1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 /*
5 * test_certchainchecker.c
6 *
7 * Test Cert Chain Checker
8 *
9 */
10
11 #include "testutil.h"
12 #include "testutil_nss.h"
13
14 static void *plContext = NULL;
15
16 static PKIX_Error *
dummyChecker_Check(PKIX_CertChainChecker * checker,PKIX_PL_Cert * cert,PKIX_List * unresolvedCriticalExtensions,void ** pNBIOContext,void * plContext)17 dummyChecker_Check(
18 PKIX_CertChainChecker *checker,
19 PKIX_PL_Cert *cert,
20 PKIX_List *unresolvedCriticalExtensions,
21 void **pNBIOContext,
22 void *plContext)
23 {
24 goto cleanup;
25
26 cleanup:
27
28 return (NULL);
29 }
30
31 static void
test_CertChainChecker_Duplicate(PKIX_CertChainChecker * original)32 test_CertChainChecker_Duplicate(PKIX_CertChainChecker *original)
33 {
34 PKIX_Boolean originalForward = PKIX_FALSE;
35 PKIX_Boolean copyForward = PKIX_FALSE;
36 PKIX_Boolean originalForwardDir = PKIX_FALSE;
37 PKIX_Boolean copyForwardDir = PKIX_FALSE;
38 PKIX_CertChainChecker *copy = NULL;
39 PKIX_CertChainChecker_CheckCallback originalCallback = NULL;
40 PKIX_CertChainChecker_CheckCallback copyCallback = NULL;
41 PKIX_PL_Object *originalState = NULL;
42 PKIX_PL_Object *copyState = NULL;
43 PKIX_List *originalList = NULL;
44 PKIX_List *copyList = NULL;
45
46 PKIX_TEST_STD_VARS();
47
48 subTest("CertChainChecker_Duplicate");
49
50 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate((PKIX_PL_Object *)original,
51 (PKIX_PL_Object **)©,
52 plContext));
53
54 subTest("CertChainChecker_GetCheckCallback");
55 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCheckCallback(original, &originalCallback, plContext));
56 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCheckCallback(copy, ©Callback, plContext));
57 if (originalCallback != copyCallback) {
58 pkixTestErrorMsg = "CheckCallback functions are not equal!";
59 goto cleanup;
60 }
61
62 subTest("CertChainChecker_IsForwardCheckingSupported");
63 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_IsForwardCheckingSupported(original, &originalForward, plContext));
64 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_IsForwardCheckingSupported(copy, ©Forward, plContext));
65 if (originalForward != copyForward) {
66 pkixTestErrorMsg = "ForwardChecking booleans are not equal!";
67 goto cleanup;
68 }
69
70 subTest("CertChainChecker_IsForwardDirectionExpected");
71 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_IsForwardDirectionExpected(original, &originalForwardDir, plContext));
72 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_IsForwardDirectionExpected(copy, ©ForwardDir, plContext));
73 if (originalForwardDir != copyForwardDir) {
74 pkixTestErrorMsg = "ForwardDirection booleans are not equal!";
75 goto cleanup;
76 }
77
78 subTest("CertChainChecker_GetCertChainCheckerState");
79 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCertChainCheckerState(original, &originalState, plContext));
80 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCertChainCheckerState(copy, ©State, plContext));
81 testEqualsHelper(originalState, copyState, PKIX_TRUE, plContext);
82
83 subTest("CertChainChecker_GetSupportedExtensions");
84 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetSupportedExtensions(original, &originalList, plContext));
85 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetSupportedExtensions(copy, ©List, plContext));
86 testEqualsHelper((PKIX_PL_Object *)originalList,
87 (PKIX_PL_Object *)copyList,
88 PKIX_TRUE,
89 plContext);
90
91 cleanup:
92
93 PKIX_TEST_DECREF_AC(copy);
94 PKIX_TEST_DECREF_AC(originalState);
95 PKIX_TEST_DECREF_AC(copyState);
96 PKIX_TEST_DECREF_AC(originalList);
97 PKIX_TEST_DECREF_AC(copyList);
98
99 PKIX_TEST_RETURN();
100 }
101
102 int
test_certchainchecker(int argc,char * argv[])103 test_certchainchecker(int argc, char *argv[])
104 {
105
106 PKIX_UInt32 actualMinorVersion;
107 PKIX_PL_OID *bcOID = NULL;
108 PKIX_PL_OID *ncOID = NULL;
109 PKIX_PL_OID *cpOID = NULL;
110 PKIX_PL_OID *pmOID = NULL;
111 PKIX_PL_OID *pcOID = NULL;
112 PKIX_PL_OID *iaOID = NULL;
113 PKIX_CertChainChecker *dummyChecker = NULL;
114 PKIX_List *supportedExtensions = NULL;
115 PKIX_PL_Object *initialState = NULL;
116 PKIX_UInt32 j = 0;
117
118 PKIX_TEST_STD_VARS();
119
120 startTests("CertChainChecker");
121
122 PKIX_TEST_EXPECT_NO_ERROR(
123 PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
124
125 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&supportedExtensions, plContext));
126
127 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_BASICCONSTRAINTS_OID, &bcOID, plContext));
128 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)bcOID, plContext));
129
130 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_NAMECONSTRAINTS_OID, &ncOID, plContext));
131 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)ncOID, plContext));
132
133 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_CERTIFICATEPOLICIES_OID, &cpOID, plContext));
134 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)cpOID, plContext));
135
136 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_POLICYMAPPINGS_OID, &pmOID, plContext));
137 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)pmOID, plContext));
138
139 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_POLICYCONSTRAINTS_OID, &pcOID, plContext));
140 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)pcOID, plContext));
141
142 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(PKIX_INHIBITANYPOLICY_OID, &iaOID, plContext));
143 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(supportedExtensions, (PKIX_PL_Object *)iaOID, plContext));
144
145 PKIX_TEST_DECREF_BC(bcOID);
146 PKIX_TEST_DECREF_BC(ncOID);
147 PKIX_TEST_DECREF_BC(cpOID);
148 PKIX_TEST_DECREF_BC(pmOID);
149 PKIX_TEST_DECREF_BC(pcOID);
150 PKIX_TEST_DECREF_BC(iaOID);
151
152 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)supportedExtensions, plContext));
153
154 initialState = (PKIX_PL_Object *)supportedExtensions;
155
156 subTest("CertChainChecker_Create");
157 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create(dummyChecker_Check, /* PKIX_CertChainChecker_CheckCallback */
158 PKIX_FALSE, /* forwardCheckingSupported */
159 PKIX_FALSE, /* forwardDirectionExpected */
160 supportedExtensions,
161 NULL, /* PKIX_PL_Object *initialState */
162 &dummyChecker,
163 plContext));
164
165 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_SetCertChainCheckerState(dummyChecker, initialState, plContext));
166
167 test_CertChainChecker_Duplicate(dummyChecker);
168
169 subTest("CertChainChecker_Destroy");
170 PKIX_TEST_DECREF_BC(dummyChecker);
171
172 cleanup:
173
174 PKIX_TEST_DECREF_AC(dummyChecker);
175 PKIX_TEST_DECREF_AC(initialState);
176 PKIX_TEST_DECREF_AC(supportedExtensions);
177
178 PKIX_Shutdown(plContext);
179
180 PKIX_TEST_RETURN();
181
182 endTests("CertChainChecker");
183
184 return (0);
185 }
186