0,0 +1,80 @@ +#! gmake +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(PKIX_DEPTH)/pkixrules.mk +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk +include $(PKIX_DEPTH)/pkixlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk + diff --git a/security/nss/cmd/libpkix/pkix/top/ocspchecker/manifest.mn b/security/nss/cmd/libpkix/pkix/top/ocspchecker/manifest.mn new file mode 100755 index 000000000..c10a49ed3 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/top/ocspchecker/manifest.mn @@ -0,0 +1,50 @@ +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# htt/www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +PKIX_DEPTH = ../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +DEFINES = -DNSPR20 + +CSRCS = test_ocsp.c + +# this has to be different for NT and UNIX. +PROGRAM = test_ocsp + + diff --git a/security/nss/cmd/libpkix/pkix/top/ocspchecker/test_ocsp.c b/security/nss/cmd/libpkix/pkix/top/ocspchecker/test_ocsp.c new file mode 100644 index 000000000..fe3f59e74 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/top/ocspchecker/test_ocsp.c @@ -0,0 +1,270 @@ +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is + * Netscape Communications Corporation. + * Portions created by the Initial Developer are Copyright (C) 1994-2000 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * Sun Microsystems + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ +/* + * test_ocspchecker.c + * + * Test OcspChecker function + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +void *plContext = NULL; + +void printUsage(void){ + (void) printf("\nUSAGE:\nOcspChecker TestName [ENE|EE] " + "<certStoreDirectory> <trustedCert> <targetCert>\n\n"); + (void) printf + ("Validates a chain of certificates between " + "<trustedCert> and <targetCert>\n" + "using the certs and CRLs in <certStoreDirectory>. " + "If ENE is specified,\n" + "then an Error is Not Expected. " + "If EE is specified, an Error is Expected.\n"); +} + +char *createFullPathName( + char *dirName, + char *certFile, + void *plContext) +{ + PKIX_UInt32 certFileLen; + PKIX_UInt32 dirNameLen; + char *certPathName = NULL; + + PKIX_TEST_STD_VARS(); + + certFileLen = PL_strlen(certFile); + dirNameLen = PL_strlen(dirName); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc + (dirNameLen + certFileLen + 2, + (void **)&certPathName, + plContext)); + + PL_strcpy(certPathName, dirName); + PL_strcat(certPathName, "/"); + PL_strcat(certPathName, certFile); + printf("certPathName = %s\n", certPathName); + +cleanup: + + PKIX_TEST_RETURN(); + + return (certPathName); +} + +PKIX_Error * +testDefaultCertStore(PKIX_ValidateParams *valParams, char *crlDir) +{ + PKIX_PL_String *dirString = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_ProcessingParams *procParams = NULL; + PKIX_PL_Date *validity = NULL; + PKIX_List *revCheckers = NULL; + PKIX_OcspChecker *ocspChecker = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PL_CollectionCertStoreContext_Create"); + + /* Create CollectionCertStore */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create + (PKIX_ESCASCII, crlDir, 0, &dirString, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create + (dirString, &certStore, plContext)); + + /* Create CertStore */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams + (valParams, &procParams, plContext)); + + subTest("PKIX_ProcessingParams_AddCertStore"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore + (procParams, certStore, plContext)); + + subTest("PKIX_ProcessingParams_SetRevocationEnabled"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled + (procParams, PKIX_FALSE, plContext)); + + /* create current Date */ + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime + (PR_Now(), &validity, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext)); + + /* create revChecker */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_OcspChecker_Create + (validity, + NULL, /* pwArg */ + NULL, /* Use default responder */ + &ocspChecker, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem + (revCheckers, (PKIX_PL_Object *)ocspChecker, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers + (procParams, revCheckers, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(dirString); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(revCheckers); + PKIX_TEST_DECREF_AC(ocspChecker); + + PKIX_TEST_RETURN(); + + return (0); +} + +int main(int argc, char *argv[]){ + + PKIX_ValidateParams *valParams = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + PKIX_UInt32 k = 0; + PKIX_UInt32 chainLength = 0; + PKIX_Boolean testValid = PKIX_TRUE; + PKIX_Boolean useArenas = PKIX_FALSE; + PKIX_List *chainCerts = NULL; + PKIX_PL_Cert *dirCert = NULL; + char *dirCertName = NULL; + char *anchorCertName = NULL; + char *dirName = NULL; + char *databaseDir = NULL; + + PKIX_TEST_STD_VARS(); + + if (argc < 5) { + printUsage(); + return (0); + } + + startTests("OcspChecker"); + + useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); + + databaseDir = argv[3+j]; + + /* This must precede the call to PKIX_Initialize! */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize_SetConfigDir + (PKIX_STORE_TYPE_PK11, databaseDir, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize + (PKIX_TRUE, /* nssInitNeeded */ + useArenas, + PKIX_MAJOR_VERSION, + PKIX_MINOR_VERSION, + PKIX_MINOR_VERSION, + &actualMinorVersion, + &plContext)); + + /* ENE = expect no error; EE = expect error */ + if (PORT_Strcmp(argv[2+j], "ENE") == 0) { + testValid = PKIX_TRUE; + } else if (PORT_Strcmp(argv[2+j], "EE") == 0) { + testValid = PKIX_FALSE; + } else { + printUsage(); + return (0); + } + + subTest(argv[1+j]); + + dirName = databaseDir; + + chainLength = argc - j - 5; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext)); + + for (k = 0; k < chainLength; k++) { + + dirCert = createCert(dirName, argv[5+k+j], plContext); + + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_List_AppendItem + (chainCerts, (PKIX_PL_Object *)dirCert, plContext)); + + PKIX_TEST_DECREF_BC(dirCert); + } + + valParams = createValidateParams + (dirName, + argv[4+j], + NULL, + NULL, + NULL, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + chainCerts, + plContext); + + testDefaultCertStore(valParams, dirName); + + if (testValid == PKIX_TRUE) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain + (valParams, &valResult, plContext)); + } else { + PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain + (valParams, &valResult, plContext)); + } + + +cleanup: + + PKIX_TEST_DECREF_AC(chainCerts); + PKIX_TEST_DECREF_AC(valParams); + PKIX_TEST_DECREF_AC(valResult); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("OcspChecker"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/Makefile b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/Makefile new file mode 100755 index 000000000..15a060b07 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/Makefile @@ -0,0 +1,80 @@ +#! gmake +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(PKIX_DEPTH)/pkixrules.mk +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk +include $(PKIX_DEPTH)/pkixlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk + diff --git a/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/manifest.mn b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/manifest.mn new file mode 100755 index 000000000..a0890213f --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/manifest.mn @@ -0,0 +1,51 @@ +# +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# htt/www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +PKIX_DEPTH = ../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +DEFINES = -DNSPR20 + +CSRCS = test_httpcertstore.c + +# this has to be different for NT and UNIX. +# PROGRAM =$(OBJDIR)/test_httpcertstore +PROGRAM = test_httpcertstore + + diff --git a/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/test_httpcertstore.c b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/test_httpcertstore.c new file mode 100644 index 000000000..4d9948a8a --- /dev/null +++ b/security/nss/cmd/libpkix/pkix_pl/module/httpcertstore/test_httpcertstore.c @@ -0,0 +1,329 @@ +/* + * test_httpcertstore.c + * + * Test Httpcertstore Type + * + * Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistribution of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistribution in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * Neither the name of Sun Microsystems, Inc. or the names of contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * This software is provided "AS IS," without a warranty of any kind. ALL + * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING + * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN") + * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE + * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS + * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST + * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL, + * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY + * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE, + * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. + * + * You acknowledge that this software is not designed or intended for use in + * the design, construction, operation or maintenance of any nuclear facility. + */ + +#include "testutil.h" +#include "testutil_nss.h" +#include "pkix_pl_common.h" + +void *plContext = NULL; + +void printUsage(char *testname) { + char *fmt = + "USAGE: %s [-arenas] certDir certName\n"; + printf(fmt, "test_httpcertstore"); +} + +/* Functional tests for Socket public functions */ +void do_other_work(void) { /* while waiting for nonblocking I/O to complete */ + (void) PR_Sleep(2*60); +} + +PKIX_Error * +PKIX_PL_HttpCertStore_Create( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + PKIX_PL_GeneralName *location, + PKIX_CertStore **pCertStore, + void *plContext); + +PKIX_Error * +pkix_pl_HttpCertStore_CreateWithAsciiName( + PKIX_PL_HttpClient *client, /* if NULL, use default Client */ + char *location, + PKIX_CertStore **pCertStore, + void *plContext); + +PKIX_Error * +getLocation( + PKIX_PL_Cert *certWithAia, + PKIX_PL_GeneralName **pLocation, + void *plContext) +{ + PKIX_List *aiaList = NULL; + PKIX_UInt32 size = 0; + PKIX_PL_InfoAccess *aia = NULL; + PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN; + PKIX_PL_GeneralName *location = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("Getting Authority Info Access"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess + (certWithAia, &aiaList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength + (aiaList, &size, plContext)); + + if (size != 1) { + pkixTestErrorMsg = "unexpected number of AIA"; + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem + (aiaList, 0, (PKIX_PL_Object **) &aia, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType + (aia, &iaType, plContext)); + + if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) { + pkixTestErrorMsg = "unexpected location type in AIA"; + goto cleanup; + + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation + (aia, &location, plContext)); + + *pLocation = location; + +cleanup: + PKIX_TEST_DECREF_AC(aiaList); + PKIX_TEST_DECREF_AC(aia); + + PKIX_TEST_RETURN(); + + return (NULL); +} + +int main(int argc, char *argv[]) { + + PKIX_UInt32 i = 0; + PKIX_UInt32 numCerts = 0; + PKIX_UInt32 numCrls = 0; + int j = 0; + PKIX_Boolean useArenas = PKIX_FALSE; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 length = 0; + + char *certName = NULL; + char *certDir = NULL; + PKIX_PL_Cert *cmdLineCert = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_CertStore *crlStore = NULL; + PKIX_PL_GeneralName *location = NULL; + PKIX_CertStore_CertCallback getCerts = NULL; + PKIX_List *certs = NULL; + char *asciiResult = NULL; + void *nbio = NULL; + + PKIX_PL_CRL *crl = NULL; + PKIX_CRLSelector *crlSelector = NULL; + char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL" + "files/BasicHTTPURIPeer2CACRL.crl"; + PKIX_CertStore_CRLCallback getCrls = NULL; + PKIX_List *crls = NULL; + PKIX_PL_String *crlString = NULL; + + PKIX_TEST_STD_VARS(); + + startTests("HttpCertStore"); + + useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize + (PKIX_TRUE, /* nssInitNeeded */ + useArenas, + PKIX_MAJOR_VERSION, + PKIX_MINOR_VERSION, + PKIX_MINOR_VERSION, + &actualMinorVersion, + &plContext)); + + if (argc != (j + 3)) { + printUsage(argv[0]); + pkixTestErrorMsg = "Missing command line argument."; + goto cleanup; + } + + certDir = argv[++j]; + certName = argv[++j]; + + cmdLineCert = createCert(certDir, certName, plContext); + if (cmdLineCert == NULL) { + pkixTestErrorMsg = "Unable to create Cert"; + goto cleanup; + } + + /* muster arguments to create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(getLocation + (cmdLineCert, &location, plContext)); + + if (location == NULL) { + pkixTestErrorMsg = "Give me a cert with an HTTP URI!"; + goto cleanup; + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create + (NULL, location, &certStore, plContext)); + + /* get the GetCerts callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback + (certStore, &getCerts, plContext)); + + /* create a CertSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create + (NULL, NULL, &certSelector, plContext)); + + /* Get the certs */ + PKIX_TEST_EXPECT_NO_ERROR(getCerts + (certStore, certSelector, &nbio, &certs, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue + (certStore, certSelector, &nbio, &certs, plContext)); + } + + if (certs) { + + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_List_GetLength(certs, &numCerts, plContext)); + + if (numCerts == 0) { + printf("HttpCertStore returned an empty Cert list\n"); + goto cleanup; + } + + for (i = 0; i < numCerts; i++) { + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_List_GetItem + (certs, + i, + (PKIX_PL_Object**)&cert, + plContext)); + + asciiResult = PKIX_Cert2ASCII(cert); + + printf("CERT[%d]:\n%s\n", i, asciiResult); + + /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */ + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_PL_Free(asciiResult, NULL)); + asciiResult = NULL; + + PKIX_TEST_DECREF_BC(cert); + } + } else { + printf("HttpCertStore returned a NULL Cert list\n"); + } + + /* create HttpCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName + (NULL, crlLocation, &crlStore, plContext)); + + /* get the GetCrls callback */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback + (crlStore, &getCrls, plContext)); + + /* create a CrlSelector */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create + (NULL, NULL, &crlSelector, plContext)); + + /* Get the crls */ + PKIX_TEST_EXPECT_NO_ERROR(getCrls + (crlStore, crlSelector, &nbio, &crls, plContext)); + + while (nbio != NULL) { + /* poll for a completion */ + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue + (crlStore, crlSelector, &nbio, &crls, plContext)); + } + + if (crls) { + + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_List_GetLength(crls, &numCrls, plContext)); + + if (numCrls == 0) { + printf("HttpCertStore returned an empty CRL list\n"); + goto cleanup; + } + + for (i = 0; i < numCrls; i++) { + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_List_GetItem + (crls, + i, + (PKIX_PL_Object**)&crl, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString( + (PKIX_PL_Object *)crl, + &crlString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded + (crlString, + PKIX_ESCASCII, + (void **)&asciiResult, + &length, + plContext)); + + printf("CRL[%d]:\n%s\n", i, asciiResult); + + PKIX_TEST_EXPECT_NO_ERROR + (PKIX_PL_Free(asciiResult, plContext)); + PKIX_TEST_DECREF_BC(crlString); + PKIX_TEST_DECREF_BC(crl); + } + } else { + printf("HttpCertStore returned a NULL CRL list\n"); + } + +cleanup: + + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(cmdLineCert); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(crlStore); + PKIX_TEST_DECREF_AC(location); + PKIX_TEST_DECREF_AC(certs); + PKIX_TEST_DECREF_AC(crl); + PKIX_TEST_DECREF_AC(crlString); + PKIX_TEST_DECREF_AC(crls); + + PKIX_TEST_RETURN(); + + endTests("HttpDefaultClient"); + + return (0); +} |