gnome-keyring r1511 - in trunk: . pkcs11/gck pkcs11/gck/tests pkcs11/gck/tests/test-data

From: nnielsen svn gnome org
To: svn-commits-list gnome org
Subject: gnome-keyring r1511 - in trunk: . pkcs11/gck pkcs11/gck/tests pkcs11/gck/tests/test-data
Date: Sat, 7 Feb 2009 23:23:04 +0000 (UTC)
Author: nnielsen
Date: Sat Feb  7 23:23:04 2009
New Revision: 1511
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1511&view=rev

Log:
Enable key usage and enhanced usage parsing, and build tests for them.

Added:
   trunk/pkcs11/gck/tests/test-data/test-certificate-2.der
Modified:
   trunk/ChangeLog
   trunk/pkcs11/gck/gck-data-der.c
   trunk/pkcs11/gck/tests/unit-test-data-der.c

Modified: trunk/pkcs11/gck/gck-data-der.c
==============================================================================
--- trunk/pkcs11/gck/gck-data-der.c	(original)
+++ trunk/pkcs11/gck/gck-data-der.c	Sat Feb  7 23:23:04 2009
@@ -1203,8 +1203,6 @@
 	return ret;
 }
 
-#ifdef UNTESTED_CODE
-
 GckDataResult
 gck_data_der_read_key_usage (const guchar *data, gsize n_data, guint *key_usage)
 {
@@ -1271,7 +1269,6 @@
 	return ret;
 }
 
-#endif /* UNTESTED CODE */
 
 guchar*
 gck_data_der_write_certificate (ASN1_TYPE asn1, gsize *n_data)

Added: trunk/pkcs11/gck/tests/test-data/test-certificate-2.der
==============================================================================
Binary files (empty file) and trunk/pkcs11/gck/tests/test-data/test-certificate-2.der	Sat Feb  7 23:23:04 2009 differ

Modified: trunk/pkcs11/gck/tests/unit-test-data-der.c
==============================================================================
--- trunk/pkcs11/gck/tests/unit-test-data-der.c	(original)
+++ trunk/pkcs11/gck/tests/unit-test-data-der.c	Sat Feb  7 23:23:04 2009
@@ -40,6 +40,10 @@
 static guchar *certificate_data = NULL;
 static gsize n_certificate_data = 0;
 
+static ASN1_TYPE certificate2 = NULL; 
+static guchar *certificate2_data = NULL;
+static gsize n_certificate2_data = 0;
+
 const gchar *rsapub = "(public-key (rsa" \
 " (n #00AE4B381CF43F7DC24CF90827325E2FB2EB57EDDE29562DF391C8942AA8E6423410E2D3FE26381F9DE0395E74BF2D17621AE46992C72CF895F6FA5FBE98054FBF#)" \
 " (e #010001#)))";
@@ -107,6 +111,10 @@
 	certificate_data = test_read_testdata ("test-certificate-1.der", &n_certificate_data);	
 	certificate = egg_asn1_decode ("PKIX1.Certificate", certificate_data, n_certificate_data);
 	g_assert (certificate);
+
+	certificate2_data = test_read_testdata ("test-certificate-2.der", &n_certificate2_data);	
+	certificate2 = egg_asn1_decode ("PKIX1.Certificate", certificate2_data, n_certificate2_data);
+	g_assert (certificate2);
 }
 
 DEFINE_TEARDOWN(preload)
@@ -114,6 +122,10 @@
 	asn1_delete_structure (&certificate);
 	g_free (certificate_data);
 	certificate_data = NULL;
+
+	asn1_delete_structure (&certificate2);
+	g_free (certificate2_data);
+	certificate2_data = NULL;
 }
 
 DEFINE_TEST(der_rsa_public)
@@ -264,6 +276,42 @@
 	g_free (data);
 }
 
+static const guchar* 
+find_extension (ASN1_TYPE asn, const guchar *data, gsize n_data, const gchar *oid, gsize *n_extension)
+{
+	const guchar *value;
+	guchar *exoid;
+	gchar *name;
+	guint index;
+	int len;
+	
+	len = strlen (oid);
+	
+	for (index = 1; TRUE; ++index) {
+		
+		/* Make sure it is present */
+		name = g_strdup_printf ("tbsCertificate.extensions.?%u.extnID", index);
+		exoid = egg_asn1_read_value (asn, name, NULL, NULL);
+		g_free (name);
+
+		if (!exoid)
+			return NULL;
+
+		if (strcmp ((gchar*)exoid, oid) == 0) {
+			g_free (exoid);
+			name = g_strdup_printf ("tbsCertificate.extensions.?%u.extnValue", index);
+			value = egg_asn1_read_content (asn, data, n_data, name, n_extension);
+			g_assert (value);
+			g_free (name);
+			return value;
+		}
+		
+		g_free (exoid);
+	}
+
+	g_assert_not_reached ();
+}
+
 DEFINE_TEST(read_basic_constraints)
 {
 	const guchar *extension;
@@ -281,6 +329,37 @@
 	g_assert (path_len == -1);
 }
 
+DEFINE_TEST(read_key_usage)
+{
+	const guchar *extension;
+	gsize n_extension;
+	guint key_usage;
+	GckDataResult res;
+	
+	extension = find_extension (certificate2, certificate2_data, n_certificate2_data, "2.5.29.15", &n_extension);
+	g_assert (extension);
+
+	res = gck_data_der_read_key_usage (extension, n_extension, &key_usage);
+	g_assert (res == GCK_DATA_SUCCESS);
+	g_assert_cmpuint (key_usage, ==, 0x80);
+}
+
+DEFINE_TEST(read_enhanced_usage)
+{
+	const guchar *extension;
+	gsize n_extension;
+	GQuark *usages;
+	GckDataResult res;
+	
+	extension = find_extension (certificate2, certificate2_data, n_certificate2_data, "2.5.29.37", &n_extension);
+	g_assert (extension);
+
+	res = gck_data_der_read_enhanced_usage (extension, n_extension, &usages);
+	g_assert (res == GCK_DATA_SUCCESS);
+	
+	g_free (usages);
+}
+
 DEFINE_TEST(read_all_pkcs8)
 {
 	gcry_sexp_t sexp;
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]