source-git / gcr

Clone
Source Code
GIT

Blame gcr/test-pkcs11-certificate.c

c8 c8s master
  1.   e5f55597a63dc6648a7cb3d8ce7654fa21c24386
  2.   gcr
  3.   test-pkcs11-certificate.c
Blob History Raw
Packit b00eeb 
/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
Packit b00eeb 
/*
Packit b00eeb 
   Copyright (C) 2010 Collabora Ltd
Packit b00eeb
Packit b00eeb 
   The Gnome Keyring Library is free software; you can redistribute it and/or
Packit b00eeb 
   modify it under the terms of the GNU Library General Public License as
Packit b00eeb 
   published by the Free Software Foundation; either version 2 of the
Packit b00eeb 
   License, or (at your option) any later version.
Packit b00eeb
Packit b00eeb 
   The Gnome Keyring Library is distributed in the hope that it will be useful,
Packit b00eeb 
   but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit b00eeb 
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit b00eeb 
   Library General Public License for more details.
Packit b00eeb
Packit b00eeb 
   You should have received a copy of the GNU Library General Public
Packit b00eeb 
   License along with the Gnome Library; see the file COPYING.LIB.  If not,
Packit b00eeb 
   see <http://www.gnu.org/licenses/>.
Packit b00eeb
Packit b00eeb 
   Author: Stef Walter <stefw@collabora.co.uk>
Packit b00eeb 
*/
Packit b00eeb
Packit b00eeb 
#include "config.h"
Packit b00eeb
Packit b00eeb 
#include "egg/egg-asn1x.h"
Packit b00eeb 
#include "egg/egg-asn1-defs.h"
Packit b00eeb
Packit b00eeb 
#include "gcr/gcr-base.h"
Packit b00eeb 
#include "gcr/gcr-internal.h"
Packit b00eeb
Packit b00eeb 
#include "egg/egg-testing.h"
Packit b00eeb
Packit b00eeb 
#include "gck/gck-mock.h"
Packit b00eeb 
#include "gck/gck-test.h"
Packit b00eeb 
#include "gck/pkcs11n.h"
Packit b00eeb
Packit b00eeb 
#include <glib.h>
Packit b00eeb
Packit b00eeb 
#include <errno.h>
Packit b00eeb
Packit b00eeb 
typedef struct {
Packit b00eeb 
	gpointer cert_data;
Packit b00eeb 
	gsize n_cert_data;
Packit b00eeb 
	gpointer cert2_data;
Packit b00eeb 
	gsize n_cert2_data;
Packit b00eeb 
	CK_FUNCTION_LIST funcs;
Packit b00eeb 
} Test;
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
setup (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GckBuilder builder = GCK_BUILDER_INIT;
Packit b00eeb 
	GList *modules = NULL;
Packit b00eeb 
	CK_FUNCTION_LIST_PTR f;
Packit b00eeb 
	GckModule *module;
Packit b00eeb 
	GBytes *subject;
Packit b00eeb 
	GBytes *bytes;
Packit b00eeb 
	GNode *asn, *node;
Packit b00eeb 
	CK_RV rv;
Packit b00eeb
Packit b00eeb 
	if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate.crt", (gchar**)&test->cert_data,
Packit b00eeb 
	                          &test->n_cert_data, NULL))
Packit b00eeb 
		g_assert_not_reached ();
Packit b00eeb 
	g_assert (test->cert_data);
Packit b00eeb
Packit b00eeb 
	if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate-dsa.cer", (gchar**)&test->cert2_data,
Packit b00eeb 
	                          &test->n_cert2_data, NULL))
Packit b00eeb 
		g_assert_not_reached ();
Packit b00eeb 
	g_assert (test->cert2_data);
Packit b00eeb
Packit b00eeb 
	rv = gck_mock_C_GetFunctionList (&f);
Packit b00eeb 
	gck_assert_cmprv (rv, ==, CKR_OK);
Packit b00eeb 
	memcpy (&test->funcs, f, sizeof (test->funcs));
Packit b00eeb
Packit b00eeb 
	/* Open a session */
Packit b00eeb 
	rv = (test->funcs.C_Initialize) (NULL);
Packit b00eeb 
	gck_assert_cmprv (rv, ==, CKR_OK);
Packit b00eeb
Packit b00eeb 
	g_assert (!modules);
Packit b00eeb 
	module = gck_module_new (&test->funcs);
Packit b00eeb 
	modules = g_list_prepend (modules, module);
Packit b00eeb 
	gcr_pkcs11_set_modules (modules);
Packit b00eeb 
	gck_list_unref_free (modules);
Packit b00eeb
Packit b00eeb 
	bytes = g_bytes_new_static (test->cert_data, test->n_cert_data);
Packit b00eeb 
	asn = egg_asn1x_create_and_decode (pkix_asn1_tab, "Certificate", bytes);
Packit b00eeb 
	g_assert (asn);
Packit b00eeb 
	node = egg_asn1x_node (asn, "tbsCertificate", "subject", NULL);
Packit b00eeb 
	subject = egg_asn1x_get_element_raw (node);
Packit b00eeb
Packit b00eeb 
	/* Add a certificate to the module */
Packit b00eeb 
	gck_builder_add_data (&builder, CKA_VALUE, test->cert_data, test->n_cert_data);
Packit b00eeb 
	gck_builder_add_ulong (&builder, CKA_CLASS, CKO_CERTIFICATE);
Packit b00eeb 
	gck_builder_add_ulong (&builder, CKA_CERTIFICATE_TYPE, CKC_X_509);
Packit b00eeb 
	gck_builder_add_data (&builder, CKA_SUBJECT,
Packit b00eeb 
	                      g_bytes_get_data (subject, NULL),
Packit b00eeb 
	                      g_bytes_get_size (subject));
Packit b00eeb 
	gck_mock_module_add_object (gck_builder_end (&builder));
Packit b00eeb
Packit b00eeb 
	g_bytes_unref (bytes);
Packit b00eeb 
	g_bytes_unref (subject);
Packit b00eeb 
	egg_asn1x_destroy (asn);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
teardown (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	CK_RV rv;
Packit b00eeb
Packit b00eeb 
	g_free (test->cert_data);
Packit b00eeb 
	g_free (test->cert2_data);
Packit b00eeb
Packit b00eeb 
	rv = (test->funcs.C_Finalize) (NULL);
Packit b00eeb 
	gck_assert_cmprv (rv, ==, CKR_OK);
Packit b00eeb
Packit b00eeb 
	_gcr_uninitialize_library ();
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
test_lookup_certificate_issuer (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GcrCertificate *cert, *issuer;
Packit b00eeb 
	GError *error = NULL;
Packit b00eeb 
	GckAttributes *attrs;
Packit b00eeb 
	const GckAttribute *attr;
Packit b00eeb 
	gconstpointer der;
Packit b00eeb 
	gsize n_der;
Packit b00eeb
Packit b00eeb 
	cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
Packit b00eeb 
	g_assert (cert);
Packit b00eeb
Packit b00eeb 
	/* Should be self-signed, so should find itself (added in setup) */
Packit b00eeb 
	issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
Packit b00eeb 
	g_assert (GCR_IS_PKCS11_CERTIFICATE (issuer));
Packit b00eeb 
	g_assert (error == NULL);
Packit b00eeb
Packit b00eeb 
	/* Should be the same certificate */
Packit b00eeb 
	der = gcr_certificate_get_der_data (issuer, &n_der);
Packit b00eeb 
	egg_assert_cmpsize (n_der, ==, test->n_cert_data);
Packit b00eeb 
	g_assert (memcmp (der, test->cert_data, test->n_cert_data) == 0);
Packit b00eeb
Packit b00eeb 
	/* Should return the same certificate here too */
Packit b00eeb 
	attrs = gcr_pkcs11_certificate_get_attributes (GCR_PKCS11_CERTIFICATE (issuer));
Packit b00eeb 
	g_assert (attrs);
Packit b00eeb 
	attr = gck_attributes_find (attrs, CKA_VALUE);
Packit b00eeb 
	g_assert (attr);
Packit b00eeb 
	egg_assert_cmpsize (attr->length, ==, test->n_cert_data);
Packit b00eeb 
	g_assert (memcmp (attr->value, test->cert_data, test->n_cert_data) == 0);
Packit b00eeb
Packit b00eeb 
	/* Should return the same certificate here too */
Packit b00eeb 
	attrs = NULL;
Packit b00eeb 
	g_object_get (issuer, "attributes", &attrs, NULL);
Packit b00eeb 
	g_assert (attrs);
Packit b00eeb 
	attr = gck_attributes_find (attrs, CKA_VALUE);
Packit b00eeb 
	g_assert (attr);
Packit b00eeb 
	egg_assert_cmpsize (attr->length, ==, test->n_cert_data);
Packit b00eeb 
	g_assert (memcmp (attr->value, test->cert_data, test->n_cert_data) == 0);
Packit b00eeb 
	gck_attributes_unref (attrs);
Packit b00eeb
Packit b00eeb 
	g_object_unref (cert);
Packit b00eeb 
	g_object_unref (issuer);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
test_lookup_certificate_issuer_not_found (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GcrCertificate *cert, *issuer;
Packit b00eeb 
	GError *error = NULL;
Packit b00eeb
Packit b00eeb 
	cert = gcr_simple_certificate_new_static (test->cert2_data, test->n_cert2_data);
Packit b00eeb 
	g_assert (cert);
Packit b00eeb
Packit b00eeb 
	/* Issuer shouldn't be found */
Packit b00eeb 
	issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
Packit b00eeb 
	g_assert (issuer == NULL);
Packit b00eeb 
	g_assert (error == NULL);
Packit b00eeb
Packit b00eeb 
	g_object_unref (cert);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
fetch_async_result (GObject *source, GAsyncResult *result, gpointer user_data)
Packit b00eeb 
{
Packit b00eeb 
	*((GAsyncResult**)user_data) = result;
Packit b00eeb 
	g_object_ref (result);
Packit b00eeb 
	egg_test_wait_stop ();
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
test_lookup_certificate_issuer_async (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GAsyncResult *result = NULL;
Packit b00eeb 
	GcrCertificate *cert, *issuer;
Packit b00eeb 
	GError *error = NULL;
Packit b00eeb 
	gconstpointer der;
Packit b00eeb 
	gsize n_der;
Packit b00eeb
Packit b00eeb 
	cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
Packit b00eeb 
	g_assert (cert);
Packit b00eeb
Packit b00eeb 
	/* Should be self-signed, so should find itself (added in setup) */
Packit b00eeb 
	gcr_pkcs11_certificate_lookup_issuer_async (cert, NULL, fetch_async_result, &result);
Packit b00eeb 
	egg_test_wait_until (500);
Packit b00eeb 
	g_assert (result);
Packit b00eeb 
	issuer = gcr_pkcs11_certificate_lookup_issuer_finish (result, &error);
Packit b00eeb 
	g_assert (GCR_IS_PKCS11_CERTIFICATE (issuer));
Packit b00eeb 
	g_assert (error == NULL);
Packit b00eeb 
	g_object_unref (result);
Packit b00eeb 
	result = NULL;
Packit b00eeb
Packit b00eeb 
	/* Should be the same certificate */
Packit b00eeb 
	der = gcr_certificate_get_der_data (issuer, &n_der);
Packit b00eeb 
	egg_assert_cmpsize (n_der, ==, test->n_cert_data);
Packit b00eeb 
	g_assert (memcmp (der, test->cert_data, test->n_cert_data) == 0);
Packit b00eeb
Packit b00eeb 
	g_object_unref (cert);
Packit b00eeb 
	g_object_unref (issuer);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
test_lookup_certificate_issuer_failure (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GcrCertificate *cert, *issuer;
Packit b00eeb 
	GError *error = NULL;
Packit b00eeb
Packit b00eeb 
	cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
Packit b00eeb 
	g_assert (cert);
Packit b00eeb
Packit b00eeb 
	/* Make the lookup fail */
Packit b00eeb 
	test->funcs.C_GetAttributeValue = gck_mock_fail_C_GetAttributeValue;
Packit b00eeb
Packit b00eeb 
	issuer = gcr_pkcs11_certificate_lookup_issuer (cert, NULL, &error);
Packit b00eeb 
	g_assert (issuer == NULL);
Packit b00eeb 
	g_assert_error (error, GCK_ERROR, CKR_FUNCTION_FAILED);
Packit b00eeb 
	g_assert (error->message);
Packit b00eeb 
	g_clear_error (&error);
Packit b00eeb
Packit b00eeb 
	g_object_unref (cert);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
static void
Packit b00eeb 
test_lookup_certificate_issuer_fail_async (Test *test, gconstpointer unused)
Packit b00eeb 
{
Packit b00eeb 
	GAsyncResult *result = NULL;
Packit b00eeb 
	GcrCertificate *cert, *issuer;
Packit b00eeb 
	GError *error = NULL;
Packit b00eeb
Packit b00eeb 
	cert = gcr_simple_certificate_new_static (test->cert_data, test->n_cert_data);
Packit b00eeb 
	g_assert (cert);
Packit b00eeb
Packit b00eeb 
	/* Make the lookup fail */
Packit b00eeb 
	test->funcs.C_GetAttributeValue = gck_mock_fail_C_GetAttributeValue;
Packit b00eeb
Packit b00eeb 
	/* Should be self-signed, so should find itself (added in setup) */
Packit b00eeb 
	gcr_pkcs11_certificate_lookup_issuer_async (cert, NULL, fetch_async_result, &result);
Packit b00eeb 
	egg_test_wait_until (500);
Packit b00eeb 
	g_assert (result);
Packit b00eeb 
	issuer = gcr_pkcs11_certificate_lookup_issuer_finish (result, &error);
Packit b00eeb 
	g_assert (issuer == NULL);
Packit b00eeb 
	g_assert_error (error, GCK_ERROR, CKR_FUNCTION_FAILED);
Packit b00eeb 
	g_assert (error->message);
Packit b00eeb 
	g_clear_error (&error);
Packit b00eeb 
	g_object_unref (result);
Packit b00eeb 
	result = NULL;
Packit b00eeb
Packit b00eeb 
	g_object_unref (cert);
Packit b00eeb 
}
Packit b00eeb
Packit b00eeb 
int
Packit b00eeb 
main (int argc, char **argv)
Packit b00eeb 
{
Packit b00eeb 
	g_test_init (&argc, &argv, NULL);
Packit b00eeb 
	g_set_prgname ("test-pkcs11-certificate");
Packit b00eeb
Packit b00eeb 
	g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer", Test, NULL, setup, test_lookup_certificate_issuer, teardown);
Packit b00eeb 
	g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_not_found", Test, NULL, setup, test_lookup_certificate_issuer_not_found, teardown);
Packit b00eeb 
	g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_async", Test, NULL, setup, test_lookup_certificate_issuer_async, teardown);
Packit b00eeb 
	g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_failure", Test, NULL, setup, test_lookup_certificate_issuer_failure, teardown);
Packit b00eeb 
	g_test_add ("/gcr/pkcs11-certificate/lookup_certificate_issuer_fail_async", Test, NULL, setup, test_lookup_certificate_issuer_fail_async, teardown);
Packit b00eeb
Packit b00eeb 
	return egg_tests_run_with_loop ();
Packit b00eeb 
}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation