tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

test_httpcertstore.c (9800B)

      1 /*
      2 * test_httpcertstore.c
      3 *
      4 * Test Httpcertstore Type
      5 *
      6 * Copyright 2004-2005 Sun Microsystems, Inc.  All rights reserved.
      7 *
      8 * Redistribution and use in source and binary forms, with or without
      9 * modification, are permitted provided that the following conditions are met:
     10 *
     11 *   1. Redistribution of source code must retain the above copyright notice,
     12 *      this list of conditions and the following disclaimer.
     13 *
     14 *   2. Redistribution in binary form must reproduce the above copyright
     15 *      notice, this list of conditions and the following disclaimer in the
     16 *      documentation and/or other materials provided with the distribution.
     17 *
     18 * Neither the name of Sun Microsystems, Inc. or the names of contributors may
     19 * be used to endorse or promote products derived from this software without
     20 * specific prior written permission.
     21 *
     22 * This software is provided "AS IS," without a warranty of any kind. ALL
     23 * EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
     24 * ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
     25 * OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
     26 * AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
     27 * AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
     28 * DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
     29 * REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
     30 * INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
     31 * OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
     32 * EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
     33 *
     34 * You acknowledge that this software is not designed or intended for use in
     35 * the design, construction, operation or maintenance of any nuclear facility.
     36 */
     37 
     38 #include "testutil.h"
     39 #include "testutil_nss.h"
     40 #include "pkix_pl_common.h"
     41 
     42 static void *plContext = NULL;
     43 
     44 static void
     45 printUsage(char *testname)
     46 {
     47    char *fmt =
     48        "USAGE: %s [-arenas] certDir certName\n";
     49    printf(fmt, "test_httpcertstore");
     50 }
     51 
     52 /* Functional tests for Socket public functions */
     53 static void
     54 do_other_work(void)
     55 { /* while waiting for nonblocking I/O to complete */
     56    (void)PR_Sleep(2 * 60);
     57 }
     58 
     59 PKIX_Error *
     60 PKIX_PL_HttpCertStore_Create(
     61    PKIX_PL_HttpClient *client, /* if NULL, use default Client */
     62    PKIX_PL_GeneralName *location,
     63    PKIX_CertStore **pCertStore,
     64    void *plContext);
     65 
     66 PKIX_Error *
     67 pkix_pl_HttpCertStore_CreateWithAsciiName(
     68    PKIX_PL_HttpClient *client, /* if NULL, use default Client */
     69    char *location,
     70    PKIX_CertStore **pCertStore,
     71    void *plContext);
     72 
     73 static PKIX_Error *
     74 getLocation(
     75    PKIX_PL_Cert *certWithAia,
     76    PKIX_PL_GeneralName **pLocation,
     77    void *plContext)
     78 {
     79    PKIX_List *aiaList = NULL;
     80    PKIX_UInt32 size = 0;
     81    PKIX_PL_InfoAccess *aia = NULL;
     82    PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN;
     83    PKIX_PL_GeneralName *location = NULL;
     84 
     85    PKIX_TEST_STD_VARS();
     86 
     87    subTest("Getting Authority Info Access");
     88 
     89    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess(certWithAia, &aiaList, plContext));
     90 
     91    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(aiaList, &size, plContext));
     92 
     93    if (size != 1) {
     94        pkixTestErrorMsg = "unexpected number of AIA";
     95        goto cleanup;
     96    }
     97 
     98    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(aiaList, 0, (PKIX_PL_Object **)&aia, plContext));
     99 
    100    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType(aia, &iaType, plContext));
    101 
    102    if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) {
    103        pkixTestErrorMsg = "unexpected location type in AIA";
    104        goto cleanup;
    105    }
    106 
    107    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation(aia, &location, plContext));
    108 
    109    *pLocation = location;
    110 
    111 cleanup:
    112    PKIX_TEST_DECREF_AC(aiaList);
    113    PKIX_TEST_DECREF_AC(aia);
    114 
    115    PKIX_TEST_RETURN();
    116 
    117    return (NULL);
    118 }
    119 
    120 int
    121 test_httpcertstore(int argc, char *argv[])
    122 {
    123 
    124    PKIX_UInt32 i = 0;
    125    PKIX_UInt32 numCerts = 0;
    126    PKIX_UInt32 numCrls = 0;
    127    int j = 0;
    128    PKIX_UInt32 actualMinorVersion;
    129    PKIX_UInt32 length = 0;
    130 
    131    char *certName = NULL;
    132    char *certDir = NULL;
    133    PKIX_PL_Cert *cmdLineCert = NULL;
    134    PKIX_PL_Cert *cert = NULL;
    135    PKIX_CertSelector *certSelector = NULL;
    136    PKIX_CertStore *certStore = NULL;
    137    PKIX_CertStore *crlStore = NULL;
    138    PKIX_PL_GeneralName *location = NULL;
    139    PKIX_CertStore_CertCallback getCerts = NULL;
    140    PKIX_List *certs = NULL;
    141    char *asciiResult = NULL;
    142    void *nbio = NULL;
    143 
    144    PKIX_PL_CRL *crl = NULL;
    145    PKIX_CRLSelector *crlSelector = NULL;
    146    char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL"
    147                        "files/BasicHTTPURIPeer2CACRL.crl";
    148    PKIX_CertStore_CRLCallback getCrls = NULL;
    149    PKIX_List *crls = NULL;
    150    PKIX_PL_String *crlString = NULL;
    151 
    152    PKIX_TEST_STD_VARS();
    153 
    154    startTests("HttpCertStore");
    155 
    156    PKIX_TEST_EXPECT_NO_ERROR(
    157        PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
    158 
    159    if (argc != (j + 3)) {
    160        printUsage(argv[0]);
    161        pkixTestErrorMsg = "Missing command line argument.";
    162        goto cleanup;
    163    }
    164 
    165    certDir = argv[++j];
    166    certName = argv[++j];
    167 
    168    cmdLineCert = createCert(certDir, certName, plContext);
    169    if (cmdLineCert == NULL) {
    170        pkixTestErrorMsg = "Unable to create Cert";
    171        goto cleanup;
    172    }
    173 
    174    /* muster arguments to create HttpCertStore */
    175    PKIX_TEST_EXPECT_NO_ERROR(getLocation(cmdLineCert, &location, plContext));
    176 
    177    if (location == NULL) {
    178        pkixTestErrorMsg = "Give me a cert with an HTTP URI!";
    179        goto cleanup;
    180    }
    181 
    182    /* create HttpCertStore */
    183    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create(NULL, location, &certStore, plContext));
    184 
    185    /* get the GetCerts callback */
    186    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCerts, plContext));
    187 
    188    /* create a CertSelector */
    189    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext));
    190 
    191    /* Get the certs */
    192    PKIX_TEST_EXPECT_NO_ERROR(getCerts(certStore, certSelector, &nbio, &certs, plContext));
    193 
    194    while (nbio != NULL) {
    195        /* poll for a completion */
    196 
    197        PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue(certStore, certSelector, &nbio, &certs, plContext));
    198    }
    199 
    200    if (certs) {
    201 
    202        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext));
    203 
    204        if (numCerts == 0) {
    205            printf("HttpCertStore returned an empty Cert list\n");
    206            goto cleanup;
    207        }
    208 
    209        for (i = 0; i < numCerts; i++) {
    210            PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs,
    211                                                        i,
    212                                                        (PKIX_PL_Object **)&cert,
    213                                                        plContext));
    214 
    215            asciiResult = PKIX_Cert2ASCII(cert);
    216 
    217            printf("CERT[%d]:\n%s\n", i, asciiResult);
    218 
    219            /* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
    220            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL));
    221            asciiResult = NULL;
    222 
    223            PKIX_TEST_DECREF_BC(cert);
    224        }
    225    } else {
    226        printf("HttpCertStore returned a NULL Cert list\n");
    227    }
    228 
    229    /* create HttpCertStore */
    230    PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName(NULL, crlLocation, &crlStore, plContext));
    231 
    232    /* get the GetCrls callback */
    233    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback(crlStore, &getCrls, plContext));
    234 
    235    /* create a CrlSelector */
    236    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create(NULL, NULL, &crlSelector, plContext));
    237 
    238    /* Get the crls */
    239    PKIX_TEST_EXPECT_NO_ERROR(getCrls(crlStore, crlSelector, &nbio, &crls, plContext));
    240 
    241    while (nbio != NULL) {
    242        /* poll for a completion */
    243 
    244        PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue(crlStore, crlSelector, &nbio, &crls, plContext));
    245    }
    246 
    247    if (crls) {
    248 
    249        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(crls, &numCrls, plContext));
    250 
    251        if (numCrls == 0) {
    252            printf("HttpCertStore returned an empty CRL list\n");
    253            goto cleanup;
    254        }
    255 
    256        for (i = 0; i < numCrls; i++) {
    257            PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(crls,
    258                                                        i,
    259                                                        (PKIX_PL_Object **)&crl,
    260                                                        plContext));
    261 
    262            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(
    263                (PKIX_PL_Object *)crl,
    264                &crlString,
    265                plContext));
    266 
    267            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(crlString,
    268                                                                PKIX_ESCASCII,
    269                                                                (void **)&asciiResult,
    270                                                                &length,
    271                                                                plContext));
    272 
    273            printf("CRL[%d]:\n%s\n", i, asciiResult);
    274 
    275            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext));
    276            PKIX_TEST_DECREF_BC(crlString);
    277            PKIX_TEST_DECREF_BC(crl);
    278        }
    279    } else {
    280        printf("HttpCertStore returned a NULL CRL list\n");
    281    }
    282 
    283 cleanup:
    284 
    285    PKIX_TEST_DECREF_AC(cert);
    286    PKIX_TEST_DECREF_AC(cmdLineCert);
    287    PKIX_TEST_DECREF_AC(certStore);
    288    PKIX_TEST_DECREF_AC(crlStore);
    289    PKIX_TEST_DECREF_AC(location);
    290    PKIX_TEST_DECREF_AC(certs);
    291    PKIX_TEST_DECREF_AC(crl);
    292    PKIX_TEST_DECREF_AC(crlString);
    293    PKIX_TEST_DECREF_AC(crls);
    294 
    295    PKIX_TEST_RETURN();
    296 
    297    endTests("HttpDefaultClient");
    298 
    299    return (0);
    300 }