Branch data Line data Source code
1 : : /* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
2 : : /*
3 : : Copyright (C) 2010 Collabora Ltd
4 : :
5 : : The Gnome Keyring Library is free software; you can redistribute it and/or
6 : : modify it under the terms of the GNU Library General Public License as
7 : : published by the Free Software Foundation; either version 2 of the
8 : : License, or (at your option) any later version.
9 : :
10 : : The Gnome Keyring Library is distributed in the hope that it will be useful,
11 : : but WITHOUT ANY WARRANTY; without even the implied warranty of
12 : : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 : : Library General Public License for more details.
14 : :
15 : : You should have received a copy of the GNU Library General Public
16 : : License along with the Gnome Library; see the file COPYING.LIB. If not,
17 : : see <http://www.gnu.org/licenses/>.
18 : :
19 : : Author: Stef Walter <stefw@collabora.co.uk>
20 : : */
21 : :
22 : : #include "config.h"
23 : :
24 : : #include "gcr/gcr.h"
25 : : #include "gcr/gcr-internal.h"
26 : : #include "gcr/gcr-certificate-extensions.h"
27 : :
28 : : #include "egg/egg-testing.h"
29 : :
30 : : #include <glib.h>
31 : :
32 : : #include <errno.h>
33 : : #include <string.h>
34 : :
35 : : typedef struct {
36 : : GcrCertificate *certificate;
37 : : GcrCertificate *dsa_cert;
38 : : GcrCertificate *dhansak_cert;
39 : : } Test;
40 : :
41 : : static void
42 : 17 : setup (Test *test, gconstpointer unused)
43 : : {
44 : : gchar *contents;
45 : : gsize n_contents;
46 : :
47 [ - + ]: 17 : if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate.crt", &contents, &n_contents, NULL))
48 : 0 : g_assert_not_reached ();
49 : 17 : test->certificate = gcr_simple_certificate_new ((const guchar *)contents, n_contents);
50 [ - + ]: 17 : g_assert (test->certificate);
51 : 17 : g_free (contents);
52 : :
53 [ - + ]: 17 : if (!g_file_get_contents (SRCDIR "/gcr/fixtures/der-certificate-dsa.cer", &contents, &n_contents, NULL))
54 : 0 : g_assert_not_reached ();
55 : 17 : test->dsa_cert = gcr_simple_certificate_new ((const guchar *)contents, n_contents);
56 [ - + ]: 17 : g_assert (test->dsa_cert);
57 : 17 : g_free (contents);
58 : :
59 [ - + ]: 17 : if (!g_file_get_contents (SRCDIR "/gcr/fixtures/dhansak-collabora.cer", &contents, &n_contents, NULL))
60 : 0 : g_assert_not_reached ();
61 : 17 : test->dhansak_cert = gcr_simple_certificate_new ((const guchar *)contents, n_contents);
62 [ - + ]: 17 : g_assert (test->dhansak_cert);
63 : 17 : g_free (contents);
64 : 17 : }
65 : :
66 : : static void
67 : 17 : teardown (Test *test, gconstpointer unused)
68 : : {
69 : 17 : g_object_unref (test->certificate);
70 : 17 : g_object_unref (test->dsa_cert);
71 : 17 : g_object_unref (test->dhansak_cert);
72 : 17 : }
73 : :
74 : : static void
75 : 1 : test_issuer_cn (Test *test, gconstpointer unused)
76 : : {
77 : 1 : gchar *cn = gcr_certificate_get_issuer_cn (test->certificate);
78 [ - + ]: 1 : g_assert (cn);
79 [ - + ]: 1 : g_assert_cmpstr (cn, ==, "http://www.valicert.com/");
80 : 1 : g_free (cn);
81 : 1 : }
82 : :
83 : : static void
84 : 1 : test_issuer_dn (Test *test, gconstpointer unused)
85 : : {
86 : 1 : gchar *dn = gcr_certificate_get_issuer_dn (test->certificate);
87 [ - + ]: 1 : g_assert (dn);
88 [ - + ]: 1 : g_assert_cmpstr (dn, ==, "L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com/, EMAIL=info@valicert.com");
89 : 1 : g_free (dn);
90 : 1 : }
91 : :
92 : : static void
93 : 1 : test_issuer_part (Test *test, gconstpointer unused)
94 : : {
95 : 1 : gchar *part = gcr_certificate_get_issuer_part (test->certificate, "l");
96 [ - + ]: 1 : g_assert (part);
97 [ - + ]: 1 : g_assert_cmpstr (part, ==, "ValiCert Validation Network");
98 : 1 : g_free (part);
99 : 1 : }
100 : :
101 : : static void
102 : 1 : test_issuer_raw (Test *test, gconstpointer unused)
103 : : {
104 : : gpointer der;
105 : : gsize n_der;
106 : :
107 : 1 : der = gcr_certificate_get_issuer_raw (test->certificate, &n_der);
108 [ - + ]: 1 : g_assert (der);
109 [ - + ]: 1 : egg_assert_cmpsize (n_der, ==, 190);
110 : 1 : g_free (der);
111 : 1 : }
112 : :
113 : : static void
114 : 1 : test_subject_cn (Test *test, gconstpointer unused)
115 : : {
116 : 1 : gchar *cn = gcr_certificate_get_subject_cn (test->certificate);
117 [ - + ]: 1 : g_assert (cn);
118 [ - + ]: 1 : g_assert_cmpstr (cn, ==, "http://www.valicert.com/");
119 : 1 : g_free (cn);
120 : :
121 : 1 : cn = gcr_certificate_get_subject_cn (test->dhansak_cert);
122 [ - + ]: 1 : g_assert (cn);
123 [ - + ]: 1 : g_assert_cmpstr (cn, ==, "dhansak.collabora.co.uk");
124 : 1 : g_free (cn);
125 : 1 : }
126 : :
127 : : static void
128 : 1 : test_subject_dn (Test *test, gconstpointer unused)
129 : : {
130 : 1 : gchar *dn = gcr_certificate_get_subject_dn (test->certificate);
131 [ - + ]: 1 : g_assert (dn);
132 [ - + ]: 1 : g_assert_cmpstr (dn, ==, "L=ValiCert Validation Network, O=ValiCert, Inc., OU=ValiCert Class 3 Policy Validation Authority, CN=http://www.valicert.com/, EMAIL=info@valicert.com");
133 : 1 : g_free (dn);
134 : :
135 : 1 : dn = gcr_certificate_get_subject_dn (test->dhansak_cert);
136 [ - + ]: 1 : g_assert (dn);
137 [ - + ]: 1 : g_assert_cmpstr (dn, ==, "CN=dhansak.collabora.co.uk, EMAIL=sysadmin@collabora.co.uk");
138 : 1 : g_free (dn);
139 : :
140 : 1 : }
141 : :
142 : : static void
143 : 1 : test_subject_part (Test *test, gconstpointer unused)
144 : : {
145 : 1 : gchar *part = gcr_certificate_get_subject_part (test->certificate, "OU");
146 [ - + ]: 1 : g_assert (part);
147 [ - + ]: 1 : g_assert_cmpstr (part, ==, "ValiCert Class 3 Policy Validation Authority");
148 : 1 : g_free (part);
149 : :
150 : 1 : part = gcr_certificate_get_subject_part (test->dhansak_cert, "EMAIL");
151 [ - + ]: 1 : g_assert (part);
152 [ - + ]: 1 : g_assert_cmpstr (part, ==, "sysadmin@collabora.co.uk");
153 : 1 : g_free (part);
154 : :
155 : 1 : }
156 : :
157 : : static void
158 : 1 : test_subject_raw (Test *test, gconstpointer unused)
159 : : {
160 : : gpointer der;
161 : : gsize n_der;
162 : :
163 : 1 : der = gcr_certificate_get_subject_raw (test->certificate, &n_der);
164 [ - + ]: 1 : g_assert (der);
165 [ - + ]: 1 : egg_assert_cmpsize (n_der, ==, 190);
166 : 1 : g_free (der);
167 : :
168 : 1 : der = gcr_certificate_get_subject_raw (test->dhansak_cert, &n_der);
169 [ - + ]: 1 : g_assert (der);
170 [ - + ]: 1 : egg_assert_cmpsize (n_der, ==, 77);
171 : 1 : g_free (der);
172 : 1 : }
173 : :
174 : : static void
175 : 1 : test_issued_date (Test *test, gconstpointer unused)
176 : : {
177 : 1 : GDateTime *date = gcr_certificate_get_issued_date (test->certificate);
178 [ - + ]: 1 : g_assert_nonnull (date);
179 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_year (date), ==, 1999);
180 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_month (date), ==, 6);
181 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_day_of_month (date), ==, 26);
182 : 1 : g_date_time_unref (date);
183 : 1 : }
184 : :
185 : : static void
186 : 1 : test_expiry_date (Test *test, gconstpointer unused)
187 : : {
188 : 1 : GDateTime *date = gcr_certificate_get_expiry_date (test->certificate);
189 [ - + ]: 1 : g_assert (date);
190 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_year (date), ==, 2019);
191 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_month (date), ==, 6);
192 [ - + ]: 1 : g_assert_cmpuint (g_date_time_get_day_of_month (date), ==, 26);
193 : 1 : g_date_time_unref (date);
194 : 1 : }
195 : :
196 : : static void
197 : 1 : test_serial_number (Test *test, gconstpointer unused)
198 : : {
199 : : gsize n_serial;
200 : : guchar *serial;
201 : : gchar *hex;
202 : :
203 : 1 : serial = gcr_certificate_get_serial_number (test->certificate, &n_serial);
204 [ - + ]: 1 : g_assert (serial);
205 [ - + ]: 1 : g_assert_cmpuint (n_serial, ==, 1);
206 [ - + ]: 1 : g_assert (memcmp (serial, "\1", n_serial) == 0);
207 : 1 : g_free (serial);
208 : :
209 : 1 : hex = gcr_certificate_get_serial_number_hex (test->certificate);
210 [ - + ]: 1 : g_assert (hex);
211 [ - + ]: 1 : g_assert_cmpstr (hex, ==, "01");
212 : 1 : g_free (hex);
213 : 1 : }
214 : :
215 : : static void
216 : 1 : test_fingerprint (Test *test, gconstpointer unused)
217 : : {
218 : : gsize n_print;
219 : 1 : guchar *print = gcr_certificate_get_fingerprint (test->certificate, G_CHECKSUM_MD5, &n_print);
220 [ - + ]: 1 : g_assert (print);
221 [ - + ]: 1 : g_assert_cmpuint (n_print, ==, g_checksum_type_get_length (G_CHECKSUM_MD5));
222 [ - + ]: 1 : g_assert (memcmp (print, "\xa2\x6f\x53\xb7\xee\x40\xdb\x4a\x68\xe7\xfa\x18\xd9\x10\x4b\x72", n_print) == 0);
223 : 1 : g_free (print);
224 : 1 : }
225 : :
226 : : static void
227 : 1 : test_fingerprint_hex (Test *test, gconstpointer unused)
228 : : {
229 : 1 : gchar *print = gcr_certificate_get_fingerprint_hex (test->certificate, G_CHECKSUM_MD5);
230 [ - + ]: 1 : g_assert (print);
231 [ - + ]: 1 : g_assert_cmpstr (print, ==, "A2 6F 53 B7 EE 40 DB 4A 68 E7 FA 18 D9 10 4B 72");
232 : 1 : g_free (print);
233 : 1 : }
234 : :
235 : : static void
236 : 1 : test_certificate_key_size (Test *test, gconstpointer unused)
237 : : {
238 : 1 : guint key_size = gcr_certificate_get_key_size (test->certificate);
239 [ - + ]: 1 : g_assert_cmpuint (key_size, ==, 1024);
240 : :
241 : 1 : key_size = gcr_certificate_get_key_size (test->dsa_cert);
242 [ - + ]: 1 : g_assert_cmpuint (key_size, ==, 1024);
243 : 1 : }
244 : :
245 : : static void
246 : 1 : test_certificate_is_issuer (Test *test, gconstpointer unused)
247 : : {
248 : 1 : gboolean ret = gcr_certificate_is_issuer (test->certificate, test->certificate);
249 [ - + ]: 1 : g_assert (ret == TRUE);
250 : :
251 : 1 : ret = gcr_certificate_is_issuer (test->certificate, test->dsa_cert);
252 [ - + ]: 1 : g_assert (ret == FALSE);
253 : 1 : }
254 : :
255 : : static void
256 : 1 : test_basic_constraints (Test *test,
257 : : gconstpointer unused)
258 : : {
259 : 1 : gboolean is_ca = TRUE;
260 : 1 : gint path_len = 0;
261 : :
262 [ - + ]: 1 : if (!gcr_certificate_get_basic_constraints (test->dsa_cert, &is_ca, &path_len))
263 : 0 : g_assert_not_reached ();
264 : :
265 [ - + ]: 1 : g_assert (is_ca == FALSE);
266 [ - + ]: 1 : g_assert (path_len == -1);
267 : 1 : }
268 : :
269 : :
270 : : static void
271 : 1 : test_interface_elements (Test *test,
272 : : gconstpointer unused)
273 : : {
274 : 1 : GList* sections = gcr_certificate_get_interface_elements (test->dsa_cert);
275 [ + + ]: 17 : for (GList *l = sections; l != NULL; l = l->next) {
276 : 16 : GcrCertificateSection *section = l->data;
277 : : GListModel *fields;
278 : :
279 : 16 : gcr_certificate_section_get_flags (section);
280 [ - + ]: 16 : g_assert (gcr_certificate_section_get_label (section) != NULL);
281 : 16 : fields = gcr_certificate_section_get_fields (section);
282 [ - + ]: 16 : g_assert (fields != NULL);
283 [ - + ]: 16 : g_assert (g_list_model_get_item_type (fields) == GCR_TYPE_CERTIFICATE_FIELD);
284 [ + + ]: 63 : for (guint i = 0; i < g_list_model_get_n_items (fields); i++) {
285 : 47 : GValue val = G_VALUE_INIT;
286 : : GType value_type;
287 : 47 : GcrCertificateField *field = g_list_model_get_item (fields, i);
288 [ - + ]: 47 : g_assert (gcr_certificate_field_get_label (field) != NULL);
289 : 47 : value_type = gcr_certificate_field_get_value_type (field);
290 : 47 : g_value_init (&val, value_type);
291 [ - + ]: 47 : g_assert (gcr_certificate_field_get_value (field, &val));
292 : 47 : g_value_unset (&val);
293 [ - + ]: 47 : g_assert (gcr_certificate_field_get_section (field) == section);
294 : 47 : g_object_unref (field);
295 : : }
296 : : }
297 : :
298 : 1 : g_list_free_full (sections, (GDestroyNotify) g_object_unref);
299 : 1 : }
300 : :
301 : : static void
302 : 1 : test_subject_alt_name (void)
303 : : {
304 : 1 : const guint8 extension[] = {
305 : : 0x30, 0x40,
306 : : 0x87, 0x04, 0xC0, 0x00, 0x02, 0x01,
307 : : 0x82, 0x10, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
308 : : 0xA0, 0x13, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x05, 0xA0, 0x07, 0x0C, 0x05, 0x63, 0x40, 0x61, 0x2E, 0x62,
309 : : 0xA0, 0x11, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x08, 0x07, 0xA0, 0x05, 0x16, 0x03, 0x61, 0x2E, 0x62
310 : : };
311 : : GBytes *bytes;
312 : : GArray *result;
313 : : GcrGeneralName *general_name;
314 : :
315 : 1 : bytes = g_bytes_new_static (extension, sizeof(extension));
316 : 1 : result = _gcr_certificate_extension_subject_alt_name (bytes);
317 : 1 : g_bytes_unref (bytes);
318 : :
319 [ - + ]: 1 : g_assert_nonnull (result);
320 [ - + ]: 1 : g_assert_cmpint (result->len, ==, 4);
321 : 1 : general_name = &g_array_index (result, GcrGeneralName, 0);
322 [ - + ]: 1 : g_assert_cmpint (general_name->type, ==, GCR_GENERAL_NAME_IP);
323 : 1 : general_name = &g_array_index (result, GcrGeneralName, 1);
324 [ - + ]: 1 : g_assert_cmpint (general_name->type, ==, GCR_GENERAL_NAME_DNS);
325 : 1 : general_name = &g_array_index (result, GcrGeneralName, 2);
326 [ - + ]: 1 : g_assert_cmpint (general_name->type, ==, GCR_GENERAL_NAME_OTHER);
327 : 1 : general_name = &g_array_index (result, GcrGeneralName, 3);
328 [ - + ]: 1 : g_assert_cmpint (general_name->type, ==, GCR_GENERAL_NAME_OTHER);
329 : 1 : _gcr_general_names_free (result);
330 : 1 : }
331 : :
332 : : static void
333 : 1 : test_key_usage (void)
334 : : {
335 : 1 : const guint8 usage[] = {
336 : : // ASN.1 encoded BIT STRING (16 bit) 1000011110000000
337 : : 0x03, 0x03, 0x00, 0x87, 0x80
338 : : };
339 : : GBytes *bytes;
340 : : gboolean ret;
341 : : gulong key_usage;
342 : :
343 : 1 : bytes = g_bytes_new_static (usage, sizeof(usage));
344 : 1 : ret = _gcr_certificate_extension_key_usage (bytes, &key_usage);
345 : 1 : g_bytes_unref (bytes);
346 : :
347 [ - + ]: 1 : g_assert (ret == TRUE);
348 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_DIGITAL_SIGNATURE, ==, GCR_KEY_USAGE_DIGITAL_SIGNATURE);
349 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_NON_REPUDIATION, ==, 0);
350 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_KEY_ENCIPHERMENT, ==, 0);
351 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_DATA_ENCIPHERMENT, ==, 0);
352 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_KEY_AGREEMENT, ==, 0);
353 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_KEY_CERT_SIGN, ==, GCR_KEY_USAGE_KEY_CERT_SIGN);
354 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_CRL_SIGN, ==, GCR_KEY_USAGE_CRL_SIGN);
355 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_ENCIPHER_ONLY, ==, GCR_KEY_USAGE_ENCIPHER_ONLY);
356 [ - + ]: 1 : g_assert_cmpint (key_usage & GCR_KEY_USAGE_DECIPHER_ONLY, ==, GCR_KEY_USAGE_DECIPHER_ONLY);
357 : 1 : }
358 : :
359 : : int
360 : 1 : main (int argc, char **argv)
361 : : {
362 : 1 : g_test_init (&argc, &argv, NULL);
363 : 1 : g_set_prgname ("test-certificate");
364 : :
365 : 1 : g_test_add ("/gcr/certificate/issuer_cn", Test, NULL, setup, test_issuer_cn, teardown);
366 : 1 : g_test_add ("/gcr/certificate/issuer_dn", Test, NULL, setup, test_issuer_dn, teardown);
367 : 1 : g_test_add ("/gcr/certificate/issuer_part", Test, NULL, setup, test_issuer_part, teardown);
368 : 1 : g_test_add ("/gcr/certificate/issuer_raw", Test, NULL, setup, test_issuer_raw, teardown);
369 : 1 : g_test_add ("/gcr/certificate/subject_cn", Test, NULL, setup, test_subject_cn, teardown);
370 : 1 : g_test_add ("/gcr/certificate/subject_dn", Test, NULL, setup, test_subject_dn, teardown);
371 : 1 : g_test_add ("/gcr/certificate/subject_part", Test, NULL, setup, test_subject_part, teardown);
372 : 1 : g_test_add ("/gcr/certificate/subject_raw", Test, NULL, setup, test_subject_raw, teardown);
373 : 1 : g_test_add ("/gcr/certificate/issued_date", Test, NULL, setup, test_issued_date, teardown);
374 : 1 : g_test_add ("/gcr/certificate/expiry_date", Test, NULL, setup, test_expiry_date, teardown);
375 : 1 : g_test_add ("/gcr/certificate/serial_number", Test, NULL, setup, test_serial_number, teardown);
376 : 1 : g_test_add ("/gcr/certificate/fingerprint", Test, NULL, setup, test_fingerprint, teardown);
377 : 1 : g_test_add ("/gcr/certificate/fingerprint_hex", Test, NULL, setup, test_fingerprint_hex, teardown);
378 : 1 : g_test_add ("/gcr/certificate/key_size", Test, NULL, setup, test_certificate_key_size, teardown);
379 : 1 : g_test_add ("/gcr/certificate/is_issuer", Test, NULL, setup, test_certificate_is_issuer, teardown);
380 : 1 : g_test_add ("/gcr/certificate/basic_constraints", Test, NULL, setup, test_basic_constraints, teardown);
381 : 1 : g_test_add ("/gcr/certificate/interface_elements", Test, NULL, setup, test_interface_elements, teardown);
382 : 1 : g_test_add_func ("/gcr/certificate/subject_alt_name", test_subject_alt_name);
383 : 1 : g_test_add_func ("/gcr/certificate/key_usage", test_key_usage);
384 : :
385 : 1 : return g_test_run ();
386 : : }
|