|
Packit |
b00eeb |
/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
|
|
Packit |
b00eeb |
/*
|
|
Packit |
b00eeb |
Copyright (C) 2010 Collabora Ltd
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
The Gnome Keyring Library is free software; you can redistribute it and/or
|
|
Packit |
b00eeb |
modify it under the terms of the GNU Library General Public License as
|
|
Packit |
b00eeb |
published by the Free Software Foundation; either version 2 of the
|
|
Packit |
b00eeb |
License, or (at your option) any later version.
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
The Gnome Keyring Library is distributed in the hope that it will be useful,
|
|
Packit |
b00eeb |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
b00eeb |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
b00eeb |
Library General Public License for more details.
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
You should have received a copy of the GNU Library General Public
|
|
Packit |
b00eeb |
License along with the Gnome Library; see the file COPYING.LIB. If not,
|
|
Packit |
b00eeb |
see <http://www.gnu.org/licenses/>.
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
Author: Stef Walter <stefw@collabora.co.uk>
|
|
Packit |
b00eeb |
*/
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "config.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "egg/egg-asn1x.h"
|
|
Packit |
b00eeb |
#include "egg/egg-asn1-defs.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "gcr/gcr-base.h"
|
|
Packit |
b00eeb |
#include "gcr/gcr-internal.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "egg/egg-testing.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include "gck/gck-mock.h"
|
|
Packit |
b00eeb |
#include "gck/gck-test.h"
|
|
Packit |
b00eeb |
#include "gck/pkcs11n.h"
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include <glib.h>
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
#include <errno.h>
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
typedef struct {
|
|
Packit |
b00eeb |
gpointer cert_data;
|
|
Packit |
b00eeb |
gsize n_cert_data;
|
|
Packit |
b00eeb |
gpointer cert2_data;
|
|
Packit |
b00eeb |
gsize n_cert2_data;
|
|
Packit |
b00eeb |
CK_FUNCTION_LIST funcs;
|
|
Packit |
b00eeb |
} Test;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
setup (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GckBuilder builder = GCK_BUILDER_INIT;
|
|
Packit |
b00eeb |
GList *modules = NULL;
|
|
Packit |
b00eeb |
CK_FUNCTION_LIST_PTR f;
|
|
Packit |
b00eeb |
GckModule *module;
|
|
Packit |
b00eeb |
GBytes *subject;
|
|
Packit |
b00eeb |
GBytes *bytes;
|
|
Packit |
b00eeb |
GNode *asn, *node;
|
|
Packit |
b00eeb |
CK_RV rv;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate.crt", (gchar**)&test->cert_data,
|
|
Packit |
b00eeb |
&test->n_cert_data, NULL))
|
|
Packit |
b00eeb |
g_assert_not_reached ();
|
|
Packit |
b00eeb |
g_assert (test->cert_data);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate-dsa.cer", (gchar**)&test->cert2_data,
|
|
Packit |
b00eeb |
&test->n_cert2_data, NULL))
|
|
Packit |
b00eeb |
g_assert_not_reached ();
|
|
Packit |
b00eeb |
g_assert (test->cert2_data);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
rv = gck_mock_C_GetFunctionList (&f);
|
|
Packit |
b00eeb |
gck_assert_cmprv (rv, ==, CKR_OK);
|
|
Packit |
b00eeb |
memcpy (&test->funcs, f, sizeof (test->funcs));
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Open a session */
|
|
Packit |
b00eeb |
rv = (test->funcs.C_Initialize) (NULL);
|
|
Packit |
b00eeb |
gck_assert_cmprv (rv, ==, CKR_OK);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_assert (!modules);
|
|
Packit |
b00eeb |
module = gck_module_new (&test->funcs);
|
|
Packit |
b00eeb |
modules = g_list_prepend (modules, module);
|
|
Packit |
b00eeb |
gcr_pkcs11_set_modules (modules);
|
|
Packit |
b00eeb |
gck_list_unref_free (modules);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
bytes = g_bytes_new_static (test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
asn = egg_asn1x_create_and_decode (pkix_asn1_tab, "Certificate", bytes);
|
|
Packit |
b00eeb |
g_assert (asn);
|
|
Packit |
b00eeb |
node = egg_asn1x_node (asn, "tbsCertificate", "subject", NULL);
|
|
Packit |
b00eeb |
subject = egg_asn1x_get_element_raw (node);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Add a certificate to the module */
|
|
Packit |
b00eeb |
gck_builder_add_data (&builder, CKA_VALUE, test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
gck_builder_add_ulong (&builder, CKA_CLASS, CKO_CERTIFICATE);
|
|
Packit |
b00eeb |
gck_builder_add_ulong (&builder, CKA_CERTIFICATE_TYPE, CKC_X_509);
|
|
Packit |
b00eeb |
gck_builder_add_data (&builder, CKA_SUBJECT,
|
|
Packit |
b00eeb |
g_bytes_get_data (subject, NULL),
|
|
Packit |
b00eeb |
g_bytes_get_size (subject));
|
|
Packit |
b00eeb |
gck_mock_module_add_object (gck_builder_end (&builder));
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_bytes_unref (bytes);
|
|
Packit |
b00eeb |
g_bytes_unref (subject);
|
|
Packit |
b00eeb |
egg_asn1x_destroy (asn);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
teardown (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
CK_RV rv;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_free (test->cert_data);
|
|
Packit |
b00eeb |
g_free (test->cert2_data);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
rv = (test->funcs.C_Finalize) (NULL);
|
|
Packit |
b00eeb |
gck_assert_cmprv (rv, ==, CKR_OK);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
_gcr_uninitialize_library ();
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_lookup_certificate_issuer (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GcrCertificate *cert, *issuer;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
GckAttributes *attrs;
|
|
Packit |
b00eeb |
const GckAttribute *attr;
|
|
Packit |
b00eeb |
gconstpointer der;
|
|
Packit |
b00eeb |
gsize n_der;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (cert);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should be self-signed, so should find itself (added in setup) */
|
|
Packit |
b00eeb |
issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
|
|
Packit |
b00eeb |
g_assert (GCR_IS_PKCS11_CERTIFICATE (issuer));
|
|
Packit |
b00eeb |
g_assert (error == NULL);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should be the same certificate */
|
|
Packit |
b00eeb |
der = gcr_certificate_get_der_data (issuer, &n_der);
|
|
Packit |
b00eeb |
egg_assert_cmpsize (n_der, ==, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (memcmp (der, test->cert_data, test->n_cert_data) == 0);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should return the same certificate here too */
|
|
Packit |
b00eeb |
attrs = gcr_pkcs11_certificate_get_attributes (GCR_PKCS11_CERTIFICATE (issuer));
|
|
Packit |
b00eeb |
g_assert (attrs);
|
|
Packit |
b00eeb |
attr = gck_attributes_find (attrs, CKA_VALUE);
|
|
Packit |
b00eeb |
g_assert (attr);
|
|
Packit |
b00eeb |
egg_assert_cmpsize (attr->length, ==, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (memcmp (attr->value, test->cert_data, test->n_cert_data) == 0);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should return the same certificate here too */
|
|
Packit |
b00eeb |
attrs = NULL;
|
|
Packit |
b00eeb |
g_object_get (issuer, "attributes", &attrs, NULL);
|
|
Packit |
b00eeb |
g_assert (attrs);
|
|
Packit |
b00eeb |
attr = gck_attributes_find (attrs, CKA_VALUE);
|
|
Packit |
b00eeb |
g_assert (attr);
|
|
Packit |
b00eeb |
egg_assert_cmpsize (attr->length, ==, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (memcmp (attr->value, test->cert_data, test->n_cert_data) == 0);
|
|
Packit |
b00eeb |
gck_attributes_unref (attrs);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_object_unref (cert);
|
|
Packit |
b00eeb |
g_object_unref (issuer);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_lookup_certificate_issuer_not_found (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GcrCertificate *cert, *issuer;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
cert = gcr_simple_certificate_new_static (test->cert2_data, test->n_cert2_data);
|
|
Packit |
b00eeb |
g_assert (cert);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Issuer shouldn't be found */
|
|
Packit |
b00eeb |
issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
|
|
Packit |
b00eeb |
g_assert (issuer == NULL);
|
|
Packit |
b00eeb |
g_assert (error == NULL);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_object_unref (cert);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
fetch_async_result (GObject *source, GAsyncResult *result, gpointer user_data)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
*((GAsyncResult**)user_data) = result;
|
|
Packit |
b00eeb |
g_object_ref (result);
|
|
Packit |
b00eeb |
egg_test_wait_stop ();
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_lookup_certificate_issuer_async (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GAsyncResult *result = NULL;
|
|
Packit |
b00eeb |
GcrCertificate *cert, *issuer;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
gconstpointer der;
|
|
Packit |
b00eeb |
gsize n_der;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (cert);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should be self-signed, so should find itself (added in setup) */
|
|
Packit |
b00eeb |
gcr_pkcs11_certificate_lookup_issuer_async (cert, NULL, fetch_async_result, &result);
|
|
Packit |
b00eeb |
egg_test_wait_until (500);
|
|
Packit |
b00eeb |
g_assert (result);
|
|
Packit |
b00eeb |
issuer = gcr_pkcs11_certificate_lookup_issuer_finish (result, &error);
|
|
Packit |
b00eeb |
g_assert (GCR_IS_PKCS11_CERTIFICATE (issuer));
|
|
Packit |
b00eeb |
g_assert (error == NULL);
|
|
Packit |
b00eeb |
g_object_unref (result);
|
|
Packit |
b00eeb |
result = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should be the same certificate */
|
|
Packit |
b00eeb |
der = gcr_certificate_get_der_data (issuer, &n_der);
|
|
Packit |
b00eeb |
egg_assert_cmpsize (n_der, ==, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (memcmp (der, test->cert_data, test->n_cert_data) == 0);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_object_unref (cert);
|
|
Packit |
b00eeb |
g_object_unref (issuer);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_lookup_certificate_issuer_failure (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GcrCertificate *cert, *issuer;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (cert);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Make the lookup fail */
|
|
Packit |
b00eeb |
test->funcs.C_GetAttributeValue = gck_mock_fail_C_GetAttributeValue;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
|
|
Packit |
b00eeb |
g_assert (issuer == NULL);
|
|
Packit |
b00eeb |
g_assert_error (error, GCK_ERROR, CKR_FUNCTION_FAILED);
|
|
Packit |
b00eeb |
g_assert (error->message);
|
|
Packit |
b00eeb |
g_clear_error (&error);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_object_unref (cert);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
static void
|
|
Packit |
b00eeb |
test_lookup_certificate_issuer_fail_async (Test *test, gconstpointer unused)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
GAsyncResult *result = NULL;
|
|
Packit |
b00eeb |
GcrCertificate *cert, *issuer;
|
|
Packit |
b00eeb |
GError *error = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
|
|
Packit |
b00eeb |
g_assert (cert);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Make the lookup fail */
|
|
Packit |
b00eeb |
test->funcs.C_GetAttributeValue = gck_mock_fail_C_GetAttributeValue;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
/* Should be self-signed, so should find itself (added in setup) */
|
|
Packit |
b00eeb |
gcr_pkcs11_certificate_lookup_issuer_async (cert, NULL, fetch_async_result, &result);
|
|
Packit |
b00eeb |
egg_test_wait_until (500);
|
|
Packit |
b00eeb |
g_assert (result);
|
|
Packit |
b00eeb |
issuer = gcr_pkcs11_certificate_lookup_issuer_finish (result, &error);
|
|
Packit |
b00eeb |
g_assert (issuer == NULL);
|
|
Packit |
b00eeb |
g_assert_error (error, GCK_ERROR, CKR_FUNCTION_FAILED);
|
|
Packit |
b00eeb |
g_assert (error->message);
|
|
Packit |
b00eeb |
g_clear_error (&error);
|
|
Packit |
b00eeb |
g_object_unref (result);
|
|
Packit |
b00eeb |
result = NULL;
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_object_unref (cert);
|
|
Packit |
b00eeb |
}
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
int
|
|
Packit |
b00eeb |
main (int argc, char **argv)
|
|
Packit |
b00eeb |
{
|
|
Packit |
b00eeb |
g_test_init (&argc, &argv, NULL);
|
|
Packit |
b00eeb |
g_set_prgname ("test-pkcs11-certificate");
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer", Test, NULL, setup, test_lookup_certificate_issuer, teardown);
|
|
Packit |
b00eeb |
g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_not_found", Test, NULL, setup, test_lookup_certificate_issuer_not_found, teardown);
|
|
Packit |
b00eeb |
g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_async", Test, NULL, setup, test_lookup_certificate_issuer_async, teardown);
|
|
Packit |
b00eeb |
g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_failure", Test, NULL, setup, test_lookup_certificate_issuer_failure, teardown);
|
|
Packit |
b00eeb |
g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_fail_async", Test, NULL, setup, test_lookup_certificate_issuer_fail_async, teardown);
|
|
Packit |
b00eeb |
|
|
Packit |
b00eeb |
return egg_tests_run_with_loop ();
|
|
Packit |
b00eeb |
}
|