diff options
author | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
---|---|---|
committer | Matt A. Tobin <mattatobin@localhost.localdomain> | 2018-02-02 04:16:08 -0500 |
commit | 5f8de423f190bbb79a62f804151bc24824fa32d8 (patch) | |
tree | 10027f336435511475e392454359edea8e25895d /security/nss/cmd/libpkix/testutil | |
parent | 49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff) | |
download | UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip |
Add m-esr52 at 52.6.0
Diffstat (limited to 'security/nss/cmd/libpkix/testutil')
-rwxr-xr-x | security/nss/cmd/libpkix/testutil/Makefile | 51 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/config.mk | 15 | ||||
-rwxr-xr-x | security/nss/cmd/libpkix/testutil/manifest.mn | 26 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/pkixutil.def | 48 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/testutil.c | 576 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/testutil.h | 292 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/testutil_nss.c | 579 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/testutil/testutil_nss.h | 119 |
8 files changed, 1706 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/testutil/Makefile b/security/nss/cmd/libpkix/testutil/Makefile new file mode 100755 index 000000000..859aedd7d --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/Makefile @@ -0,0 +1,51 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +include $(PKIX_DEPTH)/config.mk + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + + +include $(PLAT_DEPTH)/platrules.mk + +export:: private_export + diff --git a/security/nss/cmd/libpkix/testutil/config.mk b/security/nss/cmd/libpkix/testutil/config.mk new file mode 100644 index 000000000..820dbb2d4 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/config.mk @@ -0,0 +1,15 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# don't build the static library +LIBRARY = + +ifeq (,$(filter-out WIN%,$(OS_TARGET))) + +# don't want the 32 in the shared library name +SHARED_LIBRARY = $(OBJDIR)/$(DLL_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION).$(DLL_SUFFIX) +IMPORT_LIBRARY = $(OBJDIR)/$(IMPORT_LIB_PREFIX)$(LIBRARY_NAME)$(LIBRARY_VERSION)$(IMPORT_LIB_SUFFIX) + +endif diff --git a/security/nss/cmd/libpkix/testutil/manifest.mn b/security/nss/cmd/libpkix/testutil/manifest.mn new file mode 100755 index 000000000..2f831fcd6 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/manifest.mn @@ -0,0 +1,26 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = .. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. + +MODULE = nss + +PRIVATE_EXPORTS = \ + testutil_nss.h \ + testutil.h \ + $(NULL) + +CSRCS = \ + testutil_nss.c \ + testutil.c \ + $(NULL) + +LIBRARY_NAME = pkixtooltestutil + +SOURCE_LIB_DIR = $(PKIX_DEPTH)/$(OBJDIR) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/libpkix/testutil/pkixutil.def b/security/nss/cmd/libpkix/testutil/pkixutil.def new file mode 100644 index 000000000..407d40a31 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/pkixutil.def @@ -0,0 +1,48 @@ +;+# +;+# This Source Code Form is subject to the terms of the Mozilla Public +;+# License, v. 2.0. If a copy of the MPL was not distributed with this +;+# file, You can obtain one at http://mozilla.org/MPL/2.0/. +;+# +;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS +;+# 1. For all unix platforms, the string ";-" means "remove this line" +;+# 2. For all unix platforms, the string " DATA " will be removed from any +;+# line on which it occurs. +;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX. +;+# On AIX, lines containing ";+" will be removed. +;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed. +;+# 5. For all unix platforms, after the above processing has taken place, +;+# all characters after the first ";" on the line will be removed. +;+# And for AIX, the first ";" will also be removed. +;+# This file is passed directly to windows. Since ';' is a comment, all UNIX +;+# directives are hidden behind ";", ";+", and ";-" +;+ +;+NSS_3.12 { # NSS 3.12 release +;+ global: +LIBRARY pkixutil ;- +EXPORTS ;- +createBuildResult; +createCRL; +createCert; +createCertChain; +createCertChainPlus; +createDate; +createGeneralName; +createProcessingParams; +createTrustAnchor; +createValidateParams; +createValidateResult; +endTests; +startTests; +subTest; +testDuplicateHelper; +testEqualsHelper; +testError; +testErrorUndo; +testHashcodeHelper; +testToStringHelper; +PKIX_Cert2ASCII; +PKIX_Error2ASCII; +PKIX_String2ASCII; +;+ local: +;+ *; +;+}; diff --git a/security/nss/cmd/libpkix/testutil/testutil.c b/security/nss/cmd/libpkix/testutil/testutil.c new file mode 100644 index 000000000..0f438ba43 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/testutil.c @@ -0,0 +1,576 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * testutil.c + * + * Utility error handling functions + * + */ + +#include "testutil.h" + +/* + * static global variable to keep track of total number of errors for + * a particular test suite (eg. all the OID tests) + */ +static int errCount = 0; + +/* + * FUNCTION: startTests + * DESCRIPTION: + * + * Prints standard message for starting the test suite with the name pointed + * to by "testName". This function should be called in the beginning of every + * test suite. + * + * PARAMETERS: + * "testName" + * Address of string representing name of test suite. + * THREAD SAFETY: + * Not Thread Safe - assumes exclusive access to "errCount" + * (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +startTests(char *testName) +{ + (void)printf("*START OF TESTS FOR %s:\n", testName); + errCount = 0; +} + +/* + * FUNCTION: endTests + * DESCRIPTION: + * + * Prints standard message for ending the test suite with the name pointed + * to by "testName", followed by a success/failure message. This function + * should be called at the end of every test suite. + * + * PARAMETERS: + * "testName" + * Address of string representing name of test suite. + * THREAD SAFETY: + * Not Thread Safe - assumes exclusive access to "errCount" + * (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +endTests(char *testName) +{ + char plural = ' '; + + (void)printf("*END OF TESTS FOR %s: ", testName); + if (errCount > 0) { + if (errCount > 1) + plural = 's'; + (void)printf("%d SUBTEST%c FAILED.\n\n", errCount, plural); + } else { + (void)printf("ALL TESTS COMPLETED SUCCESSFULLY.\n\n"); + } +} + +/* + * FUNCTION: subTest + * DESCRIPTION: + * + * Prints standard message for starting the subtest with the name pointed to + * by "subTestName". This function should be called at the beginning of each + * subtest. + * + * PARAMETERS: + * "subTestName" + * Address of string representing name of subTest. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +subTest(char *subTestName) +{ + (void)printf("TESTING: %s ...\n", subTestName); +} + +/* + * FUNCTION: testErrorUndo + * DESCRIPTION: + * + * Decrements the global variable "errCount" and prints a test failure + * expected message followed by the string pointed to by "msg". This function + * should be called when an expected error condition is encountered in the + * tests. Calling this function *correct* the previous errCount increment. + * It should only be called ONCE per subtest. + * + * PARAMETERS: + * "msg" + * Address of text of error message. + * THREAD SAFETY: + * Not Thread Safe - assumes exclusive access to "errCount" + * (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testErrorUndo(char *msg) +{ + --errCount; + (void)printf("TEST FAILURE *** EXPECTED *** :%s\n", msg); +} + +/* + * FUNCTION: testError + * DESCRIPTION: + * + * Increments the global variable "errCount" and prints a standard test + * failure message followed by the string pointed to by "msg". This function + * should be called when an unexpected error condition is encountered in the + * tests. It should only be called ONCE per subtest. + * + * PARAMETERS: + * "msg" + * Address of text of error message. + * THREAD SAFETY: + * Not Thread Safe - assumes exclusive access to "errCount" + * (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testError(char *msg) +{ + ++errCount; + (void)printf("TEST FAILURE: %s\n", msg); +} + +/* + * FUNCTION: PKIX_String2ASCII + * DESCRIPTION: + * + * Converts String object pointed to by "string" to its ASCII representation + * and returns the converted value. Returns NULL upon failure. + * + * XXX Might want to use ESCASCII_DEBUG to show control characters, etc. + * + * PARAMETERS: + * "string" + * Address of String to be converted to ASCII. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns the ASCII representation of "string" upon success; + * NULL upon failure. + */ +char * +PKIX_String2ASCII(PKIX_PL_String *string, void *plContext) +{ + PKIX_UInt32 length; + char *asciiString = NULL; + PKIX_Error *errorResult; + + errorResult = PKIX_PL_String_GetEncoded(string, + PKIX_ESCASCII, + (void **)&asciiString, + &length, + plContext); + + if (errorResult) + goto cleanup; + +cleanup: + + if (errorResult) { + return (NULL); + } + + return (asciiString); +} + +/* + * FUNCTION: PKIX_Error2ASCII + * DESCRIPTION: + * + * Converts Error pointed to by "error" to its ASCII representation and + * returns the converted value. Returns NULL upon failure. + * + * PARAMETERS: + * "error" + * Address of Error to be converted to ASCII. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns the ASCII representation of "error" upon success; + * NULL upon failure. + */ +char * +PKIX_Error2ASCII(PKIX_Error *error, void *plContext) +{ + PKIX_UInt32 length; + char *asciiString = NULL; + PKIX_PL_String *pkixString = NULL; + PKIX_Error *errorResult = NULL; + + errorResult = PKIX_PL_Object_ToString((PKIX_PL_Object *)error, &pkixString, plContext); + if (errorResult) + goto cleanup; + + errorResult = PKIX_PL_String_GetEncoded(pkixString, + PKIX_ESCASCII, + (void **)&asciiString, + &length, + plContext); + +cleanup: + + if (pkixString) { + if (PKIX_PL_Object_DecRef((PKIX_PL_Object *)pkixString, plContext)) { + return (NULL); + } + } + + if (errorResult) { + return (NULL); + } + + return (asciiString); +} + +/* + * FUNCTION: PKIX_Object2ASCII + * DESCRIPTION: + * + * Converts Object pointed to by "object" to its ASCII representation and + * returns the converted value. Returns NULL upon failure. + * + * PARAMETERS: + * "object" + * Address of Object to be converted to ASCII. Must be non-NULL. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns the ASCII representation of "object" upon success; + * NULL upon failure. + */ +char * +PKIX_Object2ASCII(PKIX_PL_Object *object) +{ + PKIX_UInt32 length; + char *asciiString = NULL; + PKIX_PL_String *pkixString = NULL; + PKIX_Error *errorResult = NULL; + + errorResult = PKIX_PL_Object_ToString(object, &pkixString, NULL); + if (errorResult) + goto cleanup; + + errorResult = PKIX_PL_String_GetEncoded(pkixString, PKIX_ESCASCII, (void **)&asciiString, &length, NULL); + +cleanup: + + if (pkixString) { + if (PKIX_PL_Object_DecRef((PKIX_PL_Object *)pkixString, NULL)) { + return (NULL); + } + } + + if (errorResult) { + return (NULL); + } + + return (asciiString); +} + +/* + * FUNCTION: PKIX_Cert2ASCII + * DESCRIPTION: + * + * Converts Cert pointed to by "cert" to its partial ASCII representation and + * returns the converted value. Returns NULL upon failure. + * + * PARAMETERS: + * "cert" + * Address of Cert to be converted to ASCII. Must be non-NULL. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns the partial ASCII representation of "cert" upon success; + * NULL upon failure. + */ +char * +PKIX_Cert2ASCII(PKIX_PL_Cert *cert) +{ + PKIX_PL_X500Name *issuer = NULL; + void *issuerAscii = NULL; + PKIX_PL_X500Name *subject = NULL; + void *subjectAscii = NULL; + void *asciiString = NULL; + PKIX_Error *errorResult = NULL; + PKIX_UInt32 numChars; + + /* Issuer */ + errorResult = PKIX_PL_Cert_GetIssuer(cert, &issuer, NULL); + if (errorResult) + goto cleanup; + + issuerAscii = PKIX_Object2ASCII((PKIX_PL_Object *)issuer); + + /* Subject */ + errorResult = PKIX_PL_Cert_GetSubject(cert, &subject, NULL); + if (errorResult) + goto cleanup; + + if (subject) { + subjectAscii = PKIX_Object2ASCII((PKIX_PL_Object *)subject); + } + + errorResult = PKIX_PL_Malloc(200, &asciiString, NULL); + if (errorResult) + goto cleanup; + + numChars = + PR_snprintf(asciiString, + 200, + "Issuer=%s\nSubject=%s\n", + issuerAscii, + subjectAscii); + + if (!numChars) + goto cleanup; + +cleanup: + + if (issuer) { + if (PKIX_PL_Object_DecRef((PKIX_PL_Object *)issuer, NULL)) { + return (NULL); + } + } + + if (subject) { + if (PKIX_PL_Object_DecRef((PKIX_PL_Object *)subject, NULL)) { + return (NULL); + } + } + + if (PKIX_PL_Free((PKIX_PL_Object *)issuerAscii, NULL)) { + return (NULL); + } + + if (PKIX_PL_Free((PKIX_PL_Object *)subjectAscii, NULL)) { + return (NULL); + } + + if (errorResult) { + return (NULL); + } + + return (asciiString); +} + +/* + * FUNCTION: testHashcodeHelper + * DESCRIPTION: + * + * Computes the hashcode of the Object pointed to by "goodObject" and the + * Object pointed to by "otherObject" and compares them. If the result of the + * comparison is not the desired match as specified by "match", an error + * message is generated. + * + * PARAMETERS: + * "goodObject" + * Address of an object. Must be non-NULL. + * "otherObject" + * Address of another object. Must be non-NULL. + * "match" + * Boolean value representing the desired comparison result. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testHashcodeHelper( + PKIX_PL_Object *goodObject, + PKIX_PL_Object *otherObject, + PKIX_Boolean match, + void *plContext) +{ + + PKIX_UInt32 goodHash; + PKIX_UInt32 otherHash; + PKIX_Boolean cmpResult; + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Hashcode((PKIX_PL_Object *)goodObject, &goodHash, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Hashcode((PKIX_PL_Object *)otherObject, &otherHash, plContext)); + + cmpResult = (goodHash == otherHash); + + if ((match && !cmpResult) || (!match && cmpResult)) { + testError("unexpected mismatch"); + (void)printf("Hash1:\t%d\n", goodHash); + (void)printf("Hash2:\t%d\n", otherHash); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +/* + * FUNCTION: testToStringHelper + * DESCRIPTION: + * + * Calls toString on the Object pointed to by "goodObject" and compares the + * result to the string pointed to by "expected". If the results are not + * equal, an error message is generated. + * + * PARAMETERS: + * "goodObject" + * Address of Object. Must be non-NULL. + * "expected" + * Address of the desired string. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testToStringHelper( + PKIX_PL_Object *goodObject, + char *expected, + void *plContext) +{ + PKIX_PL_String *stringRep = NULL; + char *actual = NULL; + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(goodObject, &stringRep, plContext)); + + actual = PKIX_String2ASCII(stringRep, plContext); + if (actual == NULL) { + pkixTestErrorMsg = "PKIX_String2ASCII Failed"; + goto cleanup; + } + + /* + * If you are having trouble matching the string, uncomment the + * PL_strstr function to figure out what's going on. + */ + + /* + if (PL_strstr(actual, expected) == NULL){ + testError("PL_strstr failed"); + } + */ + + if (PL_strcmp(actual, expected) != 0) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%s\n", actual); + (void)printf("Expected value:\t%s\n", expected); + } + +cleanup: + + PKIX_PL_Free(actual, plContext); + + PKIX_TEST_DECREF_AC(stringRep); + + PKIX_TEST_RETURN(); +} + +/* + * FUNCTION: testEqualsHelper + * DESCRIPTION: + * + * Checks if the Object pointed to by "goodObject" is Equal to the Object + * pointed to by "otherObject". If the result of the check is not the desired + * match as specified by "match", an error message is generated. + * + * PARAMETERS: + * "goodObject" + * Address of an Object. Must be non-NULL. + * "otherObject" + * Address of another Object. Must be non-NULL. + * "match" + * Boolean value representing the desired comparison result. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testEqualsHelper( + PKIX_PL_Object *goodObject, + PKIX_PL_Object *otherObject, + PKIX_Boolean match, + void *plContext) +{ + + PKIX_Boolean cmpResult; + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals(goodObject, otherObject, &cmpResult, plContext)); + + if ((match && !cmpResult) || (!match && cmpResult)) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", cmpResult); + (void)printf("Expected value:\t%d\n", match); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +/* + * FUNCTION: testDuplicateHelper + * DESCRIPTION: + * Checks if the Object pointed to by "object" is equal to its duplicate. + * If the result of the check is not equality, an error message is generated. + * PARAMETERS: + * "object" + * Address of Object. Must be non-NULL. + * "plContext" + * Platform-specific context pointer. + * THREAD SAFETY: + * Thread Safe (see Thread Safety Definitions in Programmer's Guide) + * RETURNS: + * Returns nothing. + */ +void +testDuplicateHelper(PKIX_PL_Object *object, void *plContext) +{ + PKIX_PL_Object *newObject = NULL; + PKIX_Boolean cmpResult; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate(object, &newObject, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals(object, newObject, &cmpResult, plContext)); + + if (!cmpResult) { + testError("unexpected mismatch"); + (void)printf("Actual value:\t%d\n", cmpResult); + (void)printf("Expected value:\t%d\n", PKIX_TRUE); + } + +cleanup: + + PKIX_TEST_DECREF_AC(newObject); + + PKIX_TEST_RETURN(); +} diff --git a/security/nss/cmd/libpkix/testutil/testutil.h b/security/nss/cmd/libpkix/testutil/testutil.h new file mode 100644 index 000000000..9c594fa03 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/testutil.h @@ -0,0 +1,292 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * testutil.h + * + * Utility functions for handling test errors + * + */ + +#ifndef _TESTUTIL_H +#define _TESTUTIL_H + +#include "pkix.h" +#include "plstr.h" +#include "prprf.h" +#include "prlong.h" +#include "pkix_pl_common.h" +#include "secutil.h" +#include <stdio.h> +#include <ctype.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * In order to have a consistent format for displaying test information, + * all tests are REQUIRED to use the functions provided by this library + * (libtestutil.a) for displaying their information. + * + * A test using this library begins with a call to startTests with the test + * name as the arg (which is used only for formatting). Before the first + * subtest, a call to subTest should be made with the subtest name as the arg + * (again, for formatting). If the subTest is successful, then no action + * is needed. However, if the subTest is not successful, then a call + * to testError should be made with a descriptive error message as the arg. + * Note that a subTest MUST NOT call testError more than once. + * Finally, a call to endTests is made with the test name as the arg (for + * formatting). Note that most of these macros assume that a variable named + * "plContext" of type (void *) has been defined by the test. As such, it + * is essential that the test satisfy this condition. + */ + +/* + * PKIX_TEST_STD_VARS should be called at the beginning of every function + * that uses PKIX_TEST_RETURN (e.g. subTests), but it should be called only + * AFTER declaring local variables (so we don't get compiler warnings about + * declarations after statements). PKIX_TEST_STD_VARS declares and initializes + * several variables needed by the other test macros. + */ +#define PKIX_TEST_STD_VARS() \ + PKIX_Error *pkixTestErrorResult = NULL; \ + char *pkixTestErrorMsg = NULL; + +/* + * PKIX_TEST_EXPECT_NO_ERROR should be used to wrap a standard PKIX function + * call (one which returns a pointer to PKIX_Error) that is expected to return + * NULL (i.e. to succeed). If "pkixTestErrorResult" is not NULL, + * "goto cleanup" is executed, where a testError call is made if there were + * unexpected results. This macro MUST NOT be called after the "cleanup" label. + * + * Example Usage: PKIX_TEST_EXPECT_NO_ERROR(pkixFunc_expected_to_succeed(...)); + */ + +#define PKIX_TEST_EXPECT_NO_ERROR(func) \ + do { \ + pkixTestErrorResult = (func); \ + if (pkixTestErrorResult) { \ + goto cleanup; \ + } \ + } while (0) + +/* + * PKIX_TEST_EXPECT_ERROR should be used to wrap a standard PKIX function call + * (one which returns a pointer to PKIX_Error) that is expected to return + * a non-NULL value (i.e. to fail). If "pkixTestErrorResult" is NULL, + * "pkixTestErrorMsg" is set to a standard string and "goto cleanup" + * is executed, where a testError call is made if there were unexpected + * results. This macro MUST NOT be called after the "cleanup" label. + * + * Example Usage: PKIX_TEST_EXPECT_ERROR(pkixFunc_expected_to_fail(...)); + */ + +#define PKIX_TEST_EXPECT_ERROR(func) \ + do { \ + pkixTestErrorResult = (func); \ + if (!pkixTestErrorResult) { \ + pkixTestErrorMsg = \ + "Should have thrown an error here."; \ + goto cleanup; \ + } \ + PKIX_TEST_DECREF_BC(pkixTestErrorResult); \ + } while (0) + +/* + * PKIX_TEST_DECREF_BC is a convenience macro which should only be called + * BEFORE the "cleanup" label ("BC"). If the input parameter is non-NULL, it + * DecRefs the input parameter and wraps the function with + * PKIX_TEST_EXPECT_NO_ERROR, which executes "goto cleanup" upon error. + * This macro MUST NOT be called after the "cleanup" label. + */ + +#define PKIX_TEST_DECREF_BC(obj) \ + do { \ + if (obj) { \ + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_DecRef((PKIX_PL_Object *)(obj), plContext)); \ + obj = NULL; \ + } \ + } while (0) + +/* + * PKIX_TEST_DECREF_AC is a convenience macro which should only be called + * AFTER the "cleanup" label ("AC"). If the input parameter is non-NULL, it + * DecRefs the input parameter. A pkixTestTempResult variable is used to prevent + * incorrectly overwriting pkixTestErrorResult with NULL. + * In the case DecRef succeeds, pkixTestTempResult will be NULL, and we won't + * overwrite a previously set pkixTestErrorResult (if any). If DecRef fails, + * then we do want to overwrite a previously set pkixTestErrorResult since a + * DecRef failure is fatal and may be indicative of memory corruption. + */ + +#define PKIX_TEST_DECREF_AC(obj) \ + do { \ + if (obj) { \ + PKIX_Error *pkixTestTempResult = NULL; \ + pkixTestTempResult = \ + PKIX_PL_Object_DecRef((PKIX_PL_Object *)(obj), plContext); \ + if (pkixTestTempResult) \ + pkixTestErrorResult = pkixTestTempResult; \ + obj = NULL; \ + } \ + } while (0) + +/* + * PKIX_TEST_RETURN must always be AFTER the "cleanup" label. It does nothing + * if everything went as expected. However, if there were unexpected results, + * PKIX_TEST_RETURN calls testError, which displays a standard failure message + * and increments the number of subtests that have failed. In the case + * of an unexpected error, testError is called using the error's description + * as an input and the error is DecRef'd. In the case of unexpected success + * testError is called with a standard string. + */ +#define PKIX_TEST_RETURN() \ + { \ + if (pkixTestErrorMsg) { \ + testError(pkixTestErrorMsg); \ + } else if (pkixTestErrorResult) { \ + pkixTestErrorMsg = \ + PKIX_Error2ASCII(pkixTestErrorResult, plContext); \ + if (pkixTestErrorMsg) { \ + testError(pkixTestErrorMsg); \ + PKIX_PL_Free((PKIX_PL_Object *)pkixTestErrorMsg, \ + plContext); \ + } else { \ + testError("PKIX_Error2ASCII Failed"); \ + } \ + if (pkixTestErrorResult != PKIX_ALLOC_ERROR()) { \ + PKIX_PL_Object_DecRef((PKIX_PL_Object *)pkixTestErrorResult, \ + plContext); \ + pkixTestErrorResult = NULL; \ + } \ + } \ + } + +/* + * PKIX_TEST_EQ_HASH_TOSTR_DUP is a convenience macro which executes the + * standard set of operations that test the Equals, Hashcode, ToString, and + * Duplicate functions of an object type. The goodObj, equalObj, and diffObj + * are as the names suggest. The expAscii parameter is the expected result of + * calling ToString on the goodObj. If expAscii is NULL, then ToString will + * not be called on the goodObj. The checkDuplicate parameter is treated as + * a Boolean to indicate whether the Duplicate function should be tested. If + * checkDuplicate is NULL, then Duplicate will not be called on the goodObj. + * The type is the name of the function's family. For example, if the type is + * Cert, this macro will call PKIX_PL_Cert_Equals, PKIX_PL_Cert_Hashcode, and + * PKIX_PL_Cert_ToString. + * + * Note: If goodObj uses the default Equals and Hashcode functions, then + * for goodObj and equalObj to be equal, they must have the same pointer value. + */ +#define PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObj, equalObj, diffObj, \ + expAscii, type, checkDuplicate) \ + do { \ + subTest("PKIX_PL_" #type "_Equals <match>"); \ + testEqualsHelper((PKIX_PL_Object *)(goodObj), \ + (PKIX_PL_Object *)(equalObj), \ + PKIX_TRUE, \ + plContext); \ + subTest("PKIX_PL_" #type "_Hashcode <match>"); \ + testHashcodeHelper((PKIX_PL_Object *)(goodObj), \ + (PKIX_PL_Object *)(equalObj), \ + PKIX_TRUE, \ + plContext); \ + subTest("PKIX_PL_" #type "_Equals <non-match>"); \ + testEqualsHelper((PKIX_PL_Object *)(goodObj), \ + (PKIX_PL_Object *)(diffObj), \ + PKIX_FALSE, \ + plContext); \ + subTest("PKIX_PL_" #type "_Hashcode <non-match>"); \ + testHashcodeHelper((PKIX_PL_Object *)(goodObj), \ + (PKIX_PL_Object *)(diffObj), \ + PKIX_FALSE, \ + plContext); \ + if (expAscii) { \ + subTest("PKIX_PL_" #type "_ToString"); \ + testToStringHelper((PKIX_PL_Object *)(goodObj), \ + (expAscii), \ + plContext); \ + } \ + if (checkDuplicate) { \ + subTest("PKIX_PL_" #type "_Duplicate"); \ + testDuplicateHelper((PKIX_PL_Object *)goodObj, plContext); \ + } \ + } while (0) + +/* + * PKIX_TEST_DECREF_BC is a convenience macro which should only be called + * BEFORE the "cleanup" label ("BC"). If the input parameter is non-NULL, it + * DecRefs the input parameter and wraps the function with + * PKIX_TEST_EXPECT_NO_ERROR, which executes "goto cleanup" upon error. + * This macro MUST NOT be called after the "cleanup" label. + */ + +#define PKIX_TEST_ABORT_ON_NULL(obj) \ + do { \ + if (!obj) { \ + goto cleanup; \ + } \ + } while (0) + +#define PKIX_TEST_ARENAS_ARG(arena) \ + (arena ? (PORT_Strcmp(arena, "arenas") ? PKIX_FALSE : (j++, PKIX_TRUE)) : PKIX_FALSE) + +#define PKIX_TEST_ERROR_RECEIVED (pkixTestErrorMsg || pkixTestErrorResult) + +/* see source file for function documentation */ + +void startTests(char *testName); + +void endTests(char *testName); + +void subTest(char *subTestName); + +void testError(char *msg); + +extern PKIX_Error * +_ErrorCheck(PKIX_Error *errorResult); + +extern PKIX_Error * +_OutputError(PKIX_Error *errorResult); + +char *PKIX_String2ASCII(PKIX_PL_String *string, void *plContext); + +char *PKIX_Error2ASCII(PKIX_Error *error, void *plContext); + +char *PKIX_Object2ASCII(PKIX_PL_Object *object); + +char *PKIX_Cert2ASCII(PKIX_PL_Cert *cert); + +void +testHashcodeHelper( + PKIX_PL_Object *goodObject, + PKIX_PL_Object *otherObject, + PKIX_Boolean match, + void *plContext); + +void +testToStringHelper( + PKIX_PL_Object *goodObject, + char *expected, + void *plContext); + +void +testEqualsHelper( + PKIX_PL_Object *goodObject, + PKIX_PL_Object *otherObject, + PKIX_Boolean match, + void *plContext); + +void +testDuplicateHelper( + PKIX_PL_Object *object, + void *plContext); +void +testErrorUndo(char *msg); + +#ifdef __cplusplus +} +#endif + +#endif /* TESTUTIL_H */ diff --git a/security/nss/cmd/libpkix/testutil/testutil_nss.c b/security/nss/cmd/libpkix/testutil/testutil_nss.c new file mode 100644 index 000000000..3417d0ab7 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/testutil_nss.c @@ -0,0 +1,579 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * testutil_nss.c + * + * NSS-specific utility functions for handling test errors + * + */ + +#include <stdio.h> +#include <string.h> +#include <stddef.h> + +#include "pkix_pl_generalname.h" +#include "pkix_pl_cert.h" +#include "pkix.h" +#include "testutil.h" +#include "prlong.h" +#include "plstr.h" +#include "prthread.h" +#include "secutil.h" +#include "nspr.h" +#include "prtypes.h" +#include "prtime.h" +#include "pk11func.h" +#include "secasn1.h" +#include "cert.h" +#include "cryptohi.h" +#include "secoid.h" +#include "certdb.h" +#include "secitem.h" +#include "keythi.h" +#include "nss.h" + +static char * +catDirName(char *dir, char *name, void *plContext) +{ + char *pathName = NULL; + PKIX_UInt32 nameLen; + PKIX_UInt32 dirLen; + + PKIX_TEST_STD_VARS(); + + nameLen = PL_strlen(name); + dirLen = PL_strlen(dir); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(dirLen + nameLen + 2, + (void **)&pathName, + plContext)); + + PL_strcpy(pathName, dir); + PL_strcat(pathName, "/"); + PL_strcat(pathName, name); + printf("pathName = %s\n", pathName); + +cleanup: + + PKIX_TEST_RETURN(); + + return (pathName); +} + +PKIX_PL_Cert * +createCert( + char *dirName, + char *certFileName, + void *plContext) +{ + PKIX_PL_ByteArray *byteArray = NULL; + void *buf = NULL; + PRFileDesc *certFile = NULL; + PKIX_UInt32 len; + SECItem certDER; + SECStatus rv; + /* default: NULL cert (failure case) */ + PKIX_PL_Cert *cert = NULL; + char *pathName = NULL; + + PKIX_TEST_STD_VARS(); + + certDER.data = NULL; + + pathName = catDirName(dirName, certFileName, plContext); + certFile = PR_Open(pathName, PR_RDONLY, 0); + + if (!certFile) { + pkixTestErrorMsg = "Unable to open cert file"; + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&certDER, certFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)certDER.data; + len = certDER.len; + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext)); + + SECITEM_FreeItem(&certDER, PR_FALSE); + } else { + pkixTestErrorMsg = "Unable to read DER from cert file"; + goto cleanup; + } + } + +cleanup: + + pkixTestErrorResult = PKIX_PL_Free(pathName, plContext); + + if (certFile) { + PR_Close(certFile); + } + + if (PKIX_TEST_ERROR_RECEIVED) { + SECITEM_FreeItem(&certDER, PR_FALSE); + } + + PKIX_TEST_DECREF_AC(byteArray); + + PKIX_TEST_RETURN(); + + return (cert); +} + +PKIX_PL_CRL * +createCRL( + char *dirName, + char *crlFileName, + void *plContext) +{ + PKIX_PL_ByteArray *byteArray = NULL; + PKIX_PL_CRL *crl = NULL; + PKIX_Error *error = NULL; + PRFileDesc *inFile = NULL; + SECItem crlDER; + void *buf = NULL; + PKIX_UInt32 len; + SECStatus rv; + char *pathName = NULL; + + PKIX_TEST_STD_VARS(); + + crlDER.data = NULL; + + pathName = catDirName(dirName, crlFileName, plContext); + inFile = PR_Open(pathName, PR_RDONLY, 0); + + if (!inFile) { + pkixTestErrorMsg = "Unable to open crl file"; + goto cleanup; + } else { + rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE); + if (!rv) { + buf = (void *)crlDER.data; + len = crlDER.len; + + error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext); + + if (error) { + pkixTestErrorMsg = + "PKIX_PL_ByteArray_Create failed"; + goto cleanup; + } + + error = PKIX_PL_CRL_Create(byteArray, &crl, plContext); + if (error) { + pkixTestErrorMsg = "PKIX_PL_Crl_Create failed"; + goto cleanup; + } + + SECITEM_FreeItem(&crlDER, PR_FALSE); + } else { + pkixTestErrorMsg = "Unable to read DER from crl file"; + goto cleanup; + } + } + +cleanup: + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(pathName, plContext)); + + if (inFile) { + PR_Close(inFile); + } + + if (error) { + SECITEM_FreeItem(&crlDER, PR_FALSE); + } + + PKIX_TEST_DECREF_AC(byteArray); + + PKIX_TEST_RETURN(); + + return (crl); +} + +PKIX_TrustAnchor * +createTrustAnchor( + char *dirName, + char *certFileName, + PKIX_Boolean useCert, + void *plContext) +{ + PKIX_TrustAnchor *anchor = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_PL_X500Name *name = NULL; + PKIX_PL_PublicKey *pubKey = NULL; + PKIX_PL_CertNameConstraints *nameConstraints = NULL; + + PKIX_TEST_STD_VARS(); + + cert = createCert(dirName, certFileName, plContext); + + if (useCert) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(cert, &anchor, plContext)); + } else { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(cert, &name, plContext)); + + if (name == NULL) { + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(cert, &nameConstraints, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithNameKeyPair(name, pubKey, nameConstraints, &anchor, plContext)); + } + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(anchor); + } + + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(name); + PKIX_TEST_DECREF_AC(pubKey); + PKIX_TEST_DECREF_AC(nameConstraints); + + PKIX_TEST_RETURN(); + + return (anchor); +} + +PKIX_List * +createCertChain( + char *dirName, + char *firstCertFileName, + char *secondCertFileName, + void *plContext) +{ + PKIX_PL_Cert *firstCert = NULL; + PKIX_PL_Cert *secondCert = NULL; + PKIX_List *certList = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext)); + + firstCert = createCert(dirName, firstCertFileName, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)firstCert, plContext)); + + if (secondCertFileName) { + secondCert = createCert(dirName, secondCertFileName, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)secondCert, plContext)); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(certList); + } + + PKIX_TEST_DECREF_AC(firstCert); + PKIX_TEST_DECREF_AC(secondCert); + + PKIX_TEST_RETURN(); + + return (certList); +} + +PKIX_List * +createCertChainPlus( + char *dirName, + char *certNames[], + PKIX_PL_Cert *certs[], + PKIX_UInt32 numCerts, + void *plContext) +{ + PKIX_List *certList = NULL; + PKIX_UInt32 i; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext)); + + for (i = 0; i < numCerts; i++) { + + certs[i] = createCert(dirName, certNames[i], plContext); + + /* Create Cert may fail */ + if (certs[i] == NULL) { + PKIX_TEST_DECREF_BC(certList); + goto cleanup; + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, + (PKIX_PL_Object *)certs[i], + plContext)); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(certList); + } + + for (i = 0; i < numCerts; i++) { + PKIX_TEST_DECREF_AC(certs[i]); + } + + PKIX_TEST_RETURN(); + + return (certList); +} + +PKIX_PL_Date * +createDate( + char *asciiDate, + void *plContext) +{ + PKIX_PL_Date *date = NULL; + PKIX_PL_String *plString = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiDate, 0, &plString, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(plString, &date, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(plString); + + PKIX_TEST_RETURN(); + + return (date); +} + +PKIX_ProcessingParams * +createProcessingParams( + char *dirName, + char *firstAnchorFileName, + char *secondAnchorFileName, + char *dateAscii, + PKIX_List *initialPolicies, /* List of PKIX_PL_OID */ + PKIX_Boolean isCrlEnabled, + void *plContext) +{ + + PKIX_TrustAnchor *firstAnchor = NULL; + PKIX_TrustAnchor *secondAnchor = NULL; + PKIX_List *anchorsList = NULL; + PKIX_ProcessingParams *procParams = NULL; + PKIX_PL_String *dateString = NULL; + PKIX_PL_Date *testDate = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchorsList, plContext)); + + firstAnchor = createTrustAnchor(dirName, firstAnchorFileName, PKIX_FALSE, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList, + (PKIX_PL_Object *)firstAnchor, + plContext)); + + if (secondAnchorFileName) { + secondAnchor = + createTrustAnchor(dirName, secondAnchorFileName, PKIX_FALSE, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList, + (PKIX_PL_Object *)secondAnchor, + plContext)); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchorsList, &procParams, plContext)); + + if (dateAscii) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, + dateAscii, + 0, + &dateString, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(dateString, &testDate, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetDate(procParams, testDate, plContext)); + } + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, isCrlEnabled, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(procParams); + } + + PKIX_TEST_DECREF_AC(dateString); + PKIX_TEST_DECREF_AC(testDate); + PKIX_TEST_DECREF_AC(anchorsList); + PKIX_TEST_DECREF_AC(firstAnchor); + PKIX_TEST_DECREF_AC(secondAnchor); + + PKIX_TEST_RETURN(); + + return (procParams); +} + +PKIX_ValidateParams * +createValidateParams( + char *dirName, + char *firstAnchorFileName, + char *secondAnchorFileName, + char *dateAscii, + PKIX_List *initialPolicies, /* List of PKIX_PL_OID */ + PKIX_Boolean initialPolicyMappingInhibit, + PKIX_Boolean initialAnyPolicyInhibit, + PKIX_Boolean initialExplicitPolicy, + PKIX_Boolean isCrlEnabled, + PKIX_List *chain, + void *plContext) +{ + + PKIX_ProcessingParams *procParams = NULL; + PKIX_ValidateParams *valParams = NULL; + + PKIX_TEST_STD_VARS(); + + procParams = + createProcessingParams(dirName, + firstAnchorFileName, + secondAnchorFileName, + dateAscii, + NULL, + isCrlEnabled, + plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetPolicyMappingInhibited(procParams, initialPolicyMappingInhibit, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetAnyPolicyInhibited(procParams, initialAnyPolicyInhibit, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetExplicitPolicyRequired(procParams, initialExplicitPolicy, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create(procParams, chain, &valParams, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(valParams); + } + + PKIX_TEST_DECREF_AC(procParams); + + PKIX_TEST_RETURN(); + + return (valParams); +} + +PKIX_ValidateResult * +createValidateResult( + char *dirName, + char *anchorFileName, + char *pubKeyCertFileName, + void *plContext) +{ + + PKIX_TrustAnchor *anchor = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_PL_Cert *cert = NULL; + PKIX_PL_PublicKey *pubKey = NULL; + + PKIX_TEST_STD_VARS(); + + anchor = createTrustAnchor(dirName, anchorFileName, PKIX_FALSE, plContext); + cert = createCert(dirName, pubKeyCertFileName, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_ValidateResult_Create(pubKey, anchor, NULL, &valResult, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(valResult); + } + + PKIX_TEST_DECREF_AC(anchor); + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(pubKey); + + PKIX_TEST_RETURN(); + + return (valResult); +} + +PKIX_PL_GeneralName * +createGeneralName( + PKIX_UInt32 nameType, + char *asciiName, + void *plContext) +{ + + PKIX_PL_GeneralName *generalName = NULL; + PKIX_PL_String *plString = NULL; + + PKIX_TEST_STD_VARS(); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiName, 0, &plString, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_GeneralName_Create(nameType, plString, &generalName, plContext)); + +cleanup: + + PKIX_TEST_DECREF_AC(plString); + + PKIX_TEST_RETURN(); + + return (generalName); +} + +PKIX_BuildResult * +createBuildResult( + char *dirName, + char *anchorFileName, + char *pubKeyCertFileName, + char *firstChainCertFileName, + char *secondChainCertFileName, + void *plContext) +{ + PKIX_BuildResult *buildResult = NULL; + PKIX_ValidateResult *valResult = NULL; + PKIX_List *certChain = NULL; + + PKIX_TEST_STD_VARS(); + + valResult = createValidateResult(dirName, anchorFileName, pubKeyCertFileName, plContext); + certChain = createCertChain(dirName, + firstChainCertFileName, + secondChainCertFileName, + plContext); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_BuildResult_Create(valResult, certChain, &buildResult, plContext)); + +cleanup: + + if (PKIX_TEST_ERROR_RECEIVED) { + PKIX_TEST_DECREF_AC(buildResult); + } + + PKIX_TEST_DECREF_AC(valResult); + PKIX_TEST_DECREF_AC(certChain); + + PKIX_TEST_RETURN(); + + return (buildResult); +} diff --git a/security/nss/cmd/libpkix/testutil/testutil_nss.h b/security/nss/cmd/libpkix/testutil/testutil_nss.h new file mode 100644 index 000000000..e1f24af89 --- /dev/null +++ b/security/nss/cmd/libpkix/testutil/testutil_nss.h @@ -0,0 +1,119 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * testutil_nss.h + * + * NSS-specific utility functions for handling test errors + * + */ + +#ifndef _TESTUTIL_NSS_H +#define _TESTUTIL_NSS_H + +#include "pkix_tools.h" +#include "plstr.h" +#include "prprf.h" +#include "prlong.h" +#include "secutil.h" +#include <stdio.h> +#include <ctype.h> + +#ifdef __cplusplus +extern "C" { +#endif + +#include "pkix_pl_generalname.h" + +/* see source file for function documentation */ + +PKIX_PL_Cert * +createCert( + char *dirName, + char *certFile, + void *plContext); + +PKIX_PL_CRL * +createCRL( + char *dirName, + char *crlFileName, + void *plContext); + +PKIX_TrustAnchor * +createTrustAnchor( + char *dirName, + char *taFileName, + PKIX_Boolean useCert, + void *plContext); + +PKIX_List * +createCertChain( + char *dirName, + char *firstCertFileName, + char *secondCertFileName, + void *plContext); + +PKIX_List * +createCertChainPlus( + char *dirName, + char *certNames[], + PKIX_PL_Cert *certs[], + PKIX_UInt32 numCerts, + void *plContext); + +PKIX_PL_Date * +createDate( + char *asciiDate, + void *plContext); + +PKIX_ProcessingParams * +createProcessingParams( + char *dirName, + char *firstAnchorFileName, + char *secondAnchorFileName, + char *dateAscii, + PKIX_List *initialPolicies, /* List of PKIX_PL_OID */ + PKIX_Boolean isCrlEnabled, + void *plContext); + +PKIX_ValidateParams * +createValidateParams( + char *dirName, + char *firstAnchorFileName, + char *secondAnchorFileName, + char *dateAscii, + PKIX_List *initialPolicies, /* List of PKIX_PL_OID */ + PKIX_Boolean initialPolicyMappingInhibit, + PKIX_Boolean initialAnyPolicyInhibit, + PKIX_Boolean initialExplicitPolicy, + PKIX_Boolean isCrlEnabled, + PKIX_List *chain, + void *plContext); + +PKIX_ValidateResult * +createValidateResult( + char *dirName, + char *anchorFileName, + char *pubKeyCertFileName, + void *plContext); + +PKIX_BuildResult * +createBuildResult( + char *dirName, + char *anchorFileName, + char *pubKeyCertFileName, + char *firstChainCertFileName, + char *secondChainCertFileName, + void *plContext); + +PKIX_PL_GeneralName * +createGeneralName( + PKIX_UInt32 nameType, + char *asciiName, + void *plContext); + +#ifdef __cplusplus +} +#endif + +#endif /* TESTUTIL_NSS_H */ |