[ tor-browser ].git.dasho

testutil_nss.c (14894B)
      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this
      3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 /*
      5 * testutil_nss.c
      6 *
      7 * NSS-specific utility functions for handling test errors
      8 *
      9 */
     10 
     11 #include <stdio.h>
     12 #include <string.h>
     13 #include <stddef.h>
     14 
     15 #include "pkix_pl_generalname.h"
     16 #include "pkix_pl_cert.h"
     17 #include "pkix.h"
     18 #include "testutil.h"
     19 #include "prlong.h"
     20 #include "plstr.h"
     21 #include "prthread.h"
     22 #include "secutil.h"
     23 #include "nspr.h"
     24 #include "prtypes.h"
     25 #include "prtime.h"
     26 #include "pk11func.h"
     27 #include "secasn1.h"
     28 #include "cert.h"
     29 #include "cryptohi.h"
     30 #include "secoid.h"
     31 #include "certdb.h"
     32 #include "secitem.h"
     33 #include "keythi.h"
     34 #include "nss.h"
     35 
     36 static char *
     37 catDirName(char *dir, char *name, void *plContext)
     38 {
     39    char *pathName = NULL;
     40    PKIX_UInt32 nameLen;
     41    PKIX_UInt32 dirLen;
     42 
     43    PKIX_TEST_STD_VARS();
     44 
     45    nameLen = PL_strlen(name);
     46    dirLen = PL_strlen(dir);
     47 
     48    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(dirLen + nameLen + 2,
     49                                             (void **)&pathName,
     50                                             plContext));
     51 
     52    PL_strcpy(pathName, dir);
     53    PL_strcat(pathName, "/");
     54    PL_strcat(pathName, name);
     55    printf("pathName = %s\n", pathName);
     56 
     57 cleanup:
     58 
     59    PKIX_TEST_RETURN();
     60 
     61    return (pathName);
     62 }
     63 
     64 PKIX_PL_Cert *
     65 createCert(
     66    char *dirName,
     67    char *certFileName,
     68    void *plContext)
     69 {
     70    PKIX_PL_ByteArray *byteArray = NULL;
     71    void *buf = NULL;
     72    PRFileDesc *certFile = NULL;
     73    PKIX_UInt32 len;
     74    SECItem certDER;
     75    SECStatus rv;
     76    /* default: NULL cert (failure case) */
     77    PKIX_PL_Cert *cert = NULL;
     78    char *pathName = NULL;
     79 
     80    PKIX_TEST_STD_VARS();
     81 
     82    certDER.data = NULL;
     83 
     84    pathName = catDirName(dirName, certFileName, plContext);
     85    certFile = PR_Open(pathName, PR_RDONLY, 0);
     86 
     87    if (!certFile) {
     88        pkixTestErrorMsg = "Unable to open cert file";
     89        goto cleanup;
     90    } else {
     91        rv = SECU_ReadDERFromFile(&certDER, certFile, PR_FALSE, PR_FALSE);
     92        if (!rv) {
     93            buf = (void *)certDER.data;
     94            len = certDER.len;
     95 
     96            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext));
     97 
     98            PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext));
     99 
    100            SECITEM_FreeItem(&certDER, PR_FALSE);
    101        } else {
    102            pkixTestErrorMsg = "Unable to read DER from cert file";
    103            goto cleanup;
    104        }
    105    }
    106 
    107 cleanup:
    108 
    109    pkixTestErrorResult = PKIX_PL_Free(pathName, plContext);
    110 
    111    if (certFile) {
    112        PR_Close(certFile);
    113    }
    114 
    115    if (PKIX_TEST_ERROR_RECEIVED) {
    116        SECITEM_FreeItem(&certDER, PR_FALSE);
    117    }
    118 
    119    PKIX_TEST_DECREF_AC(byteArray);
    120 
    121    PKIX_TEST_RETURN();
    122 
    123    return (cert);
    124 }
    125 
    126 PKIX_PL_CRL *
    127 createCRL(
    128    char *dirName,
    129    char *crlFileName,
    130    void *plContext)
    131 {
    132    PKIX_PL_ByteArray *byteArray = NULL;
    133    PKIX_PL_CRL *crl = NULL;
    134    PKIX_Error *error = NULL;
    135    PRFileDesc *inFile = NULL;
    136    SECItem crlDER;
    137    void *buf = NULL;
    138    PKIX_UInt32 len;
    139    SECStatus rv;
    140    char *pathName = NULL;
    141 
    142    PKIX_TEST_STD_VARS();
    143 
    144    crlDER.data = NULL;
    145 
    146    pathName = catDirName(dirName, crlFileName, plContext);
    147    inFile = PR_Open(pathName, PR_RDONLY, 0);
    148 
    149    if (!inFile) {
    150        pkixTestErrorMsg = "Unable to open crl file";
    151        goto cleanup;
    152    } else {
    153        rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE);
    154        if (!rv) {
    155            buf = (void *)crlDER.data;
    156            len = crlDER.len;
    157 
    158            error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext);
    159 
    160            if (error) {
    161                pkixTestErrorMsg =
    162                    "PKIX_PL_ByteArray_Create failed";
    163                goto cleanup;
    164            }
    165 
    166            error = PKIX_PL_CRL_Create(byteArray, &crl, plContext);
    167            if (error) {
    168                pkixTestErrorMsg = "PKIX_PL_Crl_Create failed";
    169                goto cleanup;
    170            }
    171 
    172            SECITEM_FreeItem(&crlDER, PR_FALSE);
    173        } else {
    174            pkixTestErrorMsg = "Unable to read DER from crl file";
    175            goto cleanup;
    176        }
    177    }
    178 
    179 cleanup:
    180 
    181    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(pathName, plContext));
    182 
    183    if (inFile) {
    184        PR_Close(inFile);
    185    }
    186 
    187    if (error) {
    188        SECITEM_FreeItem(&crlDER, PR_FALSE);
    189    }
    190 
    191    PKIX_TEST_DECREF_AC(byteArray);
    192 
    193    PKIX_TEST_RETURN();
    194 
    195    return (crl);
    196 }
    197 
    198 PKIX_TrustAnchor *
    199 createTrustAnchor(
    200    char *dirName,
    201    char *certFileName,
    202    PKIX_Boolean useCert,
    203    void *plContext)
    204 {
    205    PKIX_TrustAnchor *anchor = NULL;
    206    PKIX_PL_Cert *cert = NULL;
    207    PKIX_PL_X500Name *name = NULL;
    208    PKIX_PL_PublicKey *pubKey = NULL;
    209    PKIX_PL_CertNameConstraints *nameConstraints = NULL;
    210 
    211    PKIX_TEST_STD_VARS();
    212 
    213    cert = createCert(dirName, certFileName, plContext);
    214 
    215    if (useCert) {
    216        PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(cert, &anchor, plContext));
    217    } else {
    218        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(cert, &name, plContext));
    219 
    220        if (name == NULL) {
    221            goto cleanup;
    222        }
    223 
    224        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));
    225 
    226        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(cert, &nameConstraints, NULL));
    227 
    228        PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithNameKeyPair(name, pubKey, nameConstraints, &anchor, plContext));
    229    }
    230 
    231 cleanup:
    232 
    233    if (PKIX_TEST_ERROR_RECEIVED) {
    234        PKIX_TEST_DECREF_AC(anchor);
    235    }
    236 
    237    PKIX_TEST_DECREF_AC(cert);
    238    PKIX_TEST_DECREF_AC(name);
    239    PKIX_TEST_DECREF_AC(pubKey);
    240    PKIX_TEST_DECREF_AC(nameConstraints);
    241 
    242    PKIX_TEST_RETURN();
    243 
    244    return (anchor);
    245 }
    246 
    247 PKIX_List *
    248 createCertChain(
    249    char *dirName,
    250    char *firstCertFileName,
    251    char *secondCertFileName,
    252    void *plContext)
    253 {
    254    PKIX_PL_Cert *firstCert = NULL;
    255    PKIX_PL_Cert *secondCert = NULL;
    256    PKIX_List *certList = NULL;
    257 
    258    PKIX_TEST_STD_VARS();
    259 
    260    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));
    261 
    262    firstCert = createCert(dirName, firstCertFileName, plContext);
    263 
    264    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)firstCert, plContext));
    265 
    266    if (secondCertFileName) {
    267        secondCert = createCert(dirName, secondCertFileName, plContext);
    268 
    269        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)secondCert, plContext));
    270    }
    271 
    272    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));
    273 
    274 cleanup:
    275 
    276    if (PKIX_TEST_ERROR_RECEIVED) {
    277        PKIX_TEST_DECREF_AC(certList);
    278    }
    279 
    280    PKIX_TEST_DECREF_AC(firstCert);
    281    PKIX_TEST_DECREF_AC(secondCert);
    282 
    283    PKIX_TEST_RETURN();
    284 
    285    return (certList);
    286 }
    287 
    288 PKIX_List *
    289 createCertChainPlus(
    290    char *dirName,
    291    char *certNames[],
    292    PKIX_PL_Cert *certs[],
    293    PKIX_UInt32 numCerts,
    294    void *plContext)
    295 {
    296    PKIX_List *certList = NULL;
    297    PKIX_UInt32 i;
    298 
    299    PKIX_TEST_STD_VARS();
    300 
    301    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));
    302 
    303    for (i = 0; i < numCerts; i++) {
    304 
    305        certs[i] = createCert(dirName, certNames[i], plContext);
    306 
    307        /* Create Cert may fail */
    308        if (certs[i] == NULL) {
    309            PKIX_TEST_DECREF_BC(certList);
    310            goto cleanup;
    311        }
    312 
    313        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList,
    314                                                       (PKIX_PL_Object *)certs[i],
    315                                                       plContext));
    316    }
    317 
    318    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));
    319 
    320 cleanup:
    321 
    322    if (PKIX_TEST_ERROR_RECEIVED) {
    323        PKIX_TEST_DECREF_AC(certList);
    324    }
    325 
    326    for (i = 0; i < numCerts; i++) {
    327        PKIX_TEST_DECREF_AC(certs[i]);
    328    }
    329 
    330    PKIX_TEST_RETURN();
    331 
    332    return (certList);
    333 }
    334 
    335 PKIX_PL_Date *
    336 createDate(
    337    char *asciiDate,
    338    void *plContext)
    339 {
    340    PKIX_PL_Date *date = NULL;
    341    PKIX_PL_String *plString = NULL;
    342 
    343    PKIX_TEST_STD_VARS();
    344 
    345    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiDate, 0, &plString, plContext));
    346 
    347    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(plString, &date, plContext));
    348 
    349 cleanup:
    350 
    351    PKIX_TEST_DECREF_AC(plString);
    352 
    353    PKIX_TEST_RETURN();
    354 
    355    return (date);
    356 }
    357 
    358 PKIX_ProcessingParams *
    359 createProcessingParams(
    360    char *dirName,
    361    char *firstAnchorFileName,
    362    char *secondAnchorFileName,
    363    char *dateAscii,
    364    PKIX_List *initialPolicies, /* List of PKIX_PL_OID */
    365    PKIX_Boolean isCrlEnabled,
    366    void *plContext)
    367 {
    368 
    369    PKIX_TrustAnchor *firstAnchor = NULL;
    370    PKIX_TrustAnchor *secondAnchor = NULL;
    371    PKIX_List *anchorsList = NULL;
    372    PKIX_ProcessingParams *procParams = NULL;
    373    PKIX_PL_String *dateString = NULL;
    374    PKIX_PL_Date *testDate = NULL;
    375 
    376    PKIX_TEST_STD_VARS();
    377 
    378    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchorsList, plContext));
    379 
    380    firstAnchor = createTrustAnchor(dirName, firstAnchorFileName, PKIX_FALSE, plContext);
    381 
    382    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
    383                                                   (PKIX_PL_Object *)firstAnchor,
    384                                                   plContext));
    385 
    386    if (secondAnchorFileName) {
    387        secondAnchor =
    388            createTrustAnchor(dirName, secondAnchorFileName, PKIX_FALSE, plContext);
    389 
    390        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
    391                                                       (PKIX_PL_Object *)secondAnchor,
    392                                                       plContext));
    393    }
    394 
    395    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchorsList, &procParams, plContext));
    396 
    397    if (dateAscii) {
    398        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
    399                                                        dateAscii,
    400                                                        0,
    401                                                        &dateString,
    402                                                        plContext));
    403 
    404        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(dateString, &testDate, plContext));
    405 
    406        PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetDate(procParams, testDate, plContext));
    407    }
    408 
    409    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));
    410 
    411    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, isCrlEnabled, plContext));
    412 
    413 cleanup:
    414 
    415    if (PKIX_TEST_ERROR_RECEIVED) {
    416        PKIX_TEST_DECREF_AC(procParams);
    417    }
    418 
    419    PKIX_TEST_DECREF_AC(dateString);
    420    PKIX_TEST_DECREF_AC(testDate);
    421    PKIX_TEST_DECREF_AC(anchorsList);
    422    PKIX_TEST_DECREF_AC(firstAnchor);
    423    PKIX_TEST_DECREF_AC(secondAnchor);
    424 
    425    PKIX_TEST_RETURN();
    426 
    427    return (procParams);
    428 }
    429 
    430 PKIX_ValidateParams *
    431 createValidateParams(
    432    char *dirName,
    433    char *firstAnchorFileName,
    434    char *secondAnchorFileName,
    435    char *dateAscii,
    436    PKIX_List *initialPolicies, /* List of PKIX_PL_OID */
    437    PKIX_Boolean initialPolicyMappingInhibit,
    438    PKIX_Boolean initialAnyPolicyInhibit,
    439    PKIX_Boolean initialExplicitPolicy,
    440    PKIX_Boolean isCrlEnabled,
    441    PKIX_List *chain,
    442    void *plContext)
    443 {
    444 
    445    PKIX_ProcessingParams *procParams = NULL;
    446    PKIX_ValidateParams *valParams = NULL;
    447 
    448    PKIX_TEST_STD_VARS();
    449 
    450    procParams =
    451        createProcessingParams(dirName,
    452                               firstAnchorFileName,
    453                               secondAnchorFileName,
    454                               dateAscii,
    455                               NULL,
    456                               isCrlEnabled,
    457                               plContext);
    458 
    459    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));
    460 
    461    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetPolicyMappingInhibited(procParams, initialPolicyMappingInhibit, NULL));
    462 
    463    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetAnyPolicyInhibited(procParams, initialAnyPolicyInhibit, NULL));
    464 
    465    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetExplicitPolicyRequired(procParams, initialExplicitPolicy, NULL));
    466 
    467    PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create(procParams, chain, &valParams, plContext));
    468 
    469 cleanup:
    470 
    471    if (PKIX_TEST_ERROR_RECEIVED) {
    472        PKIX_TEST_DECREF_AC(valParams);
    473    }
    474 
    475    PKIX_TEST_DECREF_AC(procParams);
    476 
    477    PKIX_TEST_RETURN();
    478 
    479    return (valParams);
    480 }
    481 
    482 PKIX_ValidateResult *
    483 createValidateResult(
    484    char *dirName,
    485    char *anchorFileName,
    486    char *pubKeyCertFileName,
    487    void *plContext)
    488 {
    489 
    490    PKIX_TrustAnchor *anchor = NULL;
    491    PKIX_ValidateResult *valResult = NULL;
    492    PKIX_PL_Cert *cert = NULL;
    493    PKIX_PL_PublicKey *pubKey = NULL;
    494 
    495    PKIX_TEST_STD_VARS();
    496 
    497    anchor = createTrustAnchor(dirName, anchorFileName, PKIX_FALSE, plContext);
    498    cert = createCert(dirName, pubKeyCertFileName, plContext);
    499 
    500    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));
    501 
    502    PKIX_TEST_EXPECT_NO_ERROR(pkix_ValidateResult_Create(pubKey, anchor, NULL, &valResult, plContext));
    503 
    504 cleanup:
    505 
    506    if (PKIX_TEST_ERROR_RECEIVED) {
    507        PKIX_TEST_DECREF_AC(valResult);
    508    }
    509 
    510    PKIX_TEST_DECREF_AC(anchor);
    511    PKIX_TEST_DECREF_AC(cert);
    512    PKIX_TEST_DECREF_AC(pubKey);
    513 
    514    PKIX_TEST_RETURN();
    515 
    516    return (valResult);
    517 }
    518 
    519 PKIX_PL_GeneralName *
    520 createGeneralName(
    521    PKIX_UInt32 nameType,
    522    char *asciiName,
    523    void *plContext)
    524 {
    525 
    526    PKIX_PL_GeneralName *generalName = NULL;
    527    PKIX_PL_String *plString = NULL;
    528 
    529    PKIX_TEST_STD_VARS();
    530 
    531    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiName, 0, &plString, plContext));
    532 
    533    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_GeneralName_Create(nameType, plString, &generalName, plContext));
    534 
    535 cleanup:
    536 
    537    PKIX_TEST_DECREF_AC(plString);
    538 
    539    PKIX_TEST_RETURN();
    540 
    541    return (generalName);
    542 }
    543 
    544 PKIX_BuildResult *
    545 createBuildResult(
    546    char *dirName,
    547    char *anchorFileName,
    548    char *pubKeyCertFileName,
    549    char *firstChainCertFileName,
    550    char *secondChainCertFileName,
    551    void *plContext)
    552 {
    553    PKIX_BuildResult *buildResult = NULL;
    554    PKIX_ValidateResult *valResult = NULL;
    555    PKIX_List *certChain = NULL;
    556 
    557    PKIX_TEST_STD_VARS();
    558 
    559    valResult = createValidateResult(dirName, anchorFileName, pubKeyCertFileName, plContext);
    560    certChain = createCertChain(dirName,
    561                                firstChainCertFileName,
    562                                secondChainCertFileName,
    563                                plContext);
    564 
    565    PKIX_TEST_EXPECT_NO_ERROR(pkix_BuildResult_Create(valResult, certChain, &buildResult, plContext));
    566 
    567 cleanup:
    568 
    569    if (PKIX_TEST_ERROR_RECEIVED) {
    570        PKIX_TEST_DECREF_AC(buildResult);
    571    }
    572 
    573    PKIX_TEST_DECREF_AC(valResult);
    574    PKIX_TEST_DECREF_AC(certChain);
    575 
    576    PKIX_TEST_RETURN();
    577 
    578    return (buildResult);
    579 }
	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE