1 /*
2 * test_httpcertstore.c
3 *
4 * Test Httpcertstore Type
5 *
6 * Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
10 *
11 * 1. Redistribution of source code must retain the above copyright notice,
12 * this list of conditions and the following disclaimer.
13 *
14 * 2. Redistribution in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * Neither the name of Sun Microsystems, Inc. or the names of contributors may
19 * be used to endorse or promote products derived from this software without
20 * specific prior written permission.
21 *
22 * This software is provided "AS IS," without a warranty of any kind. ALL
23 * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
24 * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
25 * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
26 * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
27 * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
28 * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
29 * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
30 * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
31 * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
32 * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
33 *
34 * You acknowledge that this software is not designed or intended for use in
35 * the design, construction, operation or maintenance of any nuclear facility.
36 */
37
38 #include "testutil.h"
39 #include "testutil_nss.h"
40 #include "pkix_pl_common.h"
41
42 static void *plContext = NULL;
43
44 static void
printUsage(char * testname)45 printUsage(char *testname)
46 {
47 char *fmt =
48 "USAGE: %s [-arenas] certDir certName\n";
49 printf(fmt, "test_httpcertstore");
50 }
51
52 /* Functional tests for Socket public functions */
53 static void
do_other_work(void)54 do_other_work(void)
55 { /* while waiting for nonblocking I/O to complete */
56 (void)PR_Sleep(2 * 60);
57 }
58
59 PKIX_Error *
60 PKIX_PL_HttpCertStore_Create(
61 PKIX_PL_HttpClient *client, /* if NULL, use default Client */
62 PKIX_PL_GeneralName *location,
63 PKIX_CertStore **pCertStore,
64 void *plContext);
65
66 PKIX_Error *
67 pkix_pl_HttpCertStore_CreateWithAsciiName(
68 PKIX_PL_HttpClient *client, /* if NULL, use default Client */
69 char *location,
70 PKIX_CertStore **pCertStore,
71 void *plContext);
72
73 static PKIX_Error *
getLocation(PKIX_PL_Cert * certWithAia,PKIX_PL_GeneralName ** pLocation,void * plContext)74 getLocation(
75 PKIX_PL_Cert *certWithAia,
76 PKIX_PL_GeneralName **pLocation,
77 void *plContext)
78 {
79 PKIX_List *aiaList = NULL;
80 PKIX_UInt32 size = 0;
81 PKIX_PL_InfoAccess *aia = NULL;
82 PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN;
83 PKIX_PL_GeneralName *location = NULL;
84
85 PKIX_TEST_STD_VARS();
86
87 subTest("Getting Authority Info Access");
88
89 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(certWithAia, &aiaList, plContext));
90
91 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext));
92
93 if (size != 1) {
94 pkixTestErrorMsg = "unexpected number of AIA";
95 goto cleanup;
96 }
97
98 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aia, plContext));
99
100 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType(aia, &iaType, plContext));
101
102 if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) {
103 pkixTestErrorMsg = "unexpected location type in AIA";
104 goto cleanup;
105 }
106
107 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation(aia, &location, plContext));
108
109 *pLocation = location;
110
111 cleanup:
112 PKIX_TEST_DECREF_AC(aiaList);
113 PKIX_TEST_DECREF_AC(aia);
114
115 PKIX_TEST_RETURN();
116
117 return (NULL);
118 }
119
120 int
test_httpcertstore(int argc,char * argv[])121 test_httpcertstore(int argc, char *argv[])
122 {
123
124 PKIX_UInt32 i = 0;
125 PKIX_UInt32 numCerts = 0;
126 PKIX_UInt32 numCrls = 0;
127 int j = 0;
128 PKIX_UInt32 actualMinorVersion;
129 PKIX_UInt32 length = 0;
130
131 char *certName = NULL;
132 char *certDir = NULL;
133 PKIX_PL_Cert *cmdLineCert = NULL;
134 PKIX_PL_Cert *cert = NULL;
135 PKIX_CertSelector *certSelector = NULL;
136 PKIX_CertStore *certStore = NULL;
137 PKIX_CertStore *crlStore = NULL;
138 PKIX_PL_GeneralName *location = NULL;
139 PKIX_CertStore_CertCallback getCerts = NULL;
140 PKIX_List *certs = NULL;
141 char *asciiResult = NULL;
142 void *nbio = NULL;
143
144 PKIX_PL_CRL *crl = NULL;
145 PKIX_CRLSelector *crlSelector = NULL;
146 char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL"
147 "files/BasicHTTPURIPeer2CACRL.crl";
148 PKIX_CertStore_CRLCallback getCrls = NULL;
149 PKIX_List *crls = NULL;
150 PKIX_PL_String *crlString = NULL;
151
152 PKIX_TEST_STD_VARS();
153
154 startTests("HttpCertStore");
155
156 PKIX_TEST_EXPECT_NO_ERROR(
157 PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
158
159 if (argc != (j + 3)) {
160 printUsage(argv[0]);
161 pkixTestErrorMsg = "Missing command line argument.";
162 goto cleanup;
163 }
164
165 certDir = argv[++j];
166 certName = argv[++j];
167
168 cmdLineCert = createCert(certDir, certName, plContext);
169 if (cmdLineCert == NULL) {
170 pkixTestErrorMsg = "Unable to create Cert";
171 goto cleanup;
172 }
173
174 /* muster arguments to create HttpCertStore */
175 PKIX_TEST_EXPECT_NO_ERROR(getLocation(cmdLineCert, &location, plContext));
176
177 if (location == NULL) {
178 pkixTestErrorMsg = "Give me a cert with an HTTP URI!";
179 goto cleanup;
180 }
181
182 /* create HttpCertStore */
183 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create(NULL, location, &certStore, plContext));
184
185 /* get the GetCerts callback */
186 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCerts, plContext));
187
188 /* create a CertSelector */
189 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext));
190
191 /* Get the certs */
192 PKIX_TEST_EXPECT_NO_ERROR(getCerts(certStore, certSelector, &nbio, &certs, plContext));
193
194 while (nbio != NULL) {
195 /* poll for a completion */
196
197 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue(certStore, certSelector, &nbio, &certs, plContext));
198 }
199
200 if (certs) {
201
202 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext));
203
204 if (numCerts == 0) {
205 printf("HttpCertStore returned an empty Cert list\n");
206 goto cleanup;
207 }
208
209 for (i = 0; i < numCerts; i++) {
210 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs,
211 i,
212 (PKIX_PL_Object **)&cert,
213 plContext));
214
215 asciiResult = PKIX_Cert2ASCII(cert);
216
217 printf("CERT[%d]:\n%s\n", i, asciiResult);
218
219 /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
220 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL));
221 asciiResult = NULL;
222
223 PKIX_TEST_DECREF_BC(cert);
224 }
225 } else {
226 printf("HttpCertStore returned a NULL Cert list\n");
227 }
228
229 /* create HttpCertStore */
230 PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName(NULL, crlLocation, &crlStore, plContext));
231
232 /* get the GetCrls callback */
233 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrls, plContext));
234
235 /* create a CrlSelector */
236 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &crlSelector, plContext));
237
238 /* Get the crls */
239 PKIX_TEST_EXPECT_NO_ERROR(getCrls(crlStore, crlSelector, &nbio, &crls, plContext));
240
241 while (nbio != NULL) {
242 /* poll for a completion */
243
244 PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue(crlStore, crlSelector, &nbio, &crls, plContext));
245 }
246
247 if (crls) {
248
249 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crls, &numCrls, plContext));
250
251 if (numCrls == 0) {
252 printf("HttpCertStore returned an empty CRL list\n");
253 goto cleanup;
254 }
255
256 for (i = 0; i < numCrls; i++) {
257 PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(crls,
258 i,
259 (PKIX_PL_Object **)&crl,
260 plContext));
261
262 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(
263 (PKIX_PL_Object *)crl,
264 &crlString,
265 plContext));
266
267 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(crlString,
268 PKIX_ESCASCII,
269 (void **)&asciiResult,
270 &length,
271 plContext));
272
273 printf("CRL[%d]:\n%s\n", i, asciiResult);
274
275 PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext));
276 PKIX_TEST_DECREF_BC(crlString);
277 PKIX_TEST_DECREF_BC(crl);
278 }
279 } else {
280 printf("HttpCertStore returned a NULL CRL list\n");
281 }
282
283 cleanup:
284
285 PKIX_TEST_DECREF_AC(cert);
286 PKIX_TEST_DECREF_AC(cmdLineCert);
287 PKIX_TEST_DECREF_AC(certStore);
288 PKIX_TEST_DECREF_AC(crlStore);
289 PKIX_TEST_DECREF_AC(location);
290 PKIX_TEST_DECREF_AC(certs);
291 PKIX_TEST_DECREF_AC(crl);
292 PKIX_TEST_DECREF_AC(crlString);
293 PKIX_TEST_DECREF_AC(crls);
294
295 PKIX_TEST_RETURN();
296
297 endTests("HttpDefaultClient");
298
299 return (0);
300 }
301