diff options
author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
---|---|---|
committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2017-01-04 14:24:24 +0000 |
commit | dc1565216a5d20ae0d75872151523252309a1292 (patch) | |
tree | d57454ba9a40386552179eddf60d28bd1e8f3d54 /nss/cmd/libpkix/sample_apps | |
parent | 26c046fbc57d53136b4fb3b5e0d18298318125d4 (diff) | |
download | nss-dc1565216a5d20ae0d75872151523252309a1292.tar.gz |
nss-3.28.1nss-3.28.1
Diffstat (limited to 'nss/cmd/libpkix/sample_apps')
-rw-r--r-- | nss/cmd/libpkix/sample_apps/build_chain.c | 327 | ||||
-rw-r--r-- | nss/cmd/libpkix/sample_apps/dumpcert.c | 228 | ||||
-rw-r--r-- | nss/cmd/libpkix/sample_apps/dumpcrl.c | 237 | ||||
-rw-r--r-- | nss/cmd/libpkix/sample_apps/validate_chain.c | 276 |
4 files changed, 514 insertions, 554 deletions
diff --git a/nss/cmd/libpkix/sample_apps/build_chain.c b/nss/cmd/libpkix/sample_apps/build_chain.c index fa717d9..38bf1d9 100644 --- a/nss/cmd/libpkix/sample_apps/build_chain.c +++ b/nss/cmd/libpkix/sample_apps/build_chain.c @@ -34,232 +34,209 @@ static void *plContext = NULL; -static -void printUsage(void){ - (void) printf("\nUSAGE:\tbuildChain " - "<trustedCert> <targetCert> <certStoreDirectory>\n\n"); - (void) printf - ("Builds a chain of certificates between " - "<trustedCert> and <targetCert>\n" - "using the certs and CRLs in <certStoreDirectory>.\n"); +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\tbuildChain " + "<trustedCert> <targetCert> <certStoreDirectory>\n\n"); + (void)printf("Builds a chain of certificates between " + "<trustedCert> and <targetCert>\n" + "using the certs and CRLs in <certStoreDirectory>.\n"); } static PKIX_PL_Cert * createCert(char *inFileName) { - PKIX_PL_ByteArray *byteArray = NULL; - void *buf = NULL; - PRFileDesc *inFile = NULL; - PKIX_UInt32 len; - SECItem certDER; - SECStatus rv; - /* default: NULL cert (failure case) */ - PKIX_PL_Cert *cert = NULL; + PKIX_PL_ByteArray *byteArray = NULL; + void *buf = NULL; + PRFileDesc *inFile = NULL; + PKIX_UInt32 len; + SECItem certDER; + SECStatus rv; + /* default: NULL cert (failure case) */ + PKIX_PL_Cert *cert = NULL; + + PKIX_TEST_STD_VARS(); + + certDER.data = NULL; - PKIX_TEST_STD_VARS(); + inFile = PR_Open(inFileName, PR_RDONLY, 0); - certDER.data = NULL; + if (!inFile) { + pkixTestErrorMsg = "Unable to open cert file"; + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)certDER.data; + len = certDER.len; - inFile = PR_Open(inFileName, PR_RDONLY, 0); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext)); - if (!inFile){ - pkixTestErrorMsg = "Unable to open cert file"; - goto cleanup; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext)); + + SECITEM_FreeItem(&certDER, PR_FALSE); } else { - rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); - if (!rv){ - buf = (void *)certDER.data; - len = certDER.len; - - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create - (buf, len, &byteArray, plContext)); - - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create - (byteArray, &cert, plContext)); - - SECITEM_FreeItem(&certDER, PR_FALSE); - } else { - pkixTestErrorMsg = "Unable to read DER from cert file"; - goto cleanup; - } + pkixTestErrorMsg = "Unable to read DER from cert file"; + goto cleanup; } + } cleanup: - if (inFile){ - PR_Close(inFile); - } + if (inFile) { + PR_Close(inFile); + } - if (PKIX_TEST_ERROR_RECEIVED){ - SECITEM_FreeItem(&certDER, PR_FALSE); - } + if (PKIX_TEST_ERROR_RECEIVED) { + SECITEM_FreeItem(&certDER, PR_FALSE); + } - PKIX_TEST_DECREF_AC(byteArray); + PKIX_TEST_DECREF_AC(byteArray); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - return (cert); + return (cert); } -int build_chain(int argc, char *argv[]) +int +build_chain(int argc, char *argv[]) { - PKIX_BuildResult *buildResult = NULL; - PKIX_ComCertSelParams *certSelParams = NULL; - PKIX_CertSelector *certSelector = NULL; - PKIX_TrustAnchor *anchor = NULL; - PKIX_List *anchors = NULL; - PKIX_List *certs = NULL; - PKIX_PL_Cert *cert = NULL; - PKIX_ProcessingParams *procParams = NULL; - char *trustedCertFile = NULL; - char *targetCertFile = NULL; - char *storeDirAscii = NULL; - PKIX_PL_String *storeDirString = NULL; - PKIX_PL_Cert *trustedCert = NULL; - PKIX_PL_Cert *targetCert = NULL; - PKIX_UInt32 actualMinorVersion, numCerts, i; - PKIX_UInt32 j = 0; - PKIX_CertStore *certStore = NULL; - PKIX_List *certStores = NULL; - char * asciiResult = NULL; - PKIX_Boolean useArenas = PKIX_FALSE; - void *buildState = NULL; /* needed by pkix_build for non-blocking I/O */ - void *nbioContext = NULL; - - PKIX_TEST_STD_VARS(); - - if (argc < 4){ - printUsage(); - return (0); - } - - useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); + PKIX_BuildResult *buildResult = NULL; + PKIX_ComCertSelParams *certSelParams = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_TrustAnchor *anchor = NULL; + PKIX_List *anchors = NULL; + PKIX_List *certs = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_ProcessingParams *procParams = NULL; + char *trustedCertFile = NULL; + char *targetCertFile = NULL; + char *storeDirAscii = NULL; + PKIX_PL_String *storeDirString = NULL; + PKIX_PL_Cert *trustedCert = NULL; + PKIX_PL_Cert *targetCert = NULL; + PKIX_UInt32 actualMinorVersion, numCerts, i; + PKIX_UInt32 j = 0; + PKIX_CertStore *certStore = NULL; + PKIX_List *certStores = NULL; + char *asciiResult = NULL; + PKIX_Boolean useArenas = PKIX_FALSE; + void *buildState = NULL; /* needed by pkix_build for non-blocking I/O */ + void *nbioContext = NULL; + + PKIX_TEST_STD_VARS(); + + if (argc < 4) { + printUsage(); + return (0); + } - PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize - (PKIX_TRUE, /* nssInitNeeded */ - useArenas, - PKIX_MAJOR_VERSION, - PKIX_MINOR_VERSION, - PKIX_MINOR_VERSION, - &actualMinorVersion, - &plContext)); + useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); - /* create processing params with list of trust anchors */ - trustedCertFile = argv[j+1]; - trustedCert = createCert(trustedCertFile); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize(PKIX_TRUE, /* nssInitNeeded */ + useArenas, + PKIX_MAJOR_VERSION, + PKIX_MINOR_VERSION, + PKIX_MINOR_VERSION, + &actualMinorVersion, + &plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert - (trustedCert, &anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem - (anchors, (PKIX_PL_Object *)anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create - (anchors, &procParams, plContext)); + /* create processing params with list of trust anchors */ + trustedCertFile = argv[j + 1]; + trustedCert = createCert(trustedCertFile); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(trustedCert, &anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchors, &procParams, plContext)); - /* create CertSelector with target certificate in params */ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ComCertSelParams_Create(&certSelParams, plContext)); + /* create CertSelector with target certificate in params */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&certSelParams, plContext)); - targetCertFile = argv[j+2]; - targetCert = createCert(targetCertFile); + targetCertFile = argv[j + 2]; + targetCert = createCert(targetCertFile); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ComCertSelParams_SetCertificate - (certSelParams, targetCert, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate(certSelParams, targetCert, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams - (certSelector, certSelParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ProcessingParams_SetTargetCertConstraints - (procParams, certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext)); - /* create CertStores */ + /* create CertStores */ - storeDirAscii = argv[j+3]; + storeDirAscii = argv[j + 3]; - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create - (PKIX_ESCASCII, storeDirAscii, 0, &storeDirString, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, storeDirAscii, 0, &storeDirString, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create - (storeDirString, &certStore, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem - (certStores, (PKIX_PL_Object *)certStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(storeDirString, &certStore, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores, (PKIX_PL_Object *)certStore, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores - (procParams, certStores, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores(procParams, certStores, plContext)); - /* build cert chain using processing params and return buildResult */ + /* build cert chain using processing params and return buildResult */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildChain - (procParams, - &nbioContext, - &buildState, - &buildResult, - NULL, - plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildChain(procParams, + &nbioContext, + &buildState, + &buildResult, + NULL, + plContext)); - /* + /* * As long as we use only CertStores with blocking I/O, we can omit * checking for completion with nbioContext. */ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_BuildResult_GetCertChain(buildResult, &certs, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain(buildResult, &certs, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_GetLength(certs, &numCerts, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext)); - printf("\n"); + printf("\n"); - for (i = 0; i < numCerts; i++){ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_GetItem - (certs, i, (PKIX_PL_Object**)&cert, plContext)); + for (i = 0; i < numCerts; i++) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs, i, (PKIX_PL_Object **)&cert, plContext)); - asciiResult = PKIX_Cert2ASCII(cert); + asciiResult = PKIX_Cert2ASCII(cert); - printf("CERT[%d]:\n%s\n", i, asciiResult); + printf("CERT[%d]:\n%s\n", i, asciiResult); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext)); - asciiResult = NULL; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext)); + asciiResult = NULL; - PKIX_TEST_DECREF_BC(cert); - } + PKIX_TEST_DECREF_BC(cert); + } cleanup: - if (PKIX_TEST_ERROR_RECEIVED){ - (void) printf("FAILED TO BUILD CHAIN\n"); - } else { - (void) printf("SUCCESSFULLY BUILT CHAIN\n"); - } - - PKIX_PL_Free(asciiResult, plContext); - - PKIX_TEST_DECREF_AC(certs); - PKIX_TEST_DECREF_AC(cert); - PKIX_TEST_DECREF_AC(certStore); - PKIX_TEST_DECREF_AC(certStores); - PKIX_TEST_DECREF_AC(storeDirString); - PKIX_TEST_DECREF_AC(trustedCert); - PKIX_TEST_DECREF_AC(targetCert); - PKIX_TEST_DECREF_AC(anchor); - PKIX_TEST_DECREF_AC(anchors); - PKIX_TEST_DECREF_AC(procParams); - PKIX_TEST_DECREF_AC(certSelParams); - PKIX_TEST_DECREF_AC(certSelector); - PKIX_TEST_DECREF_AC(buildResult); - - PKIX_TEST_RETURN(); - - PKIX_Shutdown(plContext); - - return (0); - + if (PKIX_TEST_ERROR_RECEIVED) { + (void)printf("FAILED TO BUILD CHAIN\n"); + } else { + (void)printf("SUCCESSFULLY BUILT CHAIN\n"); + } + + PKIX_PL_Free(asciiResult, plContext); + + PKIX_TEST_DECREF_AC(certs); + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(certStore); + PKIX_TEST_DECREF_AC(certStores); + PKIX_TEST_DECREF_AC(storeDirString); + PKIX_TEST_DECREF_AC(trustedCert); + PKIX_TEST_DECREF_AC(targetCert); + PKIX_TEST_DECREF_AC(anchor); + PKIX_TEST_DECREF_AC(anchors); + PKIX_TEST_DECREF_AC(procParams); + PKIX_TEST_DECREF_AC(certSelParams); + PKIX_TEST_DECREF_AC(certSelector); + PKIX_TEST_DECREF_AC(buildResult); + + PKIX_TEST_RETURN(); + + PKIX_Shutdown(plContext); + + return (0); } diff --git a/nss/cmd/libpkix/sample_apps/dumpcert.c b/nss/cmd/libpkix/sample_apps/dumpcert.c index 5535077..6ff5f83 100644 --- a/nss/cmd/libpkix/sample_apps/dumpcert.c +++ b/nss/cmd/libpkix/sample_apps/dumpcert.c @@ -23,162 +23,160 @@ static void *plContext = NULL; -static -void printUsage(void){ - (void) printf("\nUSAGE:\tdumpcert <certFile>\n"); - (void) printf("\tParses a certificate located at <certFile> " - "and displays it.\n"); +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\tdumpcert <certFile>\n"); + (void)printf("\tParses a certificate located at <certFile> " + "and displays it.\n"); } -static -void printFailure(char *msg){ - (void) printf("FAILURE: %s\n", msg); +static void +printFailure(char *msg) +{ + (void)printf("FAILURE: %s\n", msg); } static PKIX_PL_Cert * createCert(char *inFileName) { - PKIX_PL_ByteArray *byteArray = NULL; - PKIX_PL_Cert *cert = NULL; - PKIX_Error *error = NULL; - PRFileDesc *inFile = NULL; - SECItem certDER; - void *buf = NULL; - PKIX_UInt32 len; - SECStatus rv = SECFailure; - - certDER.data = NULL; + PKIX_PL_ByteArray *byteArray = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_Error *error = NULL; + PRFileDesc *inFile = NULL; + SECItem certDER; + void *buf = NULL; + PKIX_UInt32 len; + SECStatus rv = SECFailure; + + certDER.data = NULL; + + inFile = PR_Open(inFileName, PR_RDONLY, 0); + + if (!inFile) { + printFailure("Unable to open cert file"); + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)certDER.data; + len = certDER.len; + + error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext); + + if (error) { + printFailure("PKIX_PL_ByteArray_Create failed"); + goto cleanup; + } - inFile = PR_Open(inFileName, PR_RDONLY, 0); + error = PKIX_PL_Cert_Create(byteArray, &cert, plContext); - if (!inFile){ - printFailure("Unable to open cert file"); + if (error) { + printFailure("PKIX_PL_Cert_Create failed"); goto cleanup; + } } else { - rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); - if (!rv){ - buf = (void *)certDER.data; - len = certDER.len; - - error = PKIX_PL_ByteArray_Create - (buf, len, &byteArray, plContext); - - if (error){ - printFailure("PKIX_PL_ByteArray_Create failed"); - goto cleanup; - } - - error = PKIX_PL_Cert_Create - (byteArray, &cert, plContext); - - if (error){ - printFailure("PKIX_PL_Cert_Create failed"); - goto cleanup; - } - } else { - printFailure("Unable to read DER from cert file"); - goto cleanup; - } + printFailure("Unable to read DER from cert file"); + goto cleanup; } + } cleanup: - if (inFile){ - PR_Close(inFile); - } + if (inFile) { + PR_Close(inFile); + } - if (rv == SECSuccess){ - SECITEM_FreeItem(&certDER, PR_FALSE); - } + if (rv == SECSuccess) { + SECITEM_FreeItem(&certDER, PR_FALSE); + } - if (byteArray){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext); - } + if (byteArray) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext); + } - return (cert); + return (cert); } -int dumpcert(int argc, char *argv[]) +int +dumpcert(int argc, char *argv[]) { - PKIX_PL_String *string = NULL; - PKIX_PL_Cert *cert = NULL; - PKIX_Error *error = NULL; - char *ascii = NULL; - PKIX_UInt32 length = 0; - PKIX_UInt32 j = 0; - PKIX_Boolean useArenas = PKIX_FALSE; - PKIX_UInt32 actualMinorVersion; + PKIX_PL_String *string = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_Error *error = NULL; + char *ascii = NULL; + PKIX_UInt32 length = 0; + PKIX_UInt32 j = 0; + PKIX_Boolean useArenas = PKIX_FALSE; + PKIX_UInt32 actualMinorVersion; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - if (argc == 1){ - printUsage(); - return (0); - } + if (argc == 1) { + printUsage(); + return (0); + } - useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); + useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); - PKIX_Initialize - (PKIX_TRUE, /* nssInitNeeded */ - useArenas, - PKIX_MAJOR_VERSION, - PKIX_MINOR_VERSION, - PKIX_MINOR_VERSION, - &actualMinorVersion, - &plContext); + PKIX_Initialize(PKIX_TRUE, /* nssInitNeeded */ + useArenas, + PKIX_MAJOR_VERSION, + PKIX_MINOR_VERSION, + PKIX_MINOR_VERSION, + &actualMinorVersion, + &plContext); - cert = createCert(argv[1+j]); + cert = createCert(argv[1 + j]); - if (cert){ + if (cert) { - error = PKIX_PL_Object_ToString - ((PKIX_PL_Object *)cert, &string, plContext); + error = PKIX_PL_Object_ToString((PKIX_PL_Object *)cert, &string, plContext); - if (error){ - printFailure("Unable to get string representation " - "of cert"); - goto cleanup; - } + if (error) { + printFailure("Unable to get string representation " + "of cert"); + goto cleanup; + } - error = PKIX_PL_String_GetEncoded - (string, - PKIX_ESCASCII, - (void **)&ascii, - &length, - plContext); + error = PKIX_PL_String_GetEncoded(string, + PKIX_ESCASCII, + (void **)&ascii, + &length, + plContext); - if (error || !ascii){ - printFailure("Unable to get ASCII encoding of string"); - goto cleanup; - } + if (error || !ascii) { + printFailure("Unable to get ASCII encoding of string"); + goto cleanup; + } - (void) printf("OUTPUT:\n%s\n", ascii); + (void)printf("OUTPUT:\n%s\n", ascii); - } else { - printFailure("Unable to create certificate"); - goto cleanup; - } + } else { + printFailure("Unable to create certificate"); + goto cleanup; + } cleanup: - if (cert){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(cert), plContext); - } + if (cert) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(cert), plContext); + } - if (string){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext); - } + if (string) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext); + } - if (ascii){ - PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext); - } + if (ascii) { + PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext); + } - PKIX_Shutdown(plContext); + PKIX_Shutdown(plContext); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - endTests("DUMPCERT"); + endTests("DUMPCERT"); - return (0); + return (0); } diff --git a/nss/cmd/libpkix/sample_apps/dumpcrl.c b/nss/cmd/libpkix/sample_apps/dumpcrl.c index cfb84bd..6426014 100644 --- a/nss/cmd/libpkix/sample_apps/dumpcrl.c +++ b/nss/cmd/libpkix/sample_apps/dumpcrl.c @@ -23,165 +23,164 @@ static void *plContext = NULL; -static -void printUsage(void){ - (void) printf("\nUSAGE:\tdumpcrl <crlFile>\n"); - (void) printf("\tParses a CRL located at <crlFile> " - "and displays it.\n"); +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\tdumpcrl <crlFile>\n"); + (void)printf("\tParses a CRL located at <crlFile> " + "and displays it.\n"); } -static -void printFailure(char *msg){ - (void) printf("FAILURE: %s\n", msg); +static void +printFailure(char *msg) +{ + (void)printf("FAILURE: %s\n", msg); } static PKIX_PL_CRL * createCRL(char *inFileName) { - PKIX_PL_ByteArray *byteArray = NULL; - PKIX_PL_CRL *crl = NULL; - PKIX_Error *error = NULL; - PRFileDesc *inFile = NULL; - SECItem crlDER; - void *buf = NULL; - PKIX_UInt32 len; - SECStatus rv; - - PKIX_TEST_STD_VARS(); - - crlDER.data = NULL; - - inFile = PR_Open(inFileName, PR_RDONLY, 0); + PKIX_PL_ByteArray *byteArray = NULL; + PKIX_PL_CRL *crl = NULL; + PKIX_Error *error = NULL; + PRFileDesc *inFile = NULL; + SECItem crlDER; + void *buf = NULL; + PKIX_UInt32 len; + SECStatus rv; + + PKIX_TEST_STD_VARS(); + + crlDER.data = NULL; + + inFile = PR_Open(inFileName, PR_RDONLY, 0); + + if (!inFile) { + printFailure("Unable to open crl file"); + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)crlDER.data; + len = crlDER.len; + + error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext); + + if (error) { + printFailure("PKIX_PL_ByteArray_Create failed"); + goto cleanup; + } - if (!inFile){ - printFailure("Unable to open crl file"); + error = PKIX_PL_CRL_Create(byteArray, &crl, plContext); + if (error) { + printFailure("PKIX_PL_CRL_Create failed"); goto cleanup; + } + + SECITEM_FreeItem(&crlDER, PR_FALSE); } else { - rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); - if (!rv){ - buf = (void *)crlDER.data; - len = crlDER.len; - - error = PKIX_PL_ByteArray_Create - (buf, len, &byteArray, plContext); - - if (error){ - printFailure("PKIX_PL_ByteArray_Create failed"); - goto cleanup; - } - - error = PKIX_PL_CRL_Create(byteArray, &crl, plContext); - if (error){ - printFailure("PKIX_PL_CRL_Create failed"); - goto cleanup; - } - - SECITEM_FreeItem(&crlDER, PR_FALSE); - } else { - printFailure("Unable to read DER from crl file"); - goto cleanup; - } + printFailure("Unable to read DER from crl file"); + goto cleanup; } + } cleanup: - if (inFile){ - PR_Close(inFile); - } + if (inFile) { + PR_Close(inFile); + } - if (error){ - SECITEM_FreeItem(&crlDER, PR_FALSE); - } + if (error) { + SECITEM_FreeItem(&crlDER, PR_FALSE); + } - if (byteArray){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext); - } + if (byteArray) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext); + } - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - return (crl); + return (crl); } -int dumpcrl(int argc, char *argv[]) +int +dumpcrl(int argc, char *argv[]) { - PKIX_PL_String *string = NULL; - PKIX_PL_CRL *crl = NULL; - PKIX_Error *error = NULL; - char *ascii = NULL; - PKIX_UInt32 length; - PKIX_UInt32 actualMinorVersion; - PKIX_UInt32 j = 0; - PKIX_Boolean useArenas = PKIX_FALSE; + PKIX_PL_String *string = NULL; + PKIX_PL_CRL *crl = NULL; + PKIX_Error *error = NULL; + char *ascii = NULL; + PKIX_UInt32 length; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + PKIX_Boolean useArenas = PKIX_FALSE; - PKIX_TEST_STD_VARS(); + PKIX_TEST_STD_VARS(); - if (argc == 1){ - printUsage(); - return (0); - } + if (argc == 1) { + printUsage(); + return (0); + } - useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); + useArenas = PKIX_TEST_ARENAS_ARG(argv[1]); - PKIX_Initialize - (PKIX_TRUE, /* nssInitNeeded */ - useArenas, - PKIX_MAJOR_VERSION, - PKIX_MINOR_VERSION, - PKIX_MINOR_VERSION, - &actualMinorVersion, - &plContext); + PKIX_Initialize(PKIX_TRUE, /* nssInitNeeded */ + useArenas, + PKIX_MAJOR_VERSION, + PKIX_MINOR_VERSION, + PKIX_MINOR_VERSION, + &actualMinorVersion, + &plContext); - crl = createCRL(argv[j+1]); + crl = createCRL(argv[j + 1]); - if (crl){ + if (crl) { - error = PKIX_PL_Object_ToString - ((PKIX_PL_Object *)crl, &string, plContext); + error = PKIX_PL_Object_ToString((PKIX_PL_Object *)crl, &string, plContext); - if (error){ - printFailure("Unable to get string representation " - "of crl"); - goto cleanup; - } + if (error) { + printFailure("Unable to get string representation " + "of crl"); + goto cleanup; + } - error = PKIX_PL_String_GetEncoded - (string, - PKIX_ESCASCII, - (void **)&ascii, - &length, - plContext); - if (error || !ascii){ - printFailure("Unable to get ASCII encoding of string"); - goto cleanup; - } + error = PKIX_PL_String_GetEncoded(string, + PKIX_ESCASCII, + (void **)&ascii, + &length, + plContext); + if (error || !ascii) { + printFailure("Unable to get ASCII encoding of string"); + goto cleanup; + } - (void) printf("OUTPUT:\n%s\n", ascii); + (void)printf("OUTPUT:\n%s\n", ascii); - } else { - printFailure("Unable to create CRL"); - goto cleanup; - } + } else { + printFailure("Unable to create CRL"); + goto cleanup; + } cleanup: - if (crl){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(crl), plContext); - } + if (crl) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(crl), plContext); + } - if (string){ - PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext); - } + if (string) { + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext); + } - if (ascii){ - PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext); - } + if (ascii) { + PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext); + } - PKIX_Shutdown(plContext); + PKIX_Shutdown(plContext); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - endTests("DUMPCRL"); + endTests("DUMPCRL"); - return (0); + return (0); } diff --git a/nss/cmd/libpkix/sample_apps/validate_chain.c b/nss/cmd/libpkix/sample_apps/validate_chain.c index 56343a6..1ccf364 100644 --- a/nss/cmd/libpkix/sample_apps/validate_chain.c +++ b/nss/cmd/libpkix/sample_apps/validate_chain.c @@ -34,201 +34,187 @@ static void *plContext = NULL; -static -void printUsage(void){ - (void) printf("\nUSAGE:\tvalidateChain <trustedCert> " - "<cert_1> <cert_2> ... <cert_n>\n"); - (void) printf("\tValidates a chain of n certificates " - "using the given trust anchor.\n"); - +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\tvalidateChain <trustedCert> " + "<cert_1> <cert_2> ... <cert_n>\n"); + (void)printf("\tValidates a chain of n certificates " + "using the given trust anchor.\n"); } static PKIX_PL_Cert * createCert(char *inFileName) { - PKIX_PL_ByteArray *byteArray = NULL; - void *buf = NULL; - PRFileDesc *inFile = NULL; - PKIX_UInt32 len; - SECItem certDER; - SECStatus rv; - /* default: NULL cert (failure case) */ - PKIX_PL_Cert *cert = NULL; + PKIX_PL_ByteArray *byteArray = NULL; + void *buf = NULL; + PRFileDesc *inFile = NULL; + PKIX_UInt32 len; + SECItem certDER; + SECStatus rv; + /* default: NULL cert (failure case) */ + PKIX_PL_Cert *cert = NULL; + + PKIX_TEST_STD_VARS(); + + certDER.data = NULL; - PKIX_TEST_STD_VARS(); + inFile = PR_Open(inFileName, PR_RDONLY, 0); - certDER.data = NULL; + if (!inFile) { + pkixTestErrorMsg = "Unable to open cert file"; + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)certDER.data; + len = certDER.len; - inFile = PR_Open(inFileName, PR_RDONLY, 0); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext)); - if (!inFile){ - pkixTestErrorMsg = "Unable to open cert file"; - goto cleanup; + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext)); + + SECITEM_FreeItem(&certDER, PR_FALSE); } else { - rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE, PR_FALSE); - if (!rv){ - buf = (void *)certDER.data; - len = certDER.len; - - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_ByteArray_Create - (buf, len, &byteArray, plContext)); - - PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create - (byteArray, &cert, plContext)); - - SECITEM_FreeItem(&certDER, PR_FALSE); - } else { - pkixTestErrorMsg = "Unable to read DER from cert file"; - goto cleanup; - } + pkixTestErrorMsg = "Unable to read DER from cert file"; + goto cleanup; } + } cleanup: - if (inFile){ - PR_Close(inFile); - } + if (inFile) { + PR_Close(inFile); + } - if (PKIX_TEST_ERROR_RECEIVED){ - SECITEM_FreeItem(&certDER, PR_FALSE); - } + if (PKIX_TEST_ERROR_RECEIVED) { + SECITEM_FreeItem(&certDER, PR_FALSE); + } - PKIX_TEST_DECREF_AC(byteArray); + PKIX_TEST_DECREF_AC(byteArray); - PKIX_TEST_RETURN(); + PKIX_TEST_RETURN(); - return (cert); + return (cert); } -int validate_chain(int argc, char *argv[]) +int +validate_chain(int argc, char *argv[]) { - PKIX_TrustAnchor *anchor = NULL; - PKIX_List *anchors = NULL; - PKIX_List *certs = NULL; - PKIX_ProcessingParams *procParams = NULL; - PKIX_ValidateParams *valParams = NULL; - PKIX_ValidateResult *valResult = NULL; - PKIX_PL_X500Name *subject = NULL; - PKIX_ComCertSelParams *certSelParams = NULL; - PKIX_CertSelector *certSelector = NULL; - PKIX_VerifyNode *verifyTree = NULL; - PKIX_PL_String *verifyString = NULL; - - char *trustedCertFile = NULL; - char *chainCertFile = NULL; - PKIX_PL_Cert *trustedCert = NULL; - PKIX_PL_Cert *chainCert = NULL; - PKIX_UInt32 chainLength = 0; - PKIX_UInt32 i = 0; - PKIX_UInt32 j = 0; - PKIX_UInt32 actualMinorVersion; - - PKIX_TEST_STD_VARS(); - - if (argc < 3){ - printUsage(); - return (0); - } + PKIX_TrustAnchor *anchor = NULL; + PKIX_List *anchors = NULL; + PKIX_List *certs = NULL; + PKIX_ProcessingParams *procParams = NULL; + PKIX_ValidateParams *valParams = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_PL_X500Name *subject = NULL; + PKIX_ComCertSelParams *certSelParams = NULL; + PKIX_CertSelector *certSelector = NULL; + PKIX_VerifyNode *verifyTree = NULL; + PKIX_PL_String *verifyString = NULL; + + char *trustedCertFile = NULL; + char *chainCertFile = NULL; + PKIX_PL_Cert *trustedCert = NULL; + PKIX_PL_Cert *chainCert = NULL; + PKIX_UInt32 chainLength = 0; + PKIX_UInt32 i = 0; + PKIX_UInt32 j = 0; + PKIX_UInt32 actualMinorVersion; + + PKIX_TEST_STD_VARS(); + + if (argc < 3) { + printUsage(); + return (0); + } - PKIX_TEST_EXPECT_NO_ERROR( - PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); - chainLength = (argc - j) - 2; + chainLength = (argc - j) - 2; - /* create processing params with list of trust anchors */ - trustedCertFile = argv[1+j]; - trustedCert = createCert(trustedCertFile); + /* create processing params with list of trust anchors */ + trustedCertFile = argv[1 + j]; + trustedCert = createCert(trustedCertFile); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_PL_Cert_GetSubject(trustedCert, &subject, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(trustedCert, &subject, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ComCertSelParams_Create(&certSelParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&certSelParams, plContext)); #if 0 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject (certSelParams, subject, plContext)); #endif - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_CertSelector_Create - (NULL, NULL, &certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams - (certSelector, certSelParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext)); - PKIX_TEST_DECREF_BC(subject); - PKIX_TEST_DECREF_BC(certSelParams); + PKIX_TEST_DECREF_BC(subject); + PKIX_TEST_DECREF_BC(certSelParams); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert - (trustedCert, &anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(trustedCert, &anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_List_AppendItem - (anchors, (PKIX_PL_Object *)anchor, plContext)); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create - (anchors, &procParams, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchors, &procParams, plContext)); - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ProcessingParams_SetTargetCertConstraints - (procParams, certSelector, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext)); - PKIX_TEST_DECREF_BC(certSelector); + PKIX_TEST_DECREF_BC(certSelector); - /* create cert chain */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certs, plContext)); - for (i = 0; i < chainLength; i++){ - chainCertFile = argv[(i + j) + 2]; - chainCert = createCert(chainCertFile); + /* create cert chain */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certs, plContext)); + for (i = 0; i < chainLength; i++) { + chainCertFile = argv[(i + j) + 2]; + chainCert = createCert(chainCertFile); - PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem - (certs, - (PKIX_PL_Object *)chainCert, - plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certs, + (PKIX_PL_Object *)chainCert, + plContext)); - PKIX_TEST_DECREF_BC(chainCert); - chainCert = NULL; - } - /* create validate params with processing params and cert chain */ - PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create - (procParams, certs, &valParams, plContext)); + PKIX_TEST_DECREF_BC(chainCert); + chainCert = NULL; + } + /* create validate params with processing params and cert chain */ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create(procParams, certs, &valParams, plContext)); - PKIX_TEST_DECREF_BC(trustedCert); trustedCert = NULL; - PKIX_TEST_DECREF_BC(anchor); anchor = NULL; - PKIX_TEST_DECREF_BC(anchors); anchors = NULL; - PKIX_TEST_DECREF_BC(certs); certs = NULL; - PKIX_TEST_DECREF_BC(procParams); procParams = NULL; + PKIX_TEST_DECREF_BC(trustedCert); + trustedCert = NULL; + PKIX_TEST_DECREF_BC(anchor); + anchor = NULL; + PKIX_TEST_DECREF_BC(anchors); + anchors = NULL; + PKIX_TEST_DECREF_BC(certs); + certs = NULL; + PKIX_TEST_DECREF_BC(procParams); + procParams = NULL; - /* validate cert chain using processing params and return valResult */ + /* validate cert chain using processing params and return valResult */ - PKIX_TEST_EXPECT_NO_ERROR - (PKIX_ValidateChain(valParams, &valResult, &verifyTree, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain(valParams, &valResult, &verifyTree, plContext)); - if (valResult != NULL){ - (void) printf("SUCCESSFULLY VALIDATED\n"); - } + if (valResult != NULL) { + (void)printf("SUCCESSFULLY VALIDATED\n"); + } cleanup: - if (PKIX_TEST_ERROR_RECEIVED){ - (void) printf("FAILED TO VALIDATE\n"); - (void) PKIX_PL_Object_ToString - ((PKIX_PL_Object*)verifyTree, &verifyString, plContext); - (void) printf("verifyTree is\n%s\n", verifyString->escAsciiString); - PKIX_TEST_DECREF_AC(verifyString); + if (PKIX_TEST_ERROR_RECEIVED) { + (void)printf("FAILED TO VALIDATE\n"); + (void)PKIX_PL_Object_ToString((PKIX_PL_Object *)verifyTree, &verifyString, plContext); + (void)printf("verifyTree is\n%s\n", verifyString->escAsciiString); + PKIX_TEST_DECREF_AC(verifyString); + } - } + PKIX_TEST_DECREF_AC(verifyTree); + PKIX_TEST_DECREF_AC(valResult); + PKIX_TEST_DECREF_AC(valParams); - PKIX_TEST_DECREF_AC(verifyTree); - PKIX_TEST_DECREF_AC(valResult); - PKIX_TEST_DECREF_AC(valParams); + PKIX_TEST_RETURN(); - PKIX_TEST_RETURN(); - - PKIX_Shutdown(plContext); - - return (0); + PKIX_Shutdown(plContext); + return (0); } |