summaryrefslogtreecommitdiff
path: root/mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c
diff options
context:
space:
mode:
Diffstat (limited to 'mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c')
-rw-r--r--mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c402
1 files changed, 402 insertions, 0 deletions
diff --git a/mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c b/mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c
new file mode 100644
index 0000000..5dd5ca0
--- /dev/null
+++ b/mozilla/security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c
@@ -0,0 +1,402 @@
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is the PKIX-C library.
+ *
+ * The Initial Developer of the Original Code is
+ * Sun Microsystems, Inc.
+ * Portions created by the Initial Developer are
+ * Copyright 2004-2007 Sun Microsystems, Inc. All Rights Reserved.
+ *
+ * Contributor(s):
+ * Sun Microsystems, Inc.
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+/*
+ * test_validatechain_NB.c
+ *
+ * Test ValidateChain (nonblocking I/O) function
+ *
+ */
+
+#include "testutil.h"
+#include "testutil_nss.h"
+
+static void *plContext = NULL;
+
+static
+void printUsage(void){
+ (void) printf("\nUSAGE:\ntest_validateChain_NB TestName [ENE|EE] "
+ "<certStoreDirectory> <trustedCert> <targetCert>\n\n");
+ (void) printf
+ ("Validates a chain of certificates between "
+ "<trustedCert> and <targetCert>\n"
+ "using the certs and CRLs in <certStoreDirectory>. "
+ "If ENE is specified,\n"
+ "then an Error is Not Expected. "
+ "If EE is specified, an Error is Expected.\n");
+}
+
+static
+char *createFullPathName(
+ char *dirName,
+ char *certFile,
+ void *plContext)
+{
+ PKIX_UInt32 certFileLen;
+ PKIX_UInt32 dirNameLen;
+ char *certPathName = NULL;
+
+ PKIX_TEST_STD_VARS();
+
+ certFileLen = PL_strlen(certFile);
+ dirNameLen = PL_strlen(dirName);
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
+ (dirNameLen + certFileLen + 2,
+ (void **)&certPathName,
+ plContext));
+
+ PL_strcpy(certPathName, dirName);
+ PL_strcat(certPathName, "/");
+ PL_strcat(certPathName, certFile);
+ printf("certPathName = %s\n", certPathName);
+
+cleanup:
+
+ PKIX_TEST_RETURN();
+
+ return (certPathName);
+}
+
+static PKIX_Error *
+testSetupCertStore(PKIX_ValidateParams *valParams, char *ldapName)
+{
+ PKIX_PL_String *dirString = NULL;
+ PKIX_CertStore *certStore = NULL;
+ PKIX_ProcessingParams *procParams = NULL;
+ PKIX_PL_LdapDefaultClient *ldapClient = NULL;
+
+ PKIX_TEST_STD_VARS();
+
+ subTest("PKIX_PL_CollectionCertStoreContext_Create");
+
+ /* Create LDAPCertStore */
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName
+ (ldapName,
+ 0, /* timeout */
+ NULL, /* bindPtr */
+ &ldapClient,
+ plContext));
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create
+ ((PKIX_PL_LdapClient *)ldapClient,
+ &certStore,
+ plContext));
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
+ (valParams, &procParams, plContext));
+
+ subTest("PKIX_ProcessingParams_AddCertStore");
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
+ (procParams, certStore, plContext));
+
+ subTest("PKIX_ProcessingParams_SetRevocationEnabled");
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
+ (procParams, PKIX_TRUE, plContext));
+
+cleanup:
+
+ PKIX_TEST_DECREF_AC(dirString);
+ PKIX_TEST_DECREF_AC(procParams);
+ PKIX_TEST_DECREF_AC(certStore);
+ PKIX_TEST_DECREF_AC(ldapClient);
+
+ PKIX_TEST_RETURN();
+
+ return (0);
+}
+
+static char *levels[] = {
+ "None", "Fatal Error", "Error", "Warning", "Debug", "Trace"
+};
+
+static PKIX_Error *loggerCallback(
+ PKIX_Logger *logger,
+ PKIX_PL_String *message,
+ PKIX_UInt32 logLevel,
+ PKIX_ERRORCLASS logComponent,
+ void *plContext)
+{
+#define resultSize 150
+ char *msg = NULL;
+ char result[resultSize];
+
+ PKIX_TEST_STD_VARS();
+
+ msg = PKIX_String2ASCII(message, plContext);
+ PR_snprintf(result, resultSize,
+ "Logging %s (%s): %s",
+ levels[logLevel],
+ PKIX_ERRORCLASSNAMES[logComponent],
+ msg);
+ subTest(result);
+
+cleanup:
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext));
+ PKIX_TEST_RETURN();
+}
+
+static
+void testLogErrors(
+ PKIX_ERRORCLASS module,
+ PKIX_UInt32 loggingLevel,
+ PKIX_List *loggers,
+ void *plContext)
+{
+ PKIX_Logger *logger = NULL;
+ PKIX_PL_String *component = NULL;
+
+ PKIX_TEST_STD_VARS();
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_Create
+ (loggerCallback, NULL, &logger, plContext));
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent
+ (logger, module, plContext));
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel
+ (logger, loggingLevel, plContext));
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
+ (loggers, (PKIX_PL_Object *) logger, plContext));
+
+cleanup:
+ PKIX_TEST_DECREF_AC(logger);
+ PKIX_TEST_DECREF_AC(component);
+
+ PKIX_TEST_RETURN();
+}
+
+int test_validatechain_NB(int argc, char *argv[]){
+
+ PKIX_ValidateParams *valParams = NULL;
+ PKIX_ValidateResult *valResult = NULL;
+ PKIX_UInt32 actualMinorVersion;
+ PKIX_UInt32 j = 0;
+ PKIX_UInt32 k = 0;
+ PKIX_UInt32 chainLength = 0;
+ PKIX_Boolean testValid = PKIX_TRUE;
+ PKIX_List *chainCerts = NULL;
+ PKIX_PL_Cert *dirCert = NULL;
+ char *dirCertName = NULL;
+ char *anchorCertName = NULL;
+ char *dirName = NULL;
+ PKIX_UInt32 certIndex = 0;
+ PKIX_UInt32 anchorIndex = 0;
+ PKIX_UInt32 checkerIndex = 0;
+ PKIX_Boolean revChecking = PKIX_FALSE;
+ PKIX_List *checkers = NULL;
+ PRPollDesc *pollDesc = NULL;
+ PRErrorCode errorCode = 0;
+ PKIX_PL_Socket *socket = NULL;
+ char *ldapName = NULL;
+ PKIX_VerifyNode *verifyTree = NULL;
+ PKIX_PL_String *verifyString = NULL;
+
+ PKIX_List *loggers = NULL;
+ PKIX_Logger *logger = NULL;
+ char *logging = NULL;
+ PKIX_PL_String *component = NULL;
+
+ PKIX_TEST_STD_VARS();
+
+ if (argc < 5) {
+ printUsage();
+ return (0);
+ }
+
+ startTests("ValidateChain_NB");
+
+ PKIX_TEST_EXPECT_NO_ERROR(
+ PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
+
+ /* ENE = expect no error; EE = expect error */
+ if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
+ testValid = PKIX_TRUE;
+ } else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
+ testValid = PKIX_FALSE;
+ } else {
+ printUsage();
+ return (0);
+ }
+
+ subTest(argv[1+j]);
+
+ dirName = argv[3+j];
+
+ chainLength = argc - j - 5;
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext));
+
+ for (k = 0; k < chainLength; k++){
+
+ dirCert = createCert(dirName, argv[5+k+j], plContext);
+
+ PKIX_TEST_EXPECT_NO_ERROR
+ (PKIX_List_AppendItem
+ (chainCerts, (PKIX_PL_Object *)dirCert, plContext));
+
+ PKIX_TEST_DECREF_BC(dirCert);
+ }
+
+ valParams = createValidateParams
+ (dirName,
+ argv[4+j],
+ NULL,
+ NULL,
+ NULL,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ PKIX_FALSE,
+ chainCerts,
+ plContext);
+
+ ldapName = PR_GetEnv("LDAP");
+ /* Is LDAP set in the environment? */
+ if ((ldapName == NULL) || (*ldapName == '\0')) {
+ testError("LDAP not set in environment");
+ goto cleanup;
+ }
+
+ pkixTestErrorResult = pkix_pl_Socket_CreateByName
+ (PKIX_FALSE, /* isServer */
+ PR_SecondsToInterval(30), /* try 30 secs for connect */
+ ldapName,
+ &errorCode,
+ &socket,
+ plContext);
+
+ if (pkixTestErrorResult != NULL) {
+ PKIX_PL_Object_DecRef
+ ((PKIX_PL_Object *)pkixTestErrorResult, plContext);
+ pkixTestErrorResult = NULL;
+ testError("Unable to connect to LDAP Server");
+ goto cleanup;
+ }
+
+ PKIX_TEST_DECREF_BC(socket);
+
+ testSetupCertStore(valParams, ldapName);
+
+ logging = PR_GetEnv("LOGGING");
+ /* Is LOGGING set in the environment? */
+ if ((logging != NULL) && (*logging != '\0')) {
+
+ PKIX_TEST_EXPECT_NO_ERROR
+ (PKIX_List_Create(&loggers, plContext));
+
+ testLogErrors
+ (PKIX_VALIDATE_ERROR, 2, loggers, plContext);
+ testLogErrors
+ (PKIX_CERTCHAINCHECKER_ERROR, 2, loggers, plContext);
+ testLogErrors
+ (PKIX_LDAPDEFAULTCLIENT_ERROR, 2, loggers, plContext);
+ testLogErrors
+ (PKIX_CERTSTORE_ERROR, 2, loggers, plContext);
+
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggers, plContext));
+
+ }
+
+ pkixTestErrorResult = PKIX_ValidateChain_NB
+ (valParams,
+ &certIndex,
+ &anchorIndex,
+ &checkerIndex,
+ &revChecking,
+ &checkers,
+ (void **)&pollDesc,
+ &valResult,
+ &verifyTree,
+ plContext);
+
+ while (pollDesc != NULL) {
+
+ if (PR_Poll(pollDesc, 1, 0) < 0) {
+ testError("PR_Poll failed");
+ }
+
+ pkixTestErrorResult = PKIX_ValidateChain_NB
+ (valParams,
+ &certIndex,
+ &anchorIndex,
+ &checkerIndex,
+ &revChecking,
+ &checkers,
+ (void **)&pollDesc,
+ &valResult,
+ &verifyTree,
+ plContext);
+ }
+
+ if (pkixTestErrorResult) {
+ if (testValid == PKIX_FALSE) { /* EE */
+ (void) printf("EXPECTED ERROR RECEIVED!\n");
+ } else { /* ENE */
+ testError("UNEXPECTED ERROR RECEIVED");
+ }
+ PKIX_TEST_DECREF_BC(pkixTestErrorResult);
+ } else {
+
+ if (testValid == PKIX_TRUE) { /* ENE */
+ (void) printf("EXPECTED NON-ERROR RECEIVED!\n");
+ } else { /* EE */
+ (void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
+ }
+ }
+
+cleanup:
+
+ if (verifyTree) {
+ PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
+ ((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
+ (void) printf("verifyTree is\n%s\n",
+ verifyString->escAsciiString);
+ }
+
+ PKIX_TEST_DECREF_AC(verifyString);
+ PKIX_TEST_DECREF_AC(verifyTree);
+ PKIX_TEST_DECREF_AC(checkers);
+ PKIX_TEST_DECREF_AC(chainCerts);
+ PKIX_TEST_DECREF_AC(valParams);
+ PKIX_TEST_DECREF_AC(valResult);
+
+ PKIX_Shutdown(plContext);
+
+ PKIX_TEST_RETURN();
+
+ endTests("ValidateChain_NB");
+
+ return (0);
+}
View Lorry Controller Status