diff options
author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
---|---|---|
committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
commit | dc1565216a5d20ae0d75872151523252309a1292 (patch) | |
tree | d57454ba9a40386552179eddf60d28bd1e8f3d54 /nss/cmd/libpkix/pkix/top/test_validatechain_NB.c | |
parent | 26c046fbc57d53136b4fb3b5e0d18298318125d4 (diff) | |
download | nss-dc1565216a5d20ae0d75872151523252309a1292.tar.gz |
nss-3.28.1nss-3.28.1
Diffstat (limited to 'nss/cmd/libpkix/pkix/top/test_validatechain_NB.c')
-rw-r--r-- | nss/cmd/libpkix/pkix/top/test_validatechain_NB.c | 524 |
1 files changed, 253 insertions, 271 deletions
diff --git a/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c b/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c index d5b5ff6..ad73a5d 100644 --- a/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c +++ b/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c @@ -13,357 +13,339 @@ static void *plContext = NULL; -static -void printUsage(void){ - (void) printf("\nUSAGE:\ntest_validateChain_NB TestName [ENE|EE] " - "<certStoreDirectory> <trustedCert> <targetCert>\n\n"); - (void) printf - ("Validates a chain of certificates between " - "<trustedCert> and <targetCert>\n" - "using the certs and CRLs in <certStoreDirectory>. " - "If ENE is specified,\n" - "then an Error is Not Expected. " - "If EE is specified, an Error is Expected.\n"); +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ntest_validateChain_NB TestName [ENE|EE] " + "<certStoreDirectory> <trustedCert> <targetCert>\n\n"); + (void)printf("Validates a chain of certificates between " + "<trustedCert> and <targetCert>\n" + "using the certs and CRLs in <certStoreDirectory>. " + "If ENE is specified,\n" + "then an Error is Not Expected. " + "If EE is specified, an Error is Expected.\n"); } -static -char *createFullPathName( - char *dirName, - char *certFile, - void *plContext) +static char * +createFullPathName( + char *dirName, + char *certFile, + void *plContext) { - PKIX_UInt32 certFileLen; - PKIX_UInt32 dirNameLen; - char *certPathName = NULL; + PKIX_UInt32 certFileLen; + PKIX_UInt32 dirNameLen; + char *certPathName = NULL; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - certFileLen = PL_strlen(certFile); - dirNameLen = PL_strlen(dirName); + certFileLen = PL_strlen(certFile); + dirNameLen = PL_strlen(dirName); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc - (dirNameLen + certFileLen + 2, - (void **)&certPathName, - plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(dirNameLen + + certFileLen + + 2, + (void **)&certPathName, + plContext)); - PL_strcpy(certPathName, dirName); - PL_strcat(certPathName, "/"); - PL_strcat(certPathName, certFile); - printf("certPathName = %s\n", certPathName); + PL_strcpy(certPathName, dirName); + PL_strcat(certPathName, "/"); + PL_strcat(certPathName, certFile); + printf("certPathName = %s\n", certPathName); cleanup: - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - return (certPathName); + return (certPathName); } static PKIX_Error * testSetupCertStore(PKIX_ValidateParams *valParams, char *ldapName) { - PKIX_PL_String *dirString = NULL; - PKIX_CertStore *certStore = NULL; - PKIX_ProcessingParams *procParams = NULL; - PKIX_PL_LdapDefaultClient *ldapClient = NULL; + PKIX_PL_String *dirString = NULL; + PKIX_CertStore *certStore = NULL; + PKIX_ProcessingParams *procParams = NULL; + PKIX_PL_LdapDefaultClient *ldapClient = NULL; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - subTest("PKIX_PL_CollectionCertStoreContext_Create"); + subTest("PKIX_PL_CollectionCertStoreContext_Create"); - /* Create LDAPCertStore */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName - (ldapName, - 0, /* timeout */ - NULL, /* bindPtr */ - &ldapClient, - plContext)); + /* Create LDAPCertStore */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName(ldapName, + 0, /* timeout */ + NULL, /* bindPtr */ + &ldapClient, + plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create - ((PKIX_PL_LdapClient *)ldapClient, - &certStore, - plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create((PKIX_PL_LdapClient *)ldapClient, + &certStore, + plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams - (valParams, &procParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams(valParams, &procParams, plContext)); - subTest("PKIX_ProcessingParams_AddCertStore"); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore - (procParams, certStore, plContext)); + subTest("PKIX_ProcessingParams_AddCertStore"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore(procParams, certStore, plContext)); - subTest("PKIX_ProcessingParams_SetRevocationEnabled"); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled - (procParams, PKIX_TRUE, plContext)); + subTest("PKIX_ProcessingParams_SetRevocationEnabled"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, PKIX_TRUE, plContext)); cleanup: - PKIX_TEST_DECREF_AC(dirString); - PKIX_TEST_DECREF_AC(procParams); - PKIX_TEST_DECREF_AC(certStore); - PKIX_TEST_DECREF_AC(ldapClient); + PKIX_TEST_DECREF_AC(dirString); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(ldapClient); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - return (0); + return (0); } static char *levels[] = { - "None", "Fatal Error", "Error", "Warning", "Debug", "Trace" + "None", "Fatal Error", "Error", "Warning", "Debug", "Trace" }; -static PKIX_Error *loggerCallback( - PKIX_Logger *logger, - PKIX_PL_String *message, - PKIX_UInt32 logLevel, - PKIX_ERRORCLASS logComponent, - void *plContext) +static PKIX_Error * +loggerCallback( + PKIX_Logger *logger, + PKIX_PL_String *message, + PKIX_UInt32 logLevel, + PKIX_ERRORCLASS logComponent, + void *plContext) { #define resultSize 150 - char *msg = NULL; - char result[resultSize]; + char *msg = NULL; + char result[resultSize]; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - msg = PKIX_String2ASCII(message, plContext); - PR_snprintf(result, resultSize, - "Logging %s (%s): %s", - levels[logLevel], - PKIX_ERRORCLASSNAMES[logComponent], - msg); - subTest(result); + msg = PKIX_String2ASCII(message, plContext); + PR_snprintf(result, resultSize, + "Logging %s (%s): %s", + levels[logLevel], + PKIX_ERRORCLASSNAMES[logComponent], + msg); + subTest(result); cleanup: - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext)); - PKIX_TEST_RETURN(); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext)); + PKIX_TEST_RETURN(); } -static -void testLogErrors( - PKIX_ERRORCLASS module, - PKIX_UInt32 loggingLevel, - PKIX_List *loggers, - void *plContext) +static void +testLogErrors( + PKIX_ERRORCLASS module, + PKIX_UInt32 loggingLevel, + PKIX_List *loggers, + void *plContext) { - PKIX_Logger *logger = NULL; - PKIX_PL_String *component = NULL; + PKIX_Logger *logger = NULL; + PKIX_PL_String *component = NULL; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_Create - (loggerCallback, NULL, &logger, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent - (logger, module, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel - (logger, loggingLevel, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem - (loggers, (PKIX_PL_Object *) logger, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_Create(loggerCallback, NULL, &logger, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent(logger, module, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel(logger, loggingLevel, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(loggers, (PKIX_PL_Object *)logger, plContext)); cleanup: - PKIX_TEST_DECREF_AC(logger); - PKIX_TEST_DECREF_AC(component); + PKIX_TEST_DECREF_AC(logger); + PKIX_TEST_DECREF_AC(component); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); } -int test_validatechain_NB(int argc, char *argv[]){ - - PKIX_ValidateParams *valParams = NULL; - PKIX_ValidateResult *valResult = NULL; - PKIX_UInt32 actualMinorVersion; - PKIX_UInt32 j = 0; - PKIX_UInt32 k = 0; - PKIX_UInt32 chainLength = 0; - PKIX_Boolean testValid = PKIX_TRUE; - PKIX_List *chainCerts = NULL; - PKIX_PL_Cert *dirCert = NULL; - char *dirCertName = NULL; - char *anchorCertName = NULL; - char *dirName = NULL; - PKIX_UInt32 certIndex = 0; - PKIX_UInt32 anchorIndex = 0; - PKIX_UInt32 checkerIndex = 0; - PKIX_Boolean revChecking = PKIX_FALSE; - PKIX_List *checkers = NULL; - PRPollDesc *pollDesc = NULL; - PRErrorCode errorCode = 0; - PKIX_PL_Socket *socket = NULL; - char *ldapName = NULL; - PKIX_VerifyNode *verifyTree = NULL; - PKIX_PL_String *verifyString = NULL; - - PKIX_List *loggers = NULL; - PKIX_Logger *logger = NULL; - char *logging = NULL; - PKIX_PL_String *component = NULL; - - PKIX_TEST_STD_VARS(); - - if (argc < 5) { - printUsage(); - return (0); - } +int +test_validatechain_NB(int argc, char *argv[]) +{ - startTests("ValidateChain_NB"); + PKIX_ValidateParams *valParams = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + PKIX_UInt32 k = 0; + PKIX_UInt32 chainLength = 0; + PKIX_Boolean testValid = PKIX_TRUE; + PKIX_List *chainCerts = NULL; + PKIX_PL_Cert *dirCert = NULL; + char *dirCertName = NULL; + char *anchorCertName = NULL; + char *dirName = NULL; + PKIX_UInt32 certIndex = 0; + PKIX_UInt32 anchorIndex = 0; + PKIX_UInt32 checkerIndex = 0; + PKIX_Boolean revChecking = PKIX_FALSE; + PKIX_List *checkers = NULL; + PRPollDesc *pollDesc = NULL; + PRErrorCode errorCode = 0; + PKIX_PL_Socket *socket = NULL; + char *ldapName = NULL; + PKIX_VerifyNode *verifyTree = NULL; + PKIX_PL_String *verifyString = NULL; + + PKIX_List *loggers = NULL; + PKIX_Logger *logger = NULL; + char *logging = NULL; + PKIX_PL_String *component = NULL; + + PKIX_TEST_STD_VARS(); + + if (argc < 5) { + printUsage(); + return (0); + } - PKIX_TEST_EXPECT_NO_ERROR( - PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + startTests("ValidateChain_NB"); - /* ENE = expect no error; EE = expect error */ - if (PORT_Strcmp(argv[2+j], "ENE") == 0) { - testValid = PKIX_TRUE; - } else if (PORT_Strcmp(argv[2+j], "EE") == 0) { - testValid = PKIX_FALSE; - } else { - printUsage(); - return (0); - } + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); - subTest(argv[1+j]); + /* ENE = expect no error; EE = expect error */ + if (PORT_Strcmp(argv[2 + j], "ENE") == 0) { + testValid = PKIX_TRUE; + } else if (PORT_Strcmp(argv[2 + j], "EE") == 0) { + testValid = PKIX_FALSE; + } else { + printUsage(); + return (0); + } - dirName = argv[3+j]; + subTest(argv[1 + j]); - chainLength = argc - j - 5; + dirName = argv[3 + j]; - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext)); + chainLength = argc - j - 5; - for (k = 0; k < chainLength; k++){ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext)); - dirCert = createCert(dirName, argv[5+k+j], plContext); + for (k = 0; k < chainLength; k++) { - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (chainCerts, (PKIX_PL_Object *)dirCert, plContext)); + dirCert = createCert(dirName, argv[5 + k + j], plContext); - PKIX_TEST_DECREF_BC(dirCert); - } + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(chainCerts, (PKIX_PL_Object *)dirCert, plContext)); - valParams = createValidateParams - (dirName, - argv[4+j], - NULL, - NULL, - NULL, - PKIX_FALSE, - PKIX_FALSE, - PKIX_FALSE, - PKIX_FALSE, - chainCerts, - plContext); - - ldapName = PR_GetEnv("LDAP"); - /* Is LDAP set in the environment? */ - if ((ldapName == NULL) || (*ldapName == '\0')) { - testError("LDAP not set in environment"); - goto cleanup; - } + PKIX_TEST_DECREF_BC(dirCert); + } - pkixTestErrorResult = pkix_pl_Socket_CreateByName - (PKIX_FALSE, /* isServer */ - PR_SecondsToInterval(30), /* try 30 secs for connect */ - ldapName, - &errorCode, - &socket, - plContext); - - if (pkixTestErrorResult != NULL) { - PKIX_PL_Object_DecRef - ((PKIX_PL_Object *)pkixTestErrorResult, plContext); - pkixTestErrorResult = NULL; - testError("Unable to connect to LDAP Server"); - goto cleanup; - } + valParams = createValidateParams(dirName, + argv[4 + + j], + NULL, + NULL, + NULL, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + PKIX_FALSE, + chainCerts, + plContext); + + ldapName = PR_GetEnvSecure("LDAP"); + /* Is LDAP set in the environment? */ + if ((ldapName == NULL) || (*ldapName == '\0')) { + testError("LDAP not set in environment"); + goto cleanup; + } + + pkixTestErrorResult = pkix_pl_Socket_CreateByName(PKIX_FALSE, /* isServer */ + PR_SecondsToInterval(30), /* try 30 secs for connect */ + ldapName, + &errorCode, + &socket, + plContext); - PKIX_TEST_DECREF_BC(socket); + if (pkixTestErrorResult != NULL) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)pkixTestErrorResult, plContext); + pkixTestErrorResult = NULL; + testError("Unable to connect to LDAP Server"); + goto cleanup; + } - testSetupCertStore(valParams, ldapName); + PKIX_TEST_DECREF_BC(socket); - logging = PR_GetEnv("LOGGING"); - /* Is LOGGING set in the environment? */ - if ((logging != NULL) && (*logging != '\0')) { + testSetupCertStore(valParams, ldapName); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_Create(&loggers, plContext)); + logging = PR_GetEnvSecure("LOGGING"); + /* Is LOGGING set in the environment? */ + if ((logging != NULL) && (*logging != '\0')) { - testLogErrors - (PKIX_VALIDATE_ERROR, 2, loggers, plContext); - testLogErrors - (PKIX_CERTCHAINCHECKER_ERROR, 2, loggers, plContext); - testLogErrors - (PKIX_LDAPDEFAULTCLIENT_ERROR, 2, loggers, plContext); - testLogErrors - (PKIX_CERTSTORE_ERROR, 2, loggers, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&loggers, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggers, plContext)); + testLogErrors(PKIX_VALIDATE_ERROR, 2, loggers, plContext); + testLogErrors(PKIX_CERTCHAINCHECKER_ERROR, 2, loggers, plContext); + testLogErrors(PKIX_LDAPDEFAULTCLIENT_ERROR, 2, loggers, plContext); + testLogErrors(PKIX_CERTSTORE_ERROR, 2, loggers, plContext); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggers, plContext)); + } + + pkixTestErrorResult = PKIX_ValidateChain_NB(valParams, + &certIndex, + &anchorIndex, + &checkerIndex, + &revChecking, + &checkers, + (void **)&pollDesc, + &valResult, + &verifyTree, + plContext); + + while (pollDesc != NULL) { + + if (PR_Poll(pollDesc, 1, 0) < 0) { + testError("PR_Poll failed"); } - pkixTestErrorResult = PKIX_ValidateChain_NB - (valParams, - &certIndex, - &anchorIndex, - &checkerIndex, - &revChecking, - &checkers, - (void **)&pollDesc, - &valResult, - &verifyTree, - plContext); - - while (pollDesc != NULL) { - - if (PR_Poll(pollDesc, 1, 0) < 0) { - testError("PR_Poll failed"); - } - - pkixTestErrorResult = PKIX_ValidateChain_NB - (valParams, - &certIndex, - &anchorIndex, - &checkerIndex, - &revChecking, - &checkers, - (void **)&pollDesc, - &valResult, - &verifyTree, - plContext); + pkixTestErrorResult = PKIX_ValidateChain_NB(valParams, + &certIndex, + &anchorIndex, + &checkerIndex, + &revChecking, + &checkers, + (void **)&pollDesc, + &valResult, + &verifyTree, + plContext); + } + + if (pkixTestErrorResult) { + if (testValid == PKIX_FALSE) { /* EE */ + (void)printf("EXPECTED ERROR RECEIVED!\n"); + } else { /* ENE */ + testError("UNEXPECTED ERROR RECEIVED"); } + PKIX_TEST_DECREF_BC(pkixTestErrorResult); + } else { - if (pkixTestErrorResult) { - if (testValid == PKIX_FALSE) { /* EE */ - (void) printf("EXPECTED ERROR RECEIVED!\n"); - } else { /* ENE */ - testError("UNEXPECTED ERROR RECEIVED"); - } - PKIX_TEST_DECREF_BC(pkixTestErrorResult); - } else { - - if (testValid == PKIX_TRUE) { /* ENE */ - (void) printf("EXPECTED NON-ERROR RECEIVED!\n"); - } else { /* EE */ - (void) printf("UNEXPECTED NON-ERROR RECEIVED!\n"); - } + if (testValid == PKIX_TRUE) { /* ENE */ + (void)printf("EXPECTED NON-ERROR RECEIVED!\n"); + } else { /* EE */ + (void)printf("UNEXPECTED NON-ERROR RECEIVED!\n"); } + } cleanup: - if (verifyTree) { - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString - ((PKIX_PL_Object*)verifyTree, &verifyString, plContext)); - (void) printf("verifyTree is\n%s\n", - verifyString->escAsciiString); - } + if (verifyTree) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)verifyTree, &verifyString, plContext)); + (void)printf("verifyTree is\n%s\n", + verifyString->escAsciiString); + } - PKIX_TEST_DECREF_AC(verifyString); - PKIX_TEST_DECREF_AC(verifyTree); - PKIX_TEST_DECREF_AC(checkers); - PKIX_TEST_DECREF_AC(chainCerts); - PKIX_TEST_DECREF_AC(valParams); - PKIX_TEST_DECREF_AC(valResult); + PKIX_TEST_DECREF_AC(verifyString); + PKIX_TEST_DECREF_AC(verifyTree); + PKIX_TEST_DECREF_AC(checkers); + PKIX_TEST_DECREF_AC(chainCerts); + PKIX_TEST_DECREF_AC(valParams); + PKIX_TEST_DECREF_AC(valResult); - PKIX_Shutdown(plContext); + PKIX_Shutdown(plContext); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - endTests("ValidateChain_NB"); + endTests("ValidateChain_NB"); - return (0); + return (0); } |