search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Import from 1.9a8 tarball
[mozilla-nss.git] / security / nss / cmd / libpkix / pkix / certsel / test_comcertselparams.c
blobfa62525ddf43e4970ad861b0bb136a322f94abd5
1 /* ***** BEGIN LICENSE BLOCK *****
2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
3 *
4 * The contents of this file are subject to the Mozilla Public License Version
5 * 1.1 (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 * http://www.mozilla.org/MPL/
8 *
9 * Software distributed under the License is distributed on an "AS IS" basis,
10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
11 * for the specific language governing rights and limitations under the
12 * License.
13 *
14 * The Original Code is the Netscape security libraries.
15 *
16 * The Initial Developer of the Original Code is
17 * Netscape Communications Corporation.
18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
19 * the Initial Developer. All Rights Reserved.
20 *
21 * Contributor(s):
22 * Sun Microsystems
23 *
24 * Alternatively, the contents of this file may be used under the terms of
25 * either the GNU General Public License Version 2 or later (the "GPL"), or
26 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
35 *
36 * ***** END LICENSE BLOCK ***** */
37 /*
38 * test_comcertselparams.c
39 *
40 * Test Common Cert Selector Params
41 *
42 */
43
44 #include "testutil.h"
45 #include "testutil_nss.h"
46
47 void *plContext = NULL;
48
49 void test_CreateOIDList(PKIX_List *certPolicyInfos, PKIX_List **pPolicyOIDs)
50 {
51 PKIX_UInt32 i = 0;
52 PKIX_UInt32 numInfos = 0;
53 PKIX_PL_CertPolicyInfo *certPolicyInfo = NULL;
54 PKIX_PL_OID *policyOID = NULL;
55 PKIX_List *certPolicies = NULL;
56
57 PKIX_TEST_STD_VARS();
58
59 /* Convert from List of CertPolicyInfos to List of OIDs */
60 if (certPolicyInfos) {
61 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
62 (certPolicyInfos, &numInfos, plContext));
63 }
64
65 if (numInfos > 0) {
66 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
67 (&certPolicies, plContext));
68 }
69 for (i = 0; i < numInfos; i++) {
70 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
71 (certPolicyInfos,
72 i,
73 (PKIX_PL_Object **)&certPolicyInfo,
74 plContext));
75 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
76 (certPolicyInfo, &policyOID, plContext));
77 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
78 (certPolicies, (PKIX_PL_Object *)policyOID, plContext));
79 PKIX_TEST_DECREF_BC(certPolicyInfo);
80 PKIX_TEST_DECREF_BC(policyOID);
81 }
82
83 *pPolicyOIDs = certPolicies;
84
85 cleanup:
86
87 PKIX_TEST_DECREF_AC(certPolicyInfo);
88 PKIX_TEST_DECREF_AC(policyOID);
89
90 PKIX_TEST_RETURN();
91 }
92
93 void test_NameConstraints(char *dirName)
94 {
95 PKIX_PL_Cert *goodCert = NULL;
96 PKIX_PL_CertNameConstraints *getNameConstraints = NULL;
97 PKIX_PL_CertNameConstraints *setNameConstraints = NULL;
98 PKIX_ComCertSelParams *goodParams = NULL;
99 char *expectedAscii =
100 "[\n"
101 "\t\tPermitted Name: (OU=permittedSubtree1,"
102 "O=Test Certificates,C=US, OU=permittedSubtree2,"
103 "O=Test Certificates,C=US)\n"
104 "\t\tExcluded Name: (EMPTY)\n"
105 "\t]\n";
106
107 PKIX_TEST_STD_VARS();
108
109 subTest("Create Cert for NameConstraints test");
110
111 goodCert = createCert
112 (dirName, "nameConstraintsDN2CACert.crt", plContext);
113
114 subTest("PKIX_PL_Cert_GetNameConstraints");
115 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints
116 (goodCert, &setNameConstraints, plContext));
117
118 subTest("PKIX_ComCertSelParams_Create");
119 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
120 (&goodParams, plContext));
121
122 subTest("PKIX_ComCertSelParams_SetNameConstraints");
123 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetNameConstraints
124 (goodParams, setNameConstraints, plContext));
125
126 subTest("PKIX_ComCertSelParams_GetNameConstraints");
127 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetNameConstraints
128 (goodParams, &getNameConstraints, plContext));
129
130 subTest("Compare NameConstraints");
131 testEqualsHelper((PKIX_PL_Object *)setNameConstraints,
132 (PKIX_PL_Object *)getNameConstraints,
133 PKIX_TRUE,
134 plContext);
135
136 subTest("Compare NameConstraints with canned string");
137 testToStringHelper
138 ((PKIX_PL_Object *)getNameConstraints,
139 expectedAscii,
140 plContext);
141
142 cleanup:
143
144 PKIX_TEST_DECREF_AC(goodCert);
145 PKIX_TEST_DECREF_AC(getNameConstraints);
146 PKIX_TEST_DECREF_AC(setNameConstraints);
147 PKIX_TEST_DECREF_AC(goodParams);
148
149 PKIX_TEST_RETURN();
150 }
151
152 void test_PathToNames(void)
153 {
154 PKIX_ComCertSelParams *goodParams = NULL;
155 PKIX_List *setGenNames = NULL;
156 PKIX_List *getGenNames = NULL;
157 PKIX_PL_GeneralName *rfc822GenName = NULL;
158 PKIX_PL_GeneralName *dnsGenName = NULL;
159 PKIX_PL_GeneralName *dirGenName = NULL;
160 PKIX_PL_GeneralName *uriGenName = NULL;
161 PKIX_PL_GeneralName *oidGenName = NULL;
162 char *rfc822Name = "john.doe@labs.com";
163 char *dnsName = "comcast.net";
164 char *dirName = "cn=john, ou=labs, o=sun, c=us";
165 char *uriName = "http://comcast.net";
166 char *oidName = "1.2.840.11";
167 char *expectedAscii =
168 "(john.doe@labs.com, "
169 "comcast.net, "
170 "CN=john,OU=labs,O=sun,C=us, "
171 "http://comcast.net)";
172 char *expectedAsciiAll =
173 "(john.doe@labs.com, "
174 "comcast.net, "
175 "CN=john,OU=labs,O=sun,C=us, "
176 "http://comcast.net, "
177 "1.2.840.11)";
178
179 PKIX_TEST_STD_VARS();
180
181 subTest("PKIX_PL_GeneralName_Create");
182 dnsGenName = createGeneralName(PKIX_DNS_NAME, dnsName, plContext);
183 uriGenName = createGeneralName(PKIX_URI_NAME, uriName, plContext);
184 oidGenName = createGeneralName(PKIX_OID_NAME, oidName, plContext);
185 dirGenName = createGeneralName(PKIX_DIRECTORY_NAME, dirName, plContext);
186 rfc822GenName = createGeneralName
187 (PKIX_RFC822_NAME,
188 rfc822Name,
189 plContext);
190
191 subTest("PKIX_PL_GeneralName List create and append");
192 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setGenNames, plContext));
193
194 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
195 (setGenNames, (PKIX_PL_Object *)rfc822GenName, plContext));
196
197 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
198 (setGenNames, (PKIX_PL_Object *)dnsGenName, plContext));
199
200 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
201 (setGenNames, (PKIX_PL_Object *)dirGenName, plContext));
202
203 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
204 (setGenNames, (PKIX_PL_Object *)uriGenName, plContext));
205
206 subTest("PKIX_ComCertSelParams_Create");
207 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
208 (&goodParams, plContext));
209
210 subTest("PKIX_ComCertSelParams_SetPathToNames");
211 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPathToNames
212 (goodParams, setGenNames, plContext));
213
214 subTest("PKIX_ComCertSelParams_GetPathToNames");
215 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPathToNames
216 (goodParams, &getGenNames, plContext));
217
218 subTest("Compare GeneralName List");
219 testEqualsHelper((PKIX_PL_Object *)setGenNames,
220 (PKIX_PL_Object *)getGenNames,
221 PKIX_TRUE,
222 plContext);
223
224 subTest("Compare GeneralName List with canned string");
225 testToStringHelper
226 ((PKIX_PL_Object *)getGenNames,
227 expectedAscii,
228 plContext);
229
230 subTest("PKIX_ComCertSelParams_AddPathToName");
231 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddPathToName
232 (goodParams, oidGenName, plContext));
233
234 PKIX_TEST_DECREF_BC(getGenNames);
235
236 subTest("PKIX_ComCertSelParams_GetPathToNames");
237 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPathToNames
238 (goodParams, &getGenNames, plContext));
239
240 subTest("Compare GeneralName List with canned string");
241 testToStringHelper
242 ((PKIX_PL_Object *)getGenNames,
243 expectedAsciiAll,
244 plContext);
245
246 cleanup:
247
248 PKIX_TEST_DECREF_AC(goodParams);
249 PKIX_TEST_DECREF_AC(setGenNames);
250 PKIX_TEST_DECREF_AC(getGenNames);
251 PKIX_TEST_DECREF_AC(rfc822GenName);
252 PKIX_TEST_DECREF_AC(dnsGenName);
253 PKIX_TEST_DECREF_AC(dirGenName);
254 PKIX_TEST_DECREF_AC(uriGenName);
255 PKIX_TEST_DECREF_AC(oidGenName);
256
257 PKIX_TEST_RETURN();
258 }
259
260 void test_SubjAltNames(void)
261 {
262 PKIX_ComCertSelParams *goodParams = NULL;
263 PKIX_List *setGenNames = NULL;
264 PKIX_List *getGenNames = NULL;
265 PKIX_PL_GeneralName *rfc822GenName = NULL;
266 PKIX_PL_GeneralName *dnsGenName = NULL;
267 PKIX_PL_GeneralName *dirGenName = NULL;
268 PKIX_PL_GeneralName *uriGenName = NULL;
269 PKIX_PL_GeneralName *oidGenName = NULL;
270 PKIX_Boolean matchAll = PKIX_TRUE;
271 char *rfc822Name = "john.doe@labs.com";
272 char *dnsName = "comcast.net";
273 char *dirName = "cn=john, ou=labs, o=sun, c=us";
274 char *uriName = "http://comcast.net";
275 char *oidName = "1.2.840.11";
276 char *expectedAscii =
277 "(john.doe@labs.com, "
278 "comcast.net, "
279 "CN=john,OU=labs,O=sun,C=us, "
280 "http://comcast.net)";
281 char *expectedAsciiAll =
282 "(john.doe@labs.com, "
283 "comcast.net, "
284 "CN=john,OU=labs,O=sun,C=us, "
285 "http://comcast.net, "
286 "1.2.840.11)";
287
288 PKIX_TEST_STD_VARS();
289
290 subTest("PKIX_PL_GeneralName_Create");
291 dnsGenName = createGeneralName(PKIX_DNS_NAME, dnsName, plContext);
292 uriGenName = createGeneralName(PKIX_URI_NAME, uriName, plContext);
293 oidGenName = createGeneralName(PKIX_OID_NAME, oidName, plContext);
294 dirGenName = createGeneralName(PKIX_DIRECTORY_NAME, dirName, plContext);
295 rfc822GenName = createGeneralName
296 (PKIX_RFC822_NAME,
297 rfc822Name,
298 plContext);
299
300 subTest("PKIX_PL_GeneralName List create and append");
301 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setGenNames, plContext));
302
303 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
304 (setGenNames, (PKIX_PL_Object *)rfc822GenName, plContext));
305
306 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
307 (setGenNames, (PKIX_PL_Object *)dnsGenName, plContext));
308
309 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
310 (setGenNames, (PKIX_PL_Object *)dirGenName, plContext));
311
312 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
313 (setGenNames, (PKIX_PL_Object *)uriGenName, plContext));
314
315 subTest("PKIX_ComCertSelParams_Create");
316 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
317 (&goodParams, plContext));
318
319 subTest("PKIX_ComCertSelParams_SetSubjAltNames");
320 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjAltNames
321 (goodParams, setGenNames, plContext));
322
323 subTest("PKIX_ComCertSelParams_GetSubjAltNames");
324 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjAltNames
325 (goodParams, &getGenNames, plContext));
326
327 subTest("Compare GeneralName List");
328 testEqualsHelper((PKIX_PL_Object *)setGenNames,
329 (PKIX_PL_Object *)getGenNames,
330 PKIX_TRUE,
331 plContext);
332
333 subTest("Compare GeneralName List with canned string");
334 testToStringHelper
335 ((PKIX_PL_Object *)getGenNames,
336 expectedAscii,
337 plContext);
338
339
340 subTest("PKIX_ComCertSelParams_AddSubjAltName");
341 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddSubjAltName
342 (goodParams, oidGenName, plContext));
343
344 PKIX_TEST_DECREF_BC(getGenNames);
345
346 subTest("PKIX_ComCertSelParams_GetSubjAltNames");
347 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjAltNames
348 (goodParams, &getGenNames, plContext));
349
350 subTest("Compare GeneralName List with canned string");
351 testToStringHelper
352 ((PKIX_PL_Object *)getGenNames,
353 expectedAsciiAll,
354 plContext);
355
356 subTest("PKIX_ComCertSelParams_GetMatchAllSubjAltNames");
357 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
358 (goodParams, &matchAll, plContext));
359 if (matchAll != PKIX_TRUE) {
360 testError("unexpected mismatch <expect TRUE>");
361 }
362
363 subTest("PKIX_ComCertSelParams_SetMatchAllSubjAltNames");
364 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetMatchAllSubjAltNames
365 (goodParams, PKIX_FALSE, plContext));
366 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
367 (goodParams, &matchAll, plContext));
368 if (matchAll != PKIX_FALSE) {
369 testError("unexpected mismatch <expect FALSE>");
370 }
371
372 cleanup:
373
374 PKIX_TEST_DECREF_AC(goodParams);
375 PKIX_TEST_DECREF_AC(setGenNames);
376 PKIX_TEST_DECREF_AC(getGenNames);
377 PKIX_TEST_DECREF_AC(rfc822GenName);
378 PKIX_TEST_DECREF_AC(dnsGenName);
379 PKIX_TEST_DECREF_AC(dirGenName);
380 PKIX_TEST_DECREF_AC(uriGenName);
381 PKIX_TEST_DECREF_AC(oidGenName);
382
383 PKIX_TEST_RETURN();
384 }
385
386 void test_KeyUsages(void)
387 {
388 PKIX_ComCertSelParams *goodParams = NULL;
389 PKIX_PL_OID *ekuOid = NULL;
390 PKIX_List *setExtKeyUsage = NULL;
391 PKIX_List *getExtKeyUsage = NULL;
392 PKIX_UInt32 getKeyUsage = 0;
393 PKIX_UInt32 setKeyUsage = 0x1FF;
394 PKIX_Boolean isEqual = PKIX_FALSE;
395
396 PKIX_TEST_STD_VARS();
397
398 subTest("PKIX_ComCertSelParams_Create");
399 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
400 (&goodParams, plContext));
401
402 subTest("PKIX_ComCertSelParams_SetKeyUsage");
403 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetKeyUsage
404 (goodParams, setKeyUsage, plContext));
405
406 subTest("PKIX_ComCertSelParams_GetKeyUsage");
407 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetKeyUsage
408 (goodParams, &getKeyUsage, plContext));
409
410 if (setKeyUsage != getKeyUsage) {
411 testError("unexpected KeyUsage mismatch <expect equal>");
412 }
413
414 subTest("PKIX_PL_OID List create and append");
415 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setExtKeyUsage, plContext));
416 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
417 ("1.3.6.1.5.5.7.3.1", &ekuOid, plContext));
418 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
419 (setExtKeyUsage, (PKIX_PL_Object *)ekuOid, plContext));
420 PKIX_TEST_DECREF_BC(ekuOid);
421
422 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
423 ("1.3.6.1.5.5.7.3.8", &ekuOid, plContext));
424 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
425 (setExtKeyUsage, (PKIX_PL_Object *)ekuOid, plContext));
426 PKIX_TEST_DECREF_BC(ekuOid);
427
428 subTest("PKIX_ComCertSelParams_SetExtendedKeyUsage");
429 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetExtendedKeyUsage
430 (goodParams, setExtKeyUsage, plContext));
431
432 subTest("PKIX_ComCertSelParams_GetExtendedKeyUsage");
433 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetExtendedKeyUsage
434 (goodParams, &getExtKeyUsage, plContext));
435
436 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
437 ((PKIX_PL_Object *)setExtKeyUsage,
438 (PKIX_PL_Object *)getExtKeyUsage,
439 &isEqual,
440 plContext));
441
442 if (isEqual == PKIX_FALSE) {
443 testError("unexpected ExtKeyUsage mismatch <expect equal>");
444 }
445
446 cleanup:
447
448 PKIX_TEST_DECREF_AC(ekuOid);
449 PKIX_TEST_DECREF_AC(setExtKeyUsage);
450 PKIX_TEST_DECREF_AC(getExtKeyUsage);
451 PKIX_TEST_DECREF_AC(goodParams);
452
453 PKIX_TEST_RETURN();
454 }
455
456 void test_Version_Issuer_SerialNumber(void)
457 {
458 PKIX_ComCertSelParams *goodParams = NULL;
459 PKIX_UInt32 version = 0;
460 PKIX_PL_X500Name *setIssuer = NULL;
461 PKIX_PL_X500Name *getIssuer = NULL;
462 PKIX_PL_String *str = NULL;
463 PKIX_PL_BigInt *setSerialNumber = NULL;
464 PKIX_PL_BigInt *getSerialNumber = NULL;
465 PKIX_Boolean isEqual = PKIX_FALSE;
466 char *bigInt = "999999999999999999";
467
468 PKIX_TEST_STD_VARS();
469
470 subTest("PKIX_ComCertSelParams_Create");
471 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
472 (&goodParams, plContext));
473
474 /* Version */
475 subTest("PKIX_ComCertSelParams_SetVersion");
476 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetVersion
477 (goodParams, 2, plContext));
478
479 subTest("PKIX_ComCertSelParams_GetVersion");
480 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetVersion
481 (goodParams, &version, plContext));
482
483 if (version != 2) {
484 testError("unexpected Version mismatch <expect 2>");
485 }
486
487 /* Issuer */
488 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
489 (PKIX_ESCASCII, "CN=Test,O=Sun,C=US", 0, &str, plContext));
490
491 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create
492 (str, &setIssuer, plContext));
493
494 PKIX_TEST_DECREF_BC(str);
495
496 subTest("PKIX_ComCertSelParams_SetIssuer");
497 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetIssuer
498 (goodParams, setIssuer, plContext));
499
500 subTest("PKIX_ComCertSelParams_GetIssuer");
501 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetIssuer
502 (goodParams, &getIssuer, plContext));
503
504 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
505 ((PKIX_PL_Object *)setIssuer,
506 (PKIX_PL_Object *)getIssuer,
507 &isEqual,
508 plContext));
509
510 if (isEqual == PKIX_FALSE) {
511 testError("unexpected Issuer mismatch <expect equal>");
512 }
513
514 /* Serial Number */
515 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
516 (PKIX_ESCASCII, bigInt, PL_strlen(bigInt), &str, plContext));
517
518 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create
519 (str, &setSerialNumber, plContext));
520
521 subTest("PKIX_ComCertSelParams_SetSerialNumber");
522 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSerialNumber
523 (goodParams, setSerialNumber, plContext));
524
525 subTest("PKIX_ComCertSelParams_GetSerialNumber");
526 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSerialNumber
527 (goodParams, &getSerialNumber, plContext));
528
529 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
530 ((PKIX_PL_Object *)setSerialNumber,
531 (PKIX_PL_Object *)getSerialNumber,
532 &isEqual,
533 plContext));
534
535 if (isEqual == PKIX_FALSE) {
536 testError("unexpected Serial Number mismatch <expect equal>");
537 }
538
539 cleanup:
540
541 PKIX_TEST_DECREF_AC(str);
542 PKIX_TEST_DECREF_AC(setIssuer);
543 PKIX_TEST_DECREF_AC(getIssuer);
544 PKIX_TEST_DECREF_AC(setSerialNumber);
545 PKIX_TEST_DECREF_AC(getSerialNumber);
546 PKIX_TEST_DECREF_AC(goodParams);
547
548 PKIX_TEST_RETURN();
549 }
550
551 void test_SubjKeyId_AuthKeyId(void)
552 {
553 PKIX_ComCertSelParams *goodParams = NULL;
554 PKIX_PL_ByteArray *setKeyId = NULL;
555 PKIX_PL_ByteArray *getKeyId = NULL;
556 PKIX_Boolean isEqual = PKIX_FALSE;
557
558 PKIX_TEST_STD_VARS();
559
560 /* Subject Key Identifier */
561 subTest("PKIX_PL_ByteArray_Create");
562 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
563 ((void*)"66099", 1, &setKeyId, plContext));
564
565 subTest("PKIX_ComCertSelParams_Create");
566 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
567 (&goodParams, plContext));
568
569 subTest("PKIX_ComCertSelParams_SetSubjectKeyIdentifier");
570 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjKeyIdentifier
571 (goodParams, setKeyId, plContext));
572
573 subTest("PKIX_ComCertSelParams_GetSubjectKeyIdentifier");
574 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjKeyIdentifier
575 (goodParams, &getKeyId, plContext));
576
577 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
578 ((PKIX_PL_Object *)setKeyId,
579 (PKIX_PL_Object *)getKeyId,
580 &isEqual,
581 plContext));
582
583 if (isEqual == PKIX_FALSE) {
584 testError("unexpected Subject Key Id mismatch <expect equal>");
585 }
586
587 PKIX_TEST_DECREF_BC(setKeyId);
588 PKIX_TEST_DECREF_BC(getKeyId);
589
590 /* Authority Key Identifier */
591 subTest("PKIX_PL_ByteArray_Create");
592 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
593 ((void*)"11022", 1, &setKeyId, plContext));
594
595 subTest("PKIX_ComCertSelParams_SetAuthorityKeyIdentifier");
596 PKIX_TEST_EXPECT_NO_ERROR
597 (PKIX_ComCertSelParams_SetAuthorityKeyIdentifier
598 (goodParams, setKeyId, plContext));
599
600 subTest("PKIX_ComCertSelParams_GetAuthorityKeyIdentifier");
601 PKIX_TEST_EXPECT_NO_ERROR
602 (PKIX_ComCertSelParams_GetAuthorityKeyIdentifier
603 (goodParams, &getKeyId, plContext));
604
605 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
606 ((PKIX_PL_Object *)setKeyId,
607 (PKIX_PL_Object *)getKeyId,
608 &isEqual,
609 plContext));
610
611 if (isEqual == PKIX_FALSE) {
612 testError("unexpected Auth Key Id mismatch <expect equal>");
613 }
614
615 cleanup:
616
617 PKIX_TEST_DECREF_AC(setKeyId);
618 PKIX_TEST_DECREF_AC(getKeyId);
619 PKIX_TEST_DECREF_AC(goodParams);
620
621 PKIX_TEST_RETURN();
622 }
623
624 void test_SubjAlgId_SubjPublicKey(char *dirName)
625 {
626 PKIX_ComCertSelParams *goodParams = NULL;
627 PKIX_PL_OID *setAlgId = NULL;
628 PKIX_PL_OID *getAlgId = NULL;
629 PKIX_PL_Cert *goodCert = NULL;
630 PKIX_PL_PublicKey *setPublicKey = NULL;
631 PKIX_PL_PublicKey *getPublicKey = NULL;
632 PKIX_Boolean isEqual = PKIX_FALSE;
633
634 PKIX_TEST_STD_VARS();
635
636 /* Subject Algorithm Identifier */
637 subTest("PKIX_PL_OID_Create");
638 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
639 ("1.1.2.3", &setAlgId, plContext));
640
641 subTest("PKIX_ComCertSelParams_Create");
642 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
643 (&goodParams, plContext));
644
645 subTest("PKIX_ComCertSelParams_SetSubjPKAlgId");
646 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjPKAlgId
647 (goodParams, setAlgId, plContext));
648
649 subTest("PKIX_ComCertSelParams_GetSubjPKAlgId");
650 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjPKAlgId
651 (goodParams, &getAlgId, plContext));
652
653 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
654 ((PKIX_PL_Object *)setAlgId,
655 (PKIX_PL_Object *)getAlgId,
656 &isEqual,
657 plContext));
658
659 if (isEqual == PKIX_FALSE) {
660 testError("unexpected Subject Public Key Alg mismatch "
661 "<expect equal>");
662 }
663
664 /* Subject Public Key */
665 subTest("Getting Cert for Subject Public Key");
666
667 goodCert = createCert
668 (dirName, "nameConstraintsDN2CACert.crt", plContext);
669
670 subTest("PKIX_PL_Cert_GetSubjectPublicKey");
671 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
672 (goodCert, &setPublicKey, plContext));
673
674 subTest("PKIX_ComCertSelParams_SetSubjPubKey");
675 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjPubKey
676 (goodParams, setPublicKey, plContext));
677
678 subTest("PKIX_ComCertSelParams_GetSubjPubKey");
679 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjPubKey
680 (goodParams, &getPublicKey, plContext));
681
682 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
683 ((PKIX_PL_Object *)setPublicKey,
684 (PKIX_PL_Object *)getPublicKey,
685 &isEqual,
686 plContext));
687
688 if (isEqual == PKIX_FALSE) {
689 testError("unexpected Subject Public Key mismatch "
690 "<expect equal>");
691 }
692
693 cleanup:
694
695 PKIX_TEST_DECREF_AC(setAlgId);
696 PKIX_TEST_DECREF_AC(getAlgId);
697 PKIX_TEST_DECREF_AC(goodParams);
698 PKIX_TEST_DECREF_AC(goodCert);
699 PKIX_TEST_DECREF_AC(setPublicKey);
700 PKIX_TEST_DECREF_AC(getPublicKey);
701
702 PKIX_TEST_RETURN();
703 }
704
705 void printUsage(void) {
706 (void) printf("\nUSAGE:\ttest_comcertselparams <NIST_FILES_DIR> \n\n");
707 }
708
709 int main(int argc, char *argv[]) {
710
711 PKIX_UInt32 actualMinorVersion;
712 PKIX_UInt32 j = 0;
713
714 PKIX_PL_Cert *testCert = NULL;
715 PKIX_PL_Cert *goodCert = NULL;
716 PKIX_PL_Cert *equalCert = NULL;
717 PKIX_PL_Cert *diffCert = NULL;
718 PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL;
719 PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL;
720 PKIX_List *testPolicyInfos = NULL; /* CertPolicyInfos */
721 PKIX_List *cert2PolicyInfos = NULL; /* CertPolicyInfos */
722
723 PKIX_ComCertSelParams *goodParams = NULL;
724 PKIX_ComCertSelParams *equalParams = NULL;
725 PKIX_PL_X500Name *goodSubject = NULL;
726 PKIX_PL_X500Name *equalSubject = NULL;
727 PKIX_PL_X500Name *diffSubject = NULL;
728 PKIX_PL_X500Name *testSubject = NULL;
729 PKIX_Int32 goodMinPathLength = 0;
730 PKIX_Int32 equalMinPathLength = 0;
731 PKIX_Int32 diffMinPathLength = 0;
732 PKIX_Int32 testMinPathLength = 0;
733 PKIX_List *goodPolicies = NULL; /* OIDs */
734 PKIX_List *equalPolicies = NULL; /* OIDs */
735 PKIX_List *testPolicies = NULL; /* OIDs */
736 PKIX_List *cert2Policies = NULL; /* OIDs */
737
738 PKIX_PL_Date *testDate = NULL;
739 PKIX_PL_Date *goodDate = NULL;
740 PKIX_PL_Date *equalDate = NULL;
741 PKIX_PL_String *stringRep = NULL;
742 char *asciiRep = NULL;
743 char *dirName = NULL;
744 PKIX_Boolean useArenas = PKIX_FALSE;
745
746 PKIX_TEST_STD_VARS();
747
748 if (argc < 2) {
749 printUsage();
750 return (0);
751 }
752
753 startTests("ComCertSelParams");
754
755 useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
756
757 PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
758 (PKIX_TRUE, /* nssInitNeeded */
759 useArenas,
760 PKIX_MAJOR_VERSION,
761 PKIX_MINOR_VERSION,
762 PKIX_MINOR_VERSION,
763 &actualMinorVersion,
764 &plContext));
765
766 dirName = argv[j+1];
767
768 asciiRep = "050501000000Z";
769
770 PKIX_TEST_EXPECT_NO_ERROR
771 (PKIX_PL_String_Create
772 (PKIX_ESCASCII, asciiRep, 0, &stringRep, plContext));
773 PKIX_TEST_EXPECT_NO_ERROR
774 (PKIX_PL_Date_Create_UTCTime(stringRep, &testDate, plContext));
775
776 testCert = createCert
777 (dirName, "PoliciesP1234CACert.crt", plContext);
778
779 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
780 (testCert, &testSubject, plContext));
781 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints
782 (testCert, &goodBasicConstraints, plContext));
783 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint
784 (goodBasicConstraints, &testMinPathLength, plContext));
785 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
786 (testCert, &testPolicyInfos, plContext));
787
788 /* Convert from List of CertPolicyInfos to List of OIDs */
789 test_CreateOIDList(testPolicyInfos, &testPolicies);
790
791 subTest("Create goodParams and set its fields");
792 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
793 (&goodParams, plContext));
794 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject
795 (goodParams, testSubject, plContext));
796 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
797 (goodParams, testMinPathLength, plContext));
798 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificateValid
799 (goodParams, testDate, plContext));
800 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy
801 (goodParams, testPolicies, plContext));
802 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate
803 (goodParams, testCert, plContext));
804
805 subTest("Duplicate goodParams and verify copy");
806 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
807 ((PKIX_PL_Object *)goodParams,
808 (PKIX_PL_Object **)&equalParams,
809 plContext));
810
811 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
812 (goodParams, &goodSubject, plContext));
813 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
814 (goodParams, &goodMinPathLength, plContext));
815 PKIX_TEST_EXPECT_NO_ERROR
816 (PKIX_ComCertSelParams_GetCertificate
817 (goodParams, &goodCert, plContext));
818 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid
819 (goodParams, &goodDate, plContext));
820 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
821 (goodParams, &goodPolicies, plContext));
822
823 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
824 (equalParams, &equalSubject, plContext));
825 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
826 (equalParams, &equalMinPathLength, plContext));
827 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
828 (equalParams, &equalPolicies, plContext));
829 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificate
830 (equalParams, &equalCert, plContext));
831 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid
832 (equalParams, &equalDate, plContext));
833
834 testEqualsHelper
835 ((PKIX_PL_Object *)goodSubject,
836 (PKIX_PL_Object *)equalSubject,
837 PKIX_TRUE,
838 plContext);
839
840 if (goodMinPathLength != equalMinPathLength) {
841 testError("unexpected mismatch");
842 (void) printf("goodMinPathLength:\t%d\n", goodMinPathLength);
843 (void) printf("equalMinPathLength:\t%d\n", equalMinPathLength);
844 }
845
846 testEqualsHelper((PKIX_PL_Object *)goodPolicies,
847 (PKIX_PL_Object *)equalPolicies,
848 PKIX_TRUE,
849 plContext);
850
851 testEqualsHelper((PKIX_PL_Object *)goodCert,
852 (PKIX_PL_Object *)equalCert,
853 PKIX_TRUE,
854 plContext);
855
856 testEqualsHelper((PKIX_PL_Object *)goodDate,
857 (PKIX_PL_Object *)equalDate,
858 PKIX_TRUE,
859 plContext);
860
861 PKIX_TEST_DECREF_BC(equalSubject);
862 PKIX_TEST_DECREF_BC(equalPolicies);
863 PKIX_TEST_DECREF_BC(equalCert);
864 PKIX_TEST_DECREF_AC(equalDate);
865
866 subTest("Set different values and verify differences");
867
868 diffCert = createCert
869 (dirName, "pathLenConstraint6CACert.crt", plContext);
870
871 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
872 (diffCert, &diffSubject, plContext));
873 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints
874 (diffCert, &diffBasicConstraints, plContext));
875 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint
876 (diffBasicConstraints, &diffMinPathLength, plContext));
877 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
878 (diffCert, &cert2PolicyInfos, plContext));
879 test_CreateOIDList(cert2PolicyInfos, &cert2Policies);
880
881 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject(
882 equalParams, diffSubject, plContext));
883 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
884 (equalParams, diffMinPathLength, plContext));
885 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy
886 (equalParams, cert2Policies, plContext));
887
888 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
889 (equalParams, &equalSubject, plContext));
890 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
891 (equalParams, &equalMinPathLength, plContext));
892 PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
893 (equalParams, &equalPolicies, plContext));
894
895 testEqualsHelper
896 ((PKIX_PL_Object *)goodSubject,
897 (PKIX_PL_Object *)equalSubject,
898 PKIX_FALSE,
899 plContext);
900
901 if (goodMinPathLength == equalMinPathLength) {
902 testError("unexpected match");
903 (void) printf("goodMinPathLength:\t%d\n", goodMinPathLength);
904 (void) printf("equalMinPathLength:\t%d\n", equalMinPathLength);
905 }
906
907 testEqualsHelper
908 ((PKIX_PL_Object *)goodPolicies,
909 (PKIX_PL_Object *)equalPolicies,
910 PKIX_FALSE,
911 plContext);
912
913 test_NameConstraints(dirName);
914 test_PathToNames();
915 test_SubjAltNames();
916 test_KeyUsages();
917 test_Version_Issuer_SerialNumber();
918 test_SubjKeyId_AuthKeyId();
919 test_SubjAlgId_SubjPublicKey(dirName);
920
921 cleanup:
922
923 PKIX_TEST_DECREF_AC(testSubject);
924 PKIX_TEST_DECREF_AC(goodSubject);
925 PKIX_TEST_DECREF_AC(equalSubject);
926 PKIX_TEST_DECREF_AC(diffSubject);
927 PKIX_TEST_DECREF_AC(testSubject);
928 PKIX_TEST_DECREF_AC(goodPolicies);
929 PKIX_TEST_DECREF_AC(equalPolicies);
930 PKIX_TEST_DECREF_AC(testPolicies);
931 PKIX_TEST_DECREF_AC(cert2Policies);
932 PKIX_TEST_DECREF_AC(goodParams);
933 PKIX_TEST_DECREF_AC(equalParams);
934 PKIX_TEST_DECREF_AC(goodCert);
935 PKIX_TEST_DECREF_AC(diffCert);
936 PKIX_TEST_DECREF_AC(testCert);
937 PKIX_TEST_DECREF_AC(goodBasicConstraints);
938 PKIX_TEST_DECREF_AC(diffBasicConstraints);
939 PKIX_TEST_DECREF_AC(testPolicyInfos);
940 PKIX_TEST_DECREF_AC(cert2PolicyInfos);
941 PKIX_TEST_DECREF_AC(stringRep);
942 PKIX_TEST_DECREF_AC(testDate);
943 PKIX_TEST_DECREF_AC(goodDate);
944
945
946 PKIX_Shutdown(plContext);
947
948 PKIX_TEST_RETURN();
949
950 endTests("ComCertSelParams");
951
952 return (0);
953 }
Mozilla NSS module