diff options
Diffstat (limited to 'trust/tests')
| -rw-r--r-- | trust/tests/files/verisign-v1.der | bin | 0 -> 576 bytes | |||
| -rw-r--r-- | trust/tests/test-builder.c | 18 | ||||
| -rw-r--r-- | trust/tests/test-module.c | 10 | ||||
| -rw-r--r-- | trust/tests/test-parser.c | 31 |
4 files changed, 53 insertions, 6 deletions
diff --git a/trust/tests/files/verisign-v1.der b/trust/tests/files/verisign-v1.der Binary files differnew file mode 100644 index 0000000..bcd5ebb --- /dev/null +++ b/trust/tests/files/verisign-v1.der diff --git a/trust/tests/test-builder.c b/trust/tests/test-builder.c index 8ffab88..f879706 100644 --- a/trust/tests/test-builder.c +++ b/trust/tests/test-builder.c @@ -152,6 +152,21 @@ test_build_certificate (CuTest *cu) { CKA_INVALID }, }; + CK_ATTRIBUTE expected[] = { + { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, + { CKA_CERTIFICATE_CATEGORY, &certificate_authority, sizeof (certificate_authority) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_CHECK_VALUE, "\xad\x7c\x3f", 3 }, + { CKA_START_DATE, "20110523", 8 }, + { CKA_END_DATE, "20210520", 8, }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_ISSUER, (void *)test_cacert3_ca_issuer, sizeof (test_cacert3_ca_issuer) }, + { CKA_SERIAL_NUMBER, (void *)test_cacert3_ca_serial, sizeof (test_cacert3_ca_serial) }, + { CKA_LABEL, "the label", 9 }, + { CKA_ID, "\xf0""a\xd8?\x95\x8fMx\xb1G\xb3\x13""9\x97\x8e\xa9\xc2Q\xba\x9b", 20}, + { CKA_INVALID }, + }; + CK_ATTRIBUTE *attrs; CK_ATTRIBUTE *merge; CK_RV rv; @@ -163,7 +178,7 @@ test_build_certificate (CuTest *cu) rv = p11_builder_build (test.builder, test.index, &attrs, merge); CuAssertIntEquals (cu, CKR_OK, rv); - test_check_cacert3_ca (cu, attrs, "the label"); + test_check_attrs (cu, expected, attrs); p11_attrs_free (attrs); teardown (cu); @@ -1406,6 +1421,7 @@ test_changed_without_id (CuTest *cu) { CKA_CERTIFICATE_CATEGORY, &certificate_authority, sizeof (certificate_authority) }, { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, { CKA_TRUSTED, &truev, sizeof (truev) }, + { CKA_ID, NULL, 0, }, { CKA_INVALID }, }; diff --git a/trust/tests/test-module.c b/trust/tests/test-module.c index 9c633f0..772dc8a 100644 --- a/trust/tests/test-module.c +++ b/trust/tests/test-module.c @@ -82,7 +82,7 @@ setup (CuTest *cu) CuAssertTrue (cu, rv == CKR_OK); memset (&args, 0, sizeof (args)); - paths = SRCDIR "/input:" SRCDIR "/files/cacert-ca.der:" SRCDIR "/files/testing-server.der"; + paths = SRCDIR "/input:" SRCDIR "/files/self-signed-with-ku.der:" SRCDIR "/files/thawte.pem"; if (asprintf (&arguments, "paths='%s'", paths) < 0) CuAssertTrue (cu, false && "not reached"); args.pReserved = arguments; @@ -154,8 +154,8 @@ test_get_slot_info (CuTest *cu) /* These are the paths passed in in setup() */ const char *paths[] = { SRCDIR "/input", - SRCDIR "/files/cacert-ca.der", - SRCDIR "/files/testing-server.der" + SRCDIR "/files/self-signed-with-ku.der", + SRCDIR "/files/thawte.pem" }; setup (cu); @@ -191,8 +191,8 @@ test_get_token_info (CuTest *cu) /* These are the paths passed in in setup() */ const char *labels[] = { "input", - "cacert-ca.der", - "testing-server.der" + "self-signed-with-ku.der", + "thawte.pem" }; setup (cu); diff --git a/trust/tests/test-parser.c b/trust/tests/test-parser.c index 3ad89da..a63d7a5 100644 --- a/trust/tests/test-parser.c +++ b/trust/tests/test-parser.c @@ -339,6 +339,36 @@ test_parse_anchor (CuTest *cu) teardown (cu); } +static void +test_parse_thawte (CuTest *cu) +{ + CK_ATTRIBUTE *cert; + int ret; + + CK_ATTRIBUTE expected[] = { + { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_MODIFIABLE, &falsev, sizeof (falsev) }, + { CKA_TRUSTED, &falsev, sizeof (falsev) }, + { CKA_X_DISTRUSTED, &falsev, sizeof (falsev) }, + { CKA_INVALID }, + }; + + setup (cu); + + ret = p11_parse_file (test.parser, SRCDIR "/files/thawte.pem", + P11_PARSE_FLAG_NONE); + CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + + /* Should have gotten certificate */ + CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + + cert = parsed_attrs (certificate_match); + test_check_attrs (cu, expected, cert); + + teardown (cu); +} + /* TODO: A certificate that uses generalTime needs testing */ static void @@ -393,6 +423,7 @@ main (void) SUITE_ADD_TEST (suite, test_parse_openssl_trusted); SUITE_ADD_TEST (suite, test_parse_openssl_distrusted); SUITE_ADD_TEST (suite, test_parse_anchor); + SUITE_ADD_TEST (suite, test_parse_thawte); SUITE_ADD_TEST (suite, test_parse_invalid_file); SUITE_ADD_TEST (suite, test_parse_unrecognized); |