Line data Source code
1 : /* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
2 : /* test-trust.c: Test XDG trust objects.
3 :
4 : Copyright (C) 2010 Stefan Walter
5 :
6 : The Gnome Keyring Library is free software; you can redistribute it and/or
7 : modify it under the terms of the GNU Library General Public License as
8 : published by the Free Software Foundation; either version 2 of the
9 : License, or (at your option) any later version.
10 :
11 : The Gnome Keyring Library is distributed in the hope that it will be useful,
12 : but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 : Library General Public License for more details.
15 :
16 : You should have received a copy of the GNU Library General Public
17 : License along with the Gnome Library; see the file COPYING.LIB. If not,
18 : <http://www.gnu.org/licenses/>.
19 :
20 : Author: Stef Walter <stef@memberwebs.com>
21 : */
22 :
23 : #include "config.h"
24 :
25 : #include "mock-xdg-module.h"
26 :
27 : #include "egg/egg-testing.h"
28 :
29 : #include "gkm/gkm-module.h"
30 : #include "gkm/gkm-session.h"
31 :
32 : #include "pkcs11/pkcs11.h"
33 : #include "pkcs11/pkcs11n.h"
34 : #include "pkcs11/pkcs11x.h"
35 :
36 : typedef struct {
37 : GkmModule *module;
38 : GkmSession *session;
39 : gchar *cert_data;
40 : gsize n_cert_data;
41 : } Test;
42 :
43 : /*
44 : * C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting, OU=Certification Services Division,
45 : * CN=Thawte Personal Premium CA/emailAddress=personal-premium@thawte.com
46 : */
47 :
48 : static const char DER_ISSUER[] =
49 : "\x30\x81\xCF\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x5A\x41"
50 : "\x31\x15\x30\x13\x06\x03\x55\x04\x08\x13\x0C\x57\x65\x73\x74\x65"
51 : "\x72\x6E\x20\x43\x61\x70\x65\x31\x12\x30\x10\x06\x03\x55\x04\x07"
52 : "\x13\x09\x43\x61\x70\x65\x20\x54\x6F\x77\x6E\x31\x1A\x30\x18\x06"
53 : "\x03\x55\x04\x0A\x13\x11\x54\x68\x61\x77\x74\x65\x20\x43\x6F\x6E"
54 : "\x73\x75\x6C\x74\x69\x6E\x67\x31\x28\x30\x26\x06\x03\x55\x04\x0B"
55 : "\x13\x1F\x43\x65\x72\x74\x69\x66\x69\x63\x61\x74\x69\x6F\x6E\x20"
56 : "\x53\x65\x72\x76\x69\x63\x65\x73\x20\x44\x69\x76\x69\x73\x69\x6F"
57 : "\x6E\x31\x23\x30\x21\x06\x03\x55\x04\x03\x13\x1A\x54\x68\x61\x77"
58 : "\x74\x65\x20\x50\x65\x72\x73\x6F\x6E\x61\x6C\x20\x50\x72\x65\x6D"
59 : "\x69\x75\x6D\x20\x43\x41\x31\x2A\x30\x28\x06\x09\x2A\x86\x48\x86"
60 : "\xF7\x0D\x01\x09\x01\x16\x1B\x70\x65\x72\x73\x6F\x6E\x61\x6C\x2D"
61 : "\x70\x72\x65\x6D\x69\x75\x6D\x40\x74\x68\x61\x77\x74\x65\x2E\x63"
62 : "\x6F\x6D";
63 :
64 : static const char SHA1_CHECKSUM[] =
65 : "\x36\x86\x35\x63\xfd\x51\x28\xc7\xbe\xa6\xf0\x05\xcf\xe9\xb4\x36"
66 : "\x68\x08\x6c\xce";
67 :
68 : static const char MD5_CHECKSUM[] =
69 : "\x3a\xb2\xde\x22\x9a\x20\x93\x49\xf9\xed\xc8\xd2\x8a\xe7\x68\x0d";
70 :
71 : static const char SERIAL_NUMBER[] =
72 : "\x01\x02\x03";
73 :
74 : #define XL(x) G_N_ELEMENTS (x) - 1
75 :
76 : #if 0
77 :
78 : #include "egg/egg-asn1x.h"
79 : #include "egg/egg-asn1-defs.h"
80 : #include "egg/egg-hex.h"
81 :
82 : static void
83 : debug_print_certificate_info (const gchar *path)
84 : {
85 : gchar *contents;
86 : gchar *results;
87 : gconstpointer data;
88 : gsize length;
89 : GNode *asn;
90 :
91 : if (!g_file_get_contents (path, &contents, &length, NULL))
92 : g_assert_not_reached ();
93 :
94 : results = g_compute_checksum_for_data (G_CHECKSUM_SHA1, (gpointer)contents, length);
95 : g_assert (results);
96 : g_printerr ("SHA1: %s\n", results);
97 : g_free (results);
98 :
99 : results = g_compute_checksum_for_data (G_CHECKSUM_MD5, (gpointer)contents, length);
100 : g_assert (results);
101 : g_printerr ("MD5: %s\n", results);
102 : g_free (results);
103 :
104 : asn = egg_asn1x_create_and_decode (pkix_asn1_tab, "Certificate", contents, length);
105 : g_assert (asn);
106 :
107 : data = egg_asn1x_get_raw_element (egg_asn1x_node (asn, "tbsCertificate", "issuer", NULL), &length);
108 : g_assert (data);
109 :
110 : results = egg_hex_encode_full (data, length, TRUE, '\\', 1);
111 : g_printerr ("ISSUER: %s\n", results);
112 : g_free (results);
113 :
114 : egg_asn1x_destroy (asn);
115 : g_free (contents);
116 : }
117 :
118 : #endif
119 :
120 : static void
121 25 : setup (Test *test, gconstpointer unused)
122 : {
123 : CK_RV rv;
124 :
125 25 : test->module = mock_xdg_module_initialize_and_enter ();
126 25 : test->session = mock_xdg_module_open_session (TRUE);
127 :
128 25 : rv = gkm_module_C_Login (test->module, gkm_session_get_handle (test->session), CKU_USER, NULL, 0);
129 25 : g_assert (rv == CKR_OK);
130 :
131 25 : if (!g_file_get_contents (SRCDIR "/pkcs11/xdg-store/fixtures/test-certificate-2.cer", &test->cert_data, &test->n_cert_data, NULL))
132 0 : g_assert_not_reached ();
133 25 : }
134 :
135 : static void
136 25 : teardown (Test *test, gconstpointer unused)
137 : {
138 25 : mock_xdg_module_leave_and_finalize ();
139 25 : test->module = NULL;
140 25 : test->session = NULL;
141 :
142 25 : g_free (test->cert_data);
143 25 : test->cert_data = NULL;
144 25 : test->n_cert_data = 0;
145 25 : }
146 :
147 : static void
148 1 : test_load_objects (Test *test, gconstpointer unused)
149 : {
150 1 : CK_OBJECT_CLASS klass = CKO_NETSCAPE_TRUST;
151 :
152 1 : CK_ATTRIBUTE attrs[] = {
153 : { CKA_CLASS, &klass, sizeof (klass) },
154 : };
155 :
156 : CK_ULONG n_objects;
157 : CK_OBJECT_HANDLE objects[16];
158 : CK_RV rv;
159 :
160 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
161 1 : g_assert (rv == CKR_OK);
162 1 : rv = gkm_session_C_FindObjects (test->session, objects, G_N_ELEMENTS (objects), &n_objects);
163 1 : g_assert (rv == CKR_OK);
164 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
165 1 : g_assert (rv == CKR_OK);
166 :
167 1 : gkm_assert_cmpulong (n_objects, >=, 1);
168 1 : }
169 :
170 : static void
171 1 : test_create_assertion_complete (Test *test, gconstpointer unused)
172 : {
173 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
174 1 : CK_X_ASSERTION_TYPE atype = CKT_X_ANCHORED_CERTIFICATE;
175 1 : CK_OBJECT_HANDLE object = 0;
176 1 : CK_OBJECT_HANDLE check = 0;
177 1 : CK_ULONG n_objects = 0;
178 : CK_RV rv;
179 :
180 1 : CK_ATTRIBUTE attrs[] = {
181 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
182 : { CKA_CLASS, &klass, sizeof (klass) },
183 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
184 : { CKA_X_PURPOSE, "test-purpose", 12 },
185 : };
186 :
187 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
188 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
189 1 : gkm_assert_cmpulong (object, !=, 0);
190 :
191 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
192 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
193 1 : rv = gkm_session_C_FindObjects (test->session, &check, 1, &n_objects);
194 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
195 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
196 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
197 :
198 1 : gkm_assert_cmpulong (n_objects, ==, 1);
199 1 : gkm_assert_cmpulong (check, ==, object);
200 1 : }
201 :
202 : static void
203 1 : test_complete_assertion_has_no_serial_or_issuer (Test *test, gconstpointer unused)
204 : {
205 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
206 1 : CK_X_ASSERTION_TYPE atype = CKT_X_ANCHORED_CERTIFICATE;
207 1 : CK_OBJECT_HANDLE object = 0;
208 : CK_ATTRIBUTE check;
209 : CK_RV rv;
210 :
211 1 : CK_ATTRIBUTE attrs[] = {
212 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
213 : { CKA_CLASS, &klass, sizeof (klass) },
214 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
215 : { CKA_X_PURPOSE, "test-purpose", 12 },
216 : };
217 :
218 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
219 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
220 1 : gkm_assert_cmpulong (object, !=, 0);
221 :
222 1 : check.type = CKA_SERIAL_NUMBER;
223 1 : check.pValue = NULL;
224 1 : check.ulValueLen = 0;
225 1 : rv = gkm_session_C_GetAttributeValue (test->session, object, &check, 1);
226 1 : gkm_assert_cmprv (rv, ==, CKR_ATTRIBUTE_TYPE_INVALID);
227 :
228 1 : check.type = CKA_ISSUER;
229 1 : check.pValue = NULL;
230 1 : check.ulValueLen = 0;
231 1 : rv = gkm_session_C_GetAttributeValue (test->session, object, &check, 1);
232 1 : gkm_assert_cmprv (rv, ==, CKR_ATTRIBUTE_TYPE_INVALID);
233 1 : }
234 :
235 : static void
236 1 : test_complete_assertion_netscape_md5_hash (Test *test, gconstpointer unused)
237 : {
238 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
239 1 : CK_OBJECT_CLASS nklass = CKO_NETSCAPE_TRUST;
240 1 : CK_X_ASSERTION_TYPE atype = CKT_X_PINNED_CERTIFICATE;
241 1 : CK_OBJECT_HANDLE object = 0;
242 1 : CK_OBJECT_HANDLE check = 0;
243 1 : CK_ULONG n_objects = 0;
244 : CK_RV rv;
245 :
246 1 : CK_ATTRIBUTE attrs[] = {
247 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
248 : { CKA_CLASS, &klass, sizeof (klass) },
249 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
250 : { CKA_X_PURPOSE, "test-purpose", 12 },
251 : };
252 :
253 1 : CK_ATTRIBUTE lookup[] = {
254 : { CKA_CERT_MD5_HASH, (void*)MD5_CHECKSUM, XL (MD5_CHECKSUM) },
255 : { CKA_CLASS, &nklass, sizeof (nklass) },
256 : };
257 :
258 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
259 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
260 1 : gkm_assert_cmpulong (object, !=, 0);
261 :
262 1 : rv = gkm_session_C_FindObjectsInit (test->session, lookup, G_N_ELEMENTS (lookup));
263 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
264 1 : rv = gkm_session_C_FindObjects (test->session, &check, 1, &n_objects);
265 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
266 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
267 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
268 :
269 1 : gkm_assert_cmpulong (check, !=, 0);
270 1 : gkm_assert_cmpulong (n_objects, >, 0);
271 1 : }
272 :
273 : static void
274 1 : test_complete_assertion_netscape_sha1_hash (Test *test, gconstpointer unused)
275 : {
276 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
277 1 : CK_OBJECT_CLASS nklass = CKO_NETSCAPE_TRUST;
278 1 : CK_X_ASSERTION_TYPE atype = CKT_X_PINNED_CERTIFICATE;
279 1 : CK_OBJECT_HANDLE object = 0;
280 1 : CK_OBJECT_HANDLE check = 0;
281 1 : CK_ULONG n_objects = 0;
282 : CK_RV rv;
283 :
284 1 : CK_ATTRIBUTE attrs[] = {
285 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
286 : { CKA_CLASS, &klass, sizeof (klass) },
287 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
288 : { CKA_X_PURPOSE, "test-purpose", 12 },
289 : };
290 :
291 1 : CK_ATTRIBUTE lookup[] = {
292 : { CKA_CERT_SHA1_HASH, (void*)SHA1_CHECKSUM, XL (SHA1_CHECKSUM) },
293 : { CKA_CLASS, &nklass, sizeof (nklass) },
294 : };
295 :
296 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
297 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
298 1 : gkm_assert_cmpulong (object, !=, 0);
299 :
300 1 : rv = gkm_session_C_FindObjectsInit (test->session, lookup, G_N_ELEMENTS (lookup));
301 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
302 1 : rv = gkm_session_C_FindObjects (test->session, &check, 1, &n_objects);
303 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
304 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
305 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
306 :
307 1 : gkm_assert_cmpulong (check, !=, 0);
308 1 : gkm_assert_cmpulong (n_objects, >, 0);
309 1 : }
310 :
311 : static void
312 1 : test_create_assertion_missing_type (Test *test, gconstpointer unused)
313 : {
314 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
315 1 : CK_OBJECT_HANDLE object = 0;
316 : CK_RV rv;
317 :
318 : /* Missing CKT_X_ANCHORED_CERTIFICATE */
319 1 : CK_ATTRIBUTE attrs[] = {
320 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
321 : { CKA_CLASS, &klass, sizeof (klass) },
322 : { CKA_X_PURPOSE, "test-purpose", 12 },
323 : };
324 :
325 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
326 1 : gkm_assert_cmprv (rv, ==, CKR_TEMPLATE_INCOMPLETE);
327 1 : }
328 :
329 : static void
330 1 : test_create_assertion_bad_type (Test *test, gconstpointer unused)
331 : {
332 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
333 1 : CK_X_ASSERTION_TYPE atype = 0xFFFF;
334 1 : CK_OBJECT_HANDLE object = 0;
335 : CK_RV rv;
336 :
337 : /* Missing CKA_X_CERTIFICATE_VALUE */
338 1 : CK_ATTRIBUTE attrs[] = {
339 : { CKA_CLASS, &klass, sizeof (klass) },
340 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
341 : { CKA_X_PURPOSE, "test-purpose", 12 },
342 : };
343 :
344 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
345 1 : gkm_assert_cmprv (rv, ==, CKR_TEMPLATE_INCONSISTENT);
346 1 : }
347 :
348 : static void
349 1 : test_create_assertion_missing_cert_value (Test *test, gconstpointer unused)
350 : {
351 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
352 1 : CK_X_ASSERTION_TYPE atype = CKT_X_ANCHORED_CERTIFICATE;
353 1 : CK_OBJECT_HANDLE object = 0;
354 : CK_RV rv;
355 :
356 : /* Missing CKA_X_CERTIFICATE_VALUE */
357 1 : CK_ATTRIBUTE attrs[] = {
358 : { CKA_CLASS, &klass, sizeof (klass) },
359 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
360 : { CKA_X_PURPOSE, "test-purpose", 12 },
361 : };
362 :
363 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
364 1 : gkm_assert_cmprv (rv, ==, CKR_TEMPLATE_INCOMPLETE);
365 1 : }
366 :
367 : static void
368 1 : test_create_assertion_bad_cert_value (Test *test, gconstpointer unused)
369 : {
370 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
371 1 : CK_X_ASSERTION_TYPE atype = CKT_X_ANCHORED_CERTIFICATE;
372 1 : CK_OBJECT_HANDLE object = 0;
373 : CK_RV rv;
374 :
375 : /* Bad CKA_X_CERTIFICATE_VALUE */
376 1 : CK_ATTRIBUTE attrs[] = {
377 : { CKA_X_CERTIFICATE_VALUE, "12", 2 },
378 : { CKA_CLASS, &klass, sizeof (klass) },
379 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
380 : { CKA_X_PURPOSE, "test-purpose", 12 },
381 : };
382 :
383 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
384 1 : gkm_assert_cmprv (rv, ==, CKR_ATTRIBUTE_VALUE_INVALID);
385 1 : }
386 :
387 : static void
388 1 : test_create_assertion_null_cert_value (Test *test, gconstpointer unused)
389 : {
390 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
391 1 : CK_X_ASSERTION_TYPE atype = CKT_X_ANCHORED_CERTIFICATE;
392 1 : CK_OBJECT_HANDLE object = 0;
393 : CK_RV rv;
394 :
395 : /* Bad CKA_X_CERTIFICATE_VALUE */
396 1 : CK_ATTRIBUTE attrs[] = {
397 : { CKA_X_CERTIFICATE_VALUE, NULL, 0 },
398 : { CKA_CLASS, &klass, sizeof (klass) },
399 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
400 : { CKA_X_PURPOSE, "test-purpose", 12 },
401 : };
402 :
403 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
404 1 : gkm_assert_cmprv (rv, ==, CKR_ATTRIBUTE_VALUE_INVALID);
405 1 : }
406 :
407 : static void
408 1 : test_create_assertion_for_distrusted (Test *test, gconstpointer unused)
409 : {
410 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
411 1 : CK_X_ASSERTION_TYPE atype = CKT_X_DISTRUSTED_CERTIFICATE;
412 1 : CK_OBJECT_HANDLE object = 0;
413 1 : CK_OBJECT_HANDLE check = 0;
414 1 : CK_ULONG n_objects = 0;
415 : CK_RV rv;
416 :
417 1 : CK_ATTRIBUTE attrs[] = {
418 : { CKA_CLASS, &klass, sizeof (klass) },
419 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
420 : { CKA_X_PURPOSE, "test-purpose", 12 },
421 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
422 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) }
423 : };
424 :
425 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
426 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
427 1 : gkm_assert_cmpulong (object, !=, 0);
428 :
429 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
430 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
431 1 : rv = gkm_session_C_FindObjects (test->session, &check, 1, &n_objects);
432 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
433 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
434 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
435 :
436 1 : gkm_assert_cmpulong (n_objects, ==, 1);
437 1 : gkm_assert_cmpulong (check, ==, object);
438 1 : }
439 :
440 : static void
441 1 : test_create_assertion_for_distrusted_no_purpose (Test *test, gconstpointer unused)
442 : {
443 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
444 1 : CK_X_ASSERTION_TYPE atype = CKT_X_DISTRUSTED_CERTIFICATE;
445 1 : CK_OBJECT_HANDLE object = 0;
446 : CK_RV rv;
447 :
448 1 : CK_ATTRIBUTE attrs[] = {
449 : { CKA_CLASS, &klass, sizeof (klass) },
450 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
451 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
452 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) }
453 : };
454 :
455 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
456 1 : gkm_assert_cmprv (rv, ==, CKR_TEMPLATE_INCOMPLETE);
457 1 : }
458 :
459 : static void
460 1 : test_create_assertion_for_distrusted_no_serial (Test *test, gconstpointer unused)
461 : {
462 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
463 1 : CK_X_ASSERTION_TYPE atype = CKT_X_DISTRUSTED_CERTIFICATE;
464 1 : CK_OBJECT_HANDLE object = 0;
465 : CK_RV rv;
466 :
467 1 : CK_ATTRIBUTE attrs[] = {
468 : { CKA_CLASS, &klass, sizeof (klass) },
469 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
470 : { CKA_X_PURPOSE, "test-purpose", 12 },
471 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) }
472 : };
473 :
474 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
475 1 : gkm_assert_cmprv (rv, ==, CKR_TEMPLATE_INCOMPLETE);
476 1 : }
477 :
478 : static void
479 1 : test_create_assertion_twice (Test *test, gconstpointer unused)
480 : {
481 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
482 1 : CK_X_ASSERTION_TYPE atype = CKT_X_DISTRUSTED_CERTIFICATE;
483 1 : CK_OBJECT_HANDLE object_1 = 0;
484 1 : CK_OBJECT_HANDLE object_2 = 0;
485 : CK_RV rv;
486 :
487 1 : CK_ATTRIBUTE attrs[] = {
488 : { CKA_CLASS, &klass, sizeof (klass) },
489 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
490 : { CKA_X_PURPOSE, "test-purpose", 12 },
491 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
492 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) }
493 : };
494 :
495 : /* First object should go away when we create an overlapping assertion */
496 :
497 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object_1);
498 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
499 1 : gkm_assert_cmpulong (object_1, !=, 0);
500 :
501 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object_2);
502 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
503 1 : gkm_assert_cmpulong (object_2, !=, 0);
504 :
505 1 : gkm_assert_cmpulong (object_1, !=, object_2);
506 :
507 : /* First object no longer exists */
508 1 : rv = gkm_session_C_DestroyObject (test->session, object_1);
509 1 : gkm_assert_cmprv (rv, ==, CKR_OBJECT_HANDLE_INVALID);
510 1 : }
511 :
512 : static void
513 1 : test_distrusted_assertion_has_no_cert_value (Test *test, gconstpointer unused)
514 : {
515 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
516 1 : CK_X_ASSERTION_TYPE atype = CKT_X_DISTRUSTED_CERTIFICATE;
517 1 : CK_OBJECT_HANDLE object = 0;
518 : CK_ATTRIBUTE check;
519 : CK_RV rv;
520 :
521 1 : CK_ATTRIBUTE attrs[] = {
522 : { CKA_CLASS, &klass, sizeof (klass) },
523 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
524 : { CKA_X_PURPOSE, "test-purpose", 12 },
525 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
526 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) }
527 : };
528 :
529 : /* Created as distrusted, should have no CKA_X_CERTIFICATE_VALUE */
530 :
531 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
532 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
533 1 : gkm_assert_cmpulong (object, !=, 0);
534 :
535 1 : check.type = CKA_X_CERTIFICATE_VALUE;
536 1 : check.pValue = NULL;
537 1 : check.ulValueLen = 0;
538 1 : rv = gkm_session_C_GetAttributeValue (test->session, object, &check, 1);
539 1 : gkm_assert_cmprv (rv, ==, CKR_ATTRIBUTE_TYPE_INVALID);
540 1 : }
541 :
542 : static void
543 1 : test_create_assertion_complete_on_token (Test *test, gconstpointer unused)
544 : {
545 1 : CK_OBJECT_CLASS klass = CKO_X_TRUST_ASSERTION;
546 1 : CK_X_ASSERTION_TYPE atype = CKT_X_PINNED_CERTIFICATE;
547 1 : CK_OBJECT_HANDLE object = 0;
548 1 : CK_OBJECT_HANDLE check = 0;
549 : CK_OBJECT_HANDLE results[8];
550 1 : CK_BBOOL token = CK_TRUE;
551 1 : CK_ULONG n_objects = 0;
552 : CK_RV rv;
553 :
554 1 : CK_ATTRIBUTE attrs[] = {
555 1 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
556 : { CKA_CLASS, &klass, sizeof (klass) },
557 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
558 : { CKA_X_PURPOSE, "other", 5 },
559 : { CKA_TOKEN, &token, sizeof (token) },
560 : };
561 :
562 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
563 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
564 1 : gkm_assert_cmpulong (object, !=, 0);
565 :
566 1 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &check);
567 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
568 1 : gkm_assert_cmpulong (check, !=, 0);
569 :
570 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
571 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
572 1 : rv = gkm_session_C_FindObjects (test->session, results, G_N_ELEMENTS (results), &n_objects);
573 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
574 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
575 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
576 :
577 : /* Second should have overwritten the first */
578 1 : gkm_assert_cmpulong (n_objects, ==, 1);
579 1 : gkm_assert_cmpulong (results[0], ==, check);
580 1 : }
581 :
582 : static void
583 1 : test_destroy_assertion_on_token (Test *test, gconstpointer unused)
584 : {
585 1 : CK_X_ASSERTION_TYPE atype = CKT_X_PINNED_CERTIFICATE;
586 : CK_OBJECT_HANDLE results[8];
587 1 : CK_BBOOL token = CK_TRUE;
588 1 : CK_ULONG n_objects = 0;
589 : CK_RV rv;
590 :
591 1 : CK_ATTRIBUTE attrs[] = {
592 : { CKA_X_ASSERTION_TYPE, &atype, sizeof (atype) },
593 : { CKA_TOKEN, &token, sizeof (token) },
594 : };
595 :
596 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
597 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
598 1 : rv = gkm_session_C_FindObjects (test->session, results, G_N_ELEMENTS (results), &n_objects);
599 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
600 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
601 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
602 :
603 1 : gkm_assert_cmpulong (n_objects, ==, 1);
604 :
605 1 : rv = gkm_session_C_DestroyObject (test->session, results[0]);
606 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
607 :
608 1 : rv = gkm_session_C_FindObjectsInit (test->session, attrs, G_N_ELEMENTS (attrs));
609 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
610 1 : rv = gkm_session_C_FindObjects (test->session, results, G_N_ELEMENTS (results), &n_objects);
611 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
612 1 : rv = gkm_session_C_FindObjectsFinal (test->session);
613 1 : gkm_assert_cmprv (rv, ==, CKR_OK);
614 :
615 1 : gkm_assert_cmpulong (n_objects, ==, 0);
616 1 : }
617 :
618 : static void
619 16 : _assert_positive_netscape (Test *test, CK_X_ASSERTION_TYPE assertion_type, const gchar *purpose,
620 : CK_ATTRIBUTE_TYPE netscape_type, CK_TRUST netscape_trust,
621 : const gchar *description)
622 : {
623 16 : CK_OBJECT_CLASS aklass = CKO_X_TRUST_ASSERTION;
624 16 : CK_OBJECT_CLASS nklass = CKO_NETSCAPE_TRUST;
625 16 : CK_OBJECT_HANDLE object = 0;
626 : CK_OBJECT_HANDLE results[256];
627 16 : CK_ULONG n_results = 0;
628 : CK_BYTE checksum[20];
629 : gsize n_checksum;
630 : CK_ATTRIBUTE attr;
631 : CK_TRUST check;
632 : GChecksum *md;
633 16 : CK_BBOOL fval = CK_FALSE;
634 : CK_RV rv;
635 :
636 16 : CK_ATTRIBUTE attrs[] = {
637 16 : { CKA_X_CERTIFICATE_VALUE, test->cert_data, test->n_cert_data },
638 : { CKA_CLASS, &aklass, sizeof (aklass) },
639 : { CKA_X_ASSERTION_TYPE, &assertion_type, sizeof (assertion_type) },
640 16 : { CKA_X_PURPOSE, (void*)purpose, strlen (purpose) },
641 : { CKA_TOKEN, &fval, sizeof (fval) },
642 : };
643 :
644 16 : CK_ATTRIBUTE lookup[] = {
645 : { CKA_CLASS, &nklass, sizeof (nklass) },
646 : { CKA_TOKEN, &fval, sizeof (fval) },
647 : { CKA_CERT_SHA1_HASH, checksum, sizeof (checksum) },
648 : };
649 :
650 16 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
651 16 : gkm_assert_cmprv (rv, ==, CKR_OK);
652 16 : gkm_assert_cmpulong (object, !=, 0);
653 :
654 16 : md = g_checksum_new (G_CHECKSUM_SHA1);
655 16 : g_checksum_update (md, (guchar*)test->cert_data, test->n_cert_data);
656 16 : n_checksum = sizeof (checksum);
657 16 : g_checksum_get_digest (md, checksum, &n_checksum);
658 16 : g_assert (n_checksum == sizeof (checksum));
659 16 : g_checksum_free (md);
660 :
661 16 : rv = gkm_session_C_FindObjectsInit (test->session, lookup, G_N_ELEMENTS (lookup));
662 16 : gkm_assert_cmprv (rv, ==, CKR_OK);
663 16 : rv = gkm_session_C_FindObjects (test->session, results, G_N_ELEMENTS (results), &n_results);
664 16 : gkm_assert_cmprv (rv, ==, CKR_OK);
665 16 : rv = gkm_session_C_FindObjectsFinal (test->session);
666 16 : gkm_assert_cmprv (rv, ==, CKR_OK);
667 :
668 16 : gkm_assert_cmpulong (n_results, ==, 1);
669 :
670 16 : check = (CK_ULONG)-1;
671 16 : attr.type = netscape_type;
672 16 : attr.pValue = ✓
673 16 : attr.ulValueLen = sizeof (check);
674 :
675 16 : rv = gkm_session_C_GetAttributeValue (test->session, results[0], &attr, 1);
676 16 : gkm_assert_cmprv (rv, ==, CKR_OK);
677 :
678 16 : if (check != netscape_trust)
679 0 : g_warning ("netscape trust was not mapped correctly: \"%s\"", description);
680 16 : gkm_assert_cmpulong (check, ==, netscape_trust);
681 16 : }
682 :
683 : static void
684 8 : _assert_negative_netscape (Test *test, CK_X_ASSERTION_TYPE assertion_type, const gchar *purpose,
685 : CK_ATTRIBUTE_TYPE netscape_type, CK_TRUST netscape_trust,
686 : const gchar *description)
687 : {
688 8 : CK_OBJECT_CLASS aklass = CKO_X_TRUST_ASSERTION;
689 8 : CK_OBJECT_CLASS nklass = CKO_NETSCAPE_TRUST;
690 8 : CK_OBJECT_HANDLE object = 0;
691 : CK_OBJECT_HANDLE results[256];
692 8 : CK_ULONG n_results = 0;
693 : CK_ATTRIBUTE attr;
694 : CK_TRUST check;
695 8 : CK_BBOOL fval = CK_FALSE;
696 : CK_RV rv;
697 :
698 8 : CK_ATTRIBUTE attrs[] = {
699 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
700 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) },
701 : { CKA_CLASS, &aklass, sizeof (aklass) },
702 : { CKA_X_ASSERTION_TYPE, &assertion_type, sizeof (assertion_type) },
703 8 : { CKA_X_PURPOSE, (void*)purpose, strlen (purpose) },
704 : { CKA_TOKEN, &fval, sizeof (fval) },
705 : };
706 :
707 8 : CK_ATTRIBUTE lookup[] = {
708 : { CKA_CLASS, &nklass, sizeof (nklass) },
709 : { CKA_TOKEN, &fval, sizeof (fval) },
710 : { CKA_SERIAL_NUMBER, (void*)SERIAL_NUMBER, XL (SERIAL_NUMBER) },
711 : { CKA_ISSUER, (void*)DER_ISSUER, XL (DER_ISSUER) },
712 : };
713 :
714 8 : rv = gkm_session_C_CreateObject (test->session, attrs, G_N_ELEMENTS (attrs), &object);
715 8 : gkm_assert_cmprv (rv, ==, CKR_OK);
716 8 : gkm_assert_cmpulong (object, !=, 0);
717 :
718 8 : rv = gkm_session_C_FindObjectsInit (test->session, lookup, G_N_ELEMENTS (lookup));
719 8 : gkm_assert_cmprv (rv, ==, CKR_OK);
720 8 : rv = gkm_session_C_FindObjects (test->session, results, G_N_ELEMENTS (results), &n_results);
721 8 : gkm_assert_cmprv (rv, ==, CKR_OK);
722 8 : rv = gkm_session_C_FindObjectsFinal (test->session);
723 8 : gkm_assert_cmprv (rv, ==, CKR_OK);
724 :
725 8 : gkm_assert_cmpulong (n_results, ==, 1);
726 :
727 8 : check = (CK_ULONG)-1;
728 8 : attr.type = netscape_type;
729 8 : attr.pValue = ✓
730 8 : attr.ulValueLen = sizeof (check);
731 :
732 8 : rv = gkm_session_C_GetAttributeValue (test->session, results[0], &attr, 1);
733 8 : gkm_assert_cmprv (rv, ==, CKR_OK);
734 :
735 8 : if (check != netscape_trust)
736 0 : g_warning ("netscape trust was not mapped correctly: \"%s\"", description);
737 8 : gkm_assert_cmpulong (check, ==, netscape_trust);
738 8 : }
739 :
740 : /* Some macros for intelligent failure messages */
741 : #define assert_positive_netscape(test, a, b, c, d) \
742 : _assert_positive_netscape (test, a, b, c, d, #a ", " #b ", " #c ", " #d)
743 : #define assert_negative_netscape(test, a, b, c, d) \
744 : _assert_negative_netscape (test, a, b, c, d, #a ", " #b ", " #c ", " #d)
745 :
746 : static void
747 1 : test_netscape_map_server_auth (Test *test, gconstpointer unused)
748 : {
749 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.1",
750 : CKA_TRUST_SERVER_AUTH, CKT_NETSCAPE_TRUSTED);
751 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.1",
752 : CKA_TRUST_SERVER_AUTH, CKT_NETSCAPE_TRUSTED_DELEGATOR);
753 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.1",
754 : CKA_TRUST_SERVER_AUTH, CKT_NETSCAPE_UNTRUSTED);
755 1 : }
756 :
757 : static void
758 1 : test_netscape_map_client_auth (Test *test, gconstpointer unused)
759 : {
760 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.2",
761 : CKA_TRUST_CLIENT_AUTH, CKT_NETSCAPE_TRUSTED);
762 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.2",
763 : CKA_TRUST_CLIENT_AUTH, CKT_NETSCAPE_TRUSTED_DELEGATOR);
764 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.2",
765 : CKA_TRUST_CLIENT_AUTH, CKT_NETSCAPE_UNTRUSTED);
766 1 : }
767 :
768 : static void
769 1 : test_netscape_map_code_signing (Test *test, gconstpointer unused)
770 : {
771 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.3",
772 : CKA_TRUST_CODE_SIGNING, CKT_NETSCAPE_TRUSTED);
773 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.3",
774 : CKA_TRUST_CODE_SIGNING, CKT_NETSCAPE_TRUSTED_DELEGATOR);
775 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.3",
776 : CKA_TRUST_CODE_SIGNING, CKT_NETSCAPE_UNTRUSTED);
777 1 : }
778 :
779 : static void
780 1 : test_netscape_map_email (Test *test, gconstpointer unused)
781 : {
782 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.4",
783 : CKA_TRUST_EMAIL_PROTECTION, CKT_NETSCAPE_TRUSTED);
784 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.4",
785 : CKA_TRUST_EMAIL_PROTECTION, CKT_NETSCAPE_TRUSTED_DELEGATOR);
786 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.4",
787 : CKA_TRUST_EMAIL_PROTECTION, CKT_NETSCAPE_UNTRUSTED);
788 1 : }
789 :
790 : static void
791 1 : test_netscape_map_ipsec_endpoint (Test *test, gconstpointer unused)
792 : {
793 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.5",
794 : CKA_TRUST_IPSEC_END_SYSTEM, CKT_NETSCAPE_TRUSTED);
795 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.5",
796 : CKA_TRUST_IPSEC_END_SYSTEM, CKT_NETSCAPE_TRUSTED_DELEGATOR);
797 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.5",
798 : CKA_TRUST_IPSEC_END_SYSTEM, CKT_NETSCAPE_UNTRUSTED);
799 1 : }
800 :
801 : static void
802 1 : test_netscape_map_ipsec_tunnel (Test *test, gconstpointer unused)
803 : {
804 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.6",
805 : CKA_TRUST_IPSEC_TUNNEL, CKT_NETSCAPE_TRUSTED);
806 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.6",
807 : CKA_TRUST_IPSEC_TUNNEL, CKT_NETSCAPE_TRUSTED_DELEGATOR);
808 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.6",
809 : CKA_TRUST_IPSEC_TUNNEL, CKT_NETSCAPE_UNTRUSTED);
810 1 : }
811 :
812 : static void
813 1 : test_netscape_map_ipsec_user (Test *test, gconstpointer unused)
814 : {
815 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.7",
816 : CKA_TRUST_IPSEC_USER, CKT_NETSCAPE_TRUSTED);
817 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.7",
818 : CKA_TRUST_IPSEC_USER, CKT_NETSCAPE_TRUSTED_DELEGATOR);
819 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.7",
820 : CKA_TRUST_IPSEC_USER, CKT_NETSCAPE_UNTRUSTED);
821 1 : }
822 :
823 : static void
824 1 : test_netscape_map_time_stamping (Test *test, gconstpointer unused)
825 : {
826 1 : assert_positive_netscape (test, CKT_X_PINNED_CERTIFICATE, "1.3.6.1.5.5.7.3.8",
827 : CKA_TRUST_TIME_STAMPING, CKT_NETSCAPE_TRUSTED);
828 1 : assert_positive_netscape (test, CKT_X_ANCHORED_CERTIFICATE, "1.3.6.1.5.5.7.3.8",
829 : CKA_TRUST_TIME_STAMPING, CKT_NETSCAPE_TRUSTED_DELEGATOR);
830 1 : assert_negative_netscape (test, CKT_X_DISTRUSTED_CERTIFICATE, "1.3.6.1.5.5.7.3.8",
831 : CKA_TRUST_TIME_STAMPING, CKT_NETSCAPE_UNTRUSTED);
832 1 : }
833 :
834 :
835 : static void
836 55 : null_log_handler (const gchar *log_domain, GLogLevelFlags log_level,
837 : const gchar *message, gpointer user_data)
838 : {
839 :
840 55 : }
841 :
842 : int
843 1 : main (int argc, char **argv)
844 : {
845 : #if !GLIB_CHECK_VERSION(2,35,0)
846 : g_type_init ();
847 : #endif
848 1 : g_test_init (&argc, &argv, NULL);
849 :
850 : /* Suppress these messages in tests */
851 1 : g_log_set_handler (G_LOG_DOMAIN, G_LOG_LEVEL_MESSAGE | G_LOG_LEVEL_INFO | G_LOG_LEVEL_DEBUG,
852 : null_log_handler, NULL);
853 :
854 1 : g_test_add ("/xdg-store/trust/load_objects", Test, NULL, setup, test_load_objects, teardown);
855 1 : g_test_add ("/xdg-store/trust/create_assertion_complete", Test, NULL, setup, test_create_assertion_complete, teardown);
856 1 : g_test_add ("/xdg-store/trust/complete_assertion_has_no_serial_or_issuer", Test, NULL, setup, test_complete_assertion_has_no_serial_or_issuer, teardown);
857 1 : g_test_add ("/xdg-store/trust/complete_assertion_netscape_md5_hash", Test, NULL, setup, test_complete_assertion_netscape_md5_hash, teardown);
858 1 : g_test_add ("/xdg-store/trust/complete_assertion_netscape_sha1_hash", Test, NULL, setup, test_complete_assertion_netscape_sha1_hash, teardown);
859 1 : g_test_add ("/xdg-store/trust/create_assertion_missing_type", Test, NULL, setup, test_create_assertion_missing_type, teardown);
860 1 : g_test_add ("/xdg-store/trust/create_assertion_bad_type", Test, NULL, setup, test_create_assertion_bad_type, teardown);
861 1 : g_test_add ("/xdg-store/trust/create_assertion_missing_cert_value", Test, NULL, setup, test_create_assertion_missing_cert_value, teardown);
862 1 : g_test_add ("/xdg-store/trust/create_assertion_bad_cert_value", Test, NULL, setup, test_create_assertion_bad_cert_value, teardown);
863 1 : g_test_add ("/xdg-store/trust/create_assertion_null_cert_value", Test, NULL, setup, test_create_assertion_null_cert_value, teardown);
864 1 : g_test_add ("/xdg-store/trust/create_assertion_for_distrusted", Test, NULL, setup, test_create_assertion_for_distrusted, teardown);
865 1 : g_test_add ("/xdg-store/trust/create_assertion_for_distrusted_no_purpose", Test, NULL, setup, test_create_assertion_for_distrusted_no_purpose, teardown);
866 1 : g_test_add ("/xdg-store/trust/create_assertion_for_distrusted_no_serial", Test, NULL, setup, test_create_assertion_for_distrusted_no_serial, teardown);
867 1 : g_test_add ("/xdg-store/trust/create_assertion_twice", Test, NULL, setup, test_create_assertion_twice, teardown);
868 1 : g_test_add ("/xdg-store/trust/distrusted_assertion_has_no_cert_value", Test, NULL, setup, test_distrusted_assertion_has_no_cert_value, teardown);
869 1 : g_test_add ("/xdg-store/trust/create_assertion_complete_on_token", Test, NULL, setup, test_create_assertion_complete_on_token, teardown);
870 1 : g_test_add ("/xdg-store/trust/destroy_assertion_on_token", Test, NULL, setup, test_destroy_assertion_on_token, teardown);
871 1 : g_test_add ("/xdg-store/trust/netscape_map_server_auth", Test, NULL, setup, test_netscape_map_server_auth, teardown);
872 1 : g_test_add ("/xdg-store/trust/netscape_map_client_auth", Test, NULL, setup, test_netscape_map_client_auth, teardown);
873 1 : g_test_add ("/xdg-store/trust/netscape_map_code_signing", Test, NULL, setup, test_netscape_map_code_signing, teardown);
874 1 : g_test_add ("/xdg-store/trust/netscape_map_email", Test, NULL, setup, test_netscape_map_email, teardown);
875 1 : g_test_add ("/xdg-store/trust/netscape_map_ipsec_endpoint", Test, NULL, setup, test_netscape_map_ipsec_endpoint, teardown);
876 1 : g_test_add ("/xdg-store/trust/netscape_map_ipsec_tunnel", Test, NULL, setup, test_netscape_map_ipsec_tunnel, teardown);
877 1 : g_test_add ("/xdg-store/trust/netscape_map_ipsec_user", Test, NULL, setup, test_netscape_map_ipsec_user, teardown);
878 1 : g_test_add ("/xdg-store/trust/netscape_map_time_stamping", Test, NULL, setup, test_netscape_map_time_stamping, teardown);
879 :
880 1 : return egg_tests_run_in_thread_with_loop ();
881 : }
|