/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this

 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*

 * test_crl.c

 *

 * Test CRL Type

 *

 */

#include "testutil.h"

#include "testutil_nss.h"

static void *plContext = NULL;

static

void createCRLs(

        char *dataDir,

        char *goodInput,

        char *diffInput,

        PKIX_PL_CRL **goodObject,

        PKIX_PL_CRL **equalObject,

        PKIX_PL_CRL **diffObject)

{

        PKIX_TEST_STD_VARS();

        subTest("PKIX_PL_CRL_Create <goodObject>");

        *goodObject = createCRL(dataDir, goodInput, plContext);

        subTest("PKIX_PL_CRL_Create <equalObject>");

        *equalObject = createCRL(dataDir, goodInput, plContext);

        subTest("PKIX_PL_CRL_Create <diffObject>");

        *diffObject = createCRL(dataDir, diffInput, plContext);

        PKIX_TEST_RETURN();

}

static void testGetCRLEntryForSerialNumber(

        PKIX_PL_CRL *goodObject)

{

        PKIX_PL_BigInt *bigInt;

        PKIX_PL_String *bigIntString = NULL;

        PKIX_PL_CRLEntry *crlEntry = NULL;

        PKIX_PL_String *crlEntryString = NULL;

        char *snAscii = "3039";

        char *expectedAscii =

                "\n\t[\n"

                "\tSerialNumber:    3039\n"

                "\tReasonCode:      257\n"

                "\tRevocationDate:  Fri Jan 07, 2005\n"

        /*      "\tRevocationDate:  Fri Jan 07 15:09:10 2005\n" */

                "\tCritExtOIDs:     (EMPTY)\n"

                "\t]\n\t";

        PKIX_TEST_STD_VARS();

        subTest("PKIX_PL_CRL_GetCRLEntryForSerialNumber");

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(

                                    PKIX_ESCASCII,

                                    snAscii,

                                    PL_strlen(snAscii),

                                    &bigIntString,

                                    plContext));

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create(

                            bigIntString,

                            &bigInt,

                            plContext));

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber(

                            goodObject, bigInt, &crlEntry, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(

                                    (PKIX_PL_Object *)crlEntry,

                                    &crlEntryString,

                                    plContext));

        testToStringHelper((PKIX_PL_Object *)crlEntryString,

                            expectedAscii, plContext);

cleanup:

        PKIX_TEST_DECREF_AC(bigIntString);

        PKIX_TEST_DECREF_AC(bigInt);

        PKIX_TEST_DECREF_AC(crlEntryString);

        PKIX_TEST_DECREF_AC(crlEntry);

        PKIX_TEST_RETURN();

}

static void testGetIssuer(

        PKIX_PL_CRL *goodObject,

        PKIX_PL_CRL *equalObject,

        PKIX_PL_CRL *diffObject)

{

        PKIX_PL_X500Name *goodIssuer = NULL;

        PKIX_PL_X500Name *equalIssuer = NULL;

        PKIX_PL_X500Name *diffIssuer = NULL;

        char *expectedAscii = "CN=hanfeiyu,O=sun,C=us";

        PKIX_TEST_STD_VARS();

        subTest("PKIX_PL_CRL_GetIssuer");

        PKIX_TEST_EXPECT_NO_ERROR(

                PKIX_PL_CRL_GetIssuer(goodObject, &goodIssuer, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(

                PKIX_PL_CRL_GetIssuer(equalObject, &equalIssuer, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(

                PKIX_PL_CRL_GetIssuer(diffObject, &diffIssuer, plContext));

        PKIX_TEST_EQ_HASH_TOSTR_DUP

                (goodIssuer,

                equalIssuer,

                diffIssuer,

                expectedAscii,

                X500Name,

                PKIX_TRUE);

cleanup:

        PKIX_TEST_DECREF_AC(goodIssuer);

        PKIX_TEST_DECREF_AC(equalIssuer);

        PKIX_TEST_DECREF_AC(diffIssuer);

        PKIX_TEST_RETURN();

}

static void

testCritExtensionsAbsent(PKIX_PL_CRL *crl)

{

        PKIX_List *oidList = NULL;

        PKIX_UInt32 numOids = 0;

        PKIX_TEST_STD_VARS();

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCriticalExtensionOIDs

                                    (crl, &oidList, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength

                                    (oidList, &numOids, plContext));

        if (numOids != 0){

                pkixTestErrorMsg = "unexpected mismatch";

        }

cleanup:

        PKIX_TEST_DECREF_AC(oidList);

        PKIX_TEST_RETURN();

}

static void

testGetCriticalExtensionOIDs(PKIX_PL_CRL *goodObject)

{

        subTest("PKIX_PL_CRL_GetCriticalExtensionOIDs "

                "<0 element>");

        testCritExtensionsAbsent(goodObject);

}

static void testVerifySignature(char *dataCentralDir, PKIX_PL_CRL *crl){

        PKIX_PL_Cert *firstCert = NULL;

        PKIX_PL_Cert *secondCert = NULL;

        PKIX_PL_PublicKey *firstPubKey = NULL;

        PKIX_PL_PublicKey *secondPubKey = NULL;

        PKIX_TEST_STD_VARS();

        subTest("PKIX_PL_Cert_Create <hanfeiyu2hanfeiyu>");

        firstCert = createCert(dataCentralDir, "hanfeiyu2hanfeiyu", plContext);

        subTest("PKIX_PL_Cert_Create <hy2hy-bc0>");

        secondCert = createCert(dataCentralDir, "hy2hy-bc0", plContext);

        subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfeiyu2hanfeiyu>");

        PKIX_TEST_EXPECT_NO_ERROR

                (PKIX_PL_Cert_GetSubjectPublicKey

                (firstCert, &firstPubKey, plContext));

        subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfei2hanfei>");

        PKIX_TEST_EXPECT_NO_ERROR

                (PKIX_PL_Cert_GetSubjectPublicKey

                (secondCert, &secondPubKey, plContext));

        subTest("PKIX_PL_CRL_VerifySignature <positive>");

        PKIX_TEST_EXPECT_NO_ERROR

                (PKIX_PL_CRL_VerifySignature(crl, firstPubKey, plContext));

        subTest("PKIX_PL_CRL_VerifySignature <negative>");

        PKIX_TEST_EXPECT_ERROR

                (PKIX_PL_CRL_VerifySignature(crl, secondPubKey, plContext));

cleanup:

        PKIX_TEST_DECREF_AC(firstCert);

        PKIX_TEST_DECREF_AC(secondCert);

        PKIX_TEST_DECREF_AC(firstPubKey);

        PKIX_TEST_DECREF_AC(secondPubKey);

        PKIX_TEST_RETURN();

}

static

void printUsage(void) {

        (void) printf("\nUSAGE:\ttest_crl <test-purpose> <data-central-dir>\n\n");

}

/* Functional tests for CRL public functions */

int test_crl(int argc, char *argv[]) {

        PKIX_PL_CRL *goodObject = NULL;

        PKIX_PL_CRL *equalObject = NULL;

        PKIX_PL_CRL *diffObject = NULL;

        PKIX_UInt32 actualMinorVersion;

        PKIX_UInt32 j = 0;

        char *dataCentralDir = NULL;

        char *goodInput = "crlgood.crl";

        char *diffInput = "crldiff.crl";

        char *expectedAscii =

                "[\n"

                "\tVersion:         v2\n"

                "\tIssuer:          CN=hanfeiyu,O=sun,C=us\n"

                "\tUpdate:   [Last: Fri Jan 07, 2005\n"

        /*      "\tUpdate:   [Last: Fri Jan 07 15:09:10 2005\n" */

                "\t           Next: Sat Jan 07, 2006]\n"

        /*      "\t           Next: Sat Jan 07 15:09:10 2006]\n" */

                "\tSignatureAlgId:  1.2.840.10040.4.3\n"

                "\tCRL Number     : (null)\n"

                "\n\tEntry List:      (\n"

                "\t[\n"

                "\tSerialNumber:    010932\n"

                "\tReasonCode:      260\n"

                "\tRevocationDate:  Fri Jan 07, 2005\n"

        /*      "\tRevocationDate:  Fri Jan 07 15:09:10 2005\n" */

                "\tCritExtOIDs:     (EMPTY)\n"

                "\t]\n\t"

                ", "

                "\n\t[\n"

                "\tSerialNumber:    3039\n"

                "\tReasonCode:      257\n"

                "\tRevocationDate:  Fri Jan 07, 2005\n"

        /*      "\tRevocationDate:  Fri Jan 07 15:09:10 2005\n" */

                "\tCritExtOIDs:     (EMPTY)\n"

                "\t]\n\t"

                ")"

                "\n\n"

                "\tCritExtOIDs:     (EMPTY)\n"

                "]\n";

        /* Note XXX serialnumber and reasoncode need debug */

        PKIX_TEST_STD_VARS();

        startTests("CRL");

        PKIX_TEST_EXPECT_NO_ERROR(

            PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));

        if (argc < 3+j) {

                printUsage();

                return (0);

        }

        dataCentralDir = argv[2+j];

        createCRLs

                (dataCentralDir,

                goodInput,

                diffInput,

                &goodObject,

                &equalObject,

                &diffObject);

        PKIX_TEST_EQ_HASH_TOSTR_DUP

                (goodObject,

                equalObject,

                diffObject,

                expectedAscii,

                CRL,

                PKIX_TRUE);

        testGetIssuer(goodObject, equalObject, diffObject);

        testGetCriticalExtensionOIDs(goodObject);

        testGetCRLEntryForSerialNumber(goodObject);

        testVerifySignature(dataCentralDir, goodObject);

cleanup:

        PKIX_TEST_DECREF_AC(goodObject);

        PKIX_TEST_DECREF_AC(equalObject);

        PKIX_TEST_DECREF_AC(diffObject);

        PKIX_Shutdown(plContext);

        PKIX_TEST_RETURN();

        endTests("CRL");

        return (0);

}