gnome-keyring r1511 - in trunk: . pkcs11/gck pkcs11/gck/tests pkcs11/gck/tests/test-data
- From: nnielsen svn gnome org
- To: svn-commits-list gnome org
- Subject: gnome-keyring r1511 - in trunk: . pkcs11/gck pkcs11/gck/tests pkcs11/gck/tests/test-data
- Date: Sat, 7 Feb 2009 23:23:04 +0000 (UTC)
Author: nnielsen
Date: Sat Feb 7 23:23:04 2009
New Revision: 1511
URL: http://svn.gnome.org/viewvc/gnome-keyring?rev=1511&view=rev
Log:
Enable key usage and enhanced usage parsing, and build tests for them.
Added:
trunk/pkcs11/gck/tests/test-data/test-certificate-2.der
Modified:
trunk/ChangeLog
trunk/pkcs11/gck/gck-data-der.c
trunk/pkcs11/gck/tests/unit-test-data-der.c
Modified: trunk/pkcs11/gck/gck-data-der.c
==============================================================================
--- trunk/pkcs11/gck/gck-data-der.c (original)
+++ trunk/pkcs11/gck/gck-data-der.c Sat Feb 7 23:23:04 2009
@@ -1203,8 +1203,6 @@
return ret;
}
-#ifdef UNTESTED_CODE
-
GckDataResult
gck_data_der_read_key_usage (const guchar *data, gsize n_data, guint *key_usage)
{
@@ -1271,7 +1269,6 @@
return ret;
}
-#endif /* UNTESTED CODE */
guchar*
gck_data_der_write_certificate (ASN1_TYPE asn1, gsize *n_data)
Added: trunk/pkcs11/gck/tests/test-data/test-certificate-2.der
==============================================================================
Binary files (empty file) and trunk/pkcs11/gck/tests/test-data/test-certificate-2.der Sat Feb 7 23:23:04 2009 differ
Modified: trunk/pkcs11/gck/tests/unit-test-data-der.c
==============================================================================
--- trunk/pkcs11/gck/tests/unit-test-data-der.c (original)
+++ trunk/pkcs11/gck/tests/unit-test-data-der.c Sat Feb 7 23:23:04 2009
@@ -40,6 +40,10 @@
static guchar *certificate_data = NULL;
static gsize n_certificate_data = 0;
+static ASN1_TYPE certificate2 = NULL;
+static guchar *certificate2_data = NULL;
+static gsize n_certificate2_data = 0;
+
const gchar *rsapub = "(public-key (rsa" \
" (n #00AE4B381CF43F7DC24CF90827325E2FB2EB57EDDE29562DF391C8942AA8E6423410E2D3FE26381F9DE0395E74BF2D17621AE46992C72CF895F6FA5FBE98054FBF#)" \
" (e #010001#)))";
@@ -107,6 +111,10 @@
certificate_data = test_read_testdata ("test-certificate-1.der", &n_certificate_data);
certificate = egg_asn1_decode ("PKIX1.Certificate", certificate_data, n_certificate_data);
g_assert (certificate);
+
+ certificate2_data = test_read_testdata ("test-certificate-2.der", &n_certificate2_data);
+ certificate2 = egg_asn1_decode ("PKIX1.Certificate", certificate2_data, n_certificate2_data);
+ g_assert (certificate2);
}
DEFINE_TEARDOWN(preload)
@@ -114,6 +122,10 @@
asn1_delete_structure (&certificate);
g_free (certificate_data);
certificate_data = NULL;
+
+ asn1_delete_structure (&certificate2);
+ g_free (certificate2_data);
+ certificate2_data = NULL;
}
DEFINE_TEST(der_rsa_public)
@@ -264,6 +276,42 @@
g_free (data);
}
+static const guchar*
+find_extension (ASN1_TYPE asn, const guchar *data, gsize n_data, const gchar *oid, gsize *n_extension)
+{
+ const guchar *value;
+ guchar *exoid;
+ gchar *name;
+ guint index;
+ int len;
+
+ len = strlen (oid);
+
+ for (index = 1; TRUE; ++index) {
+
+ /* Make sure it is present */
+ name = g_strdup_printf ("tbsCertificate.extensions.?%u.extnID", index);
+ exoid = egg_asn1_read_value (asn, name, NULL, NULL);
+ g_free (name);
+
+ if (!exoid)
+ return NULL;
+
+ if (strcmp ((gchar*)exoid, oid) == 0) {
+ g_free (exoid);
+ name = g_strdup_printf ("tbsCertificate.extensions.?%u.extnValue", index);
+ value = egg_asn1_read_content (asn, data, n_data, name, n_extension);
+ g_assert (value);
+ g_free (name);
+ return value;
+ }
+
+ g_free (exoid);
+ }
+
+ g_assert_not_reached ();
+}
+
DEFINE_TEST(read_basic_constraints)
{
const guchar *extension;
@@ -281,6 +329,37 @@
g_assert (path_len == -1);
}
+DEFINE_TEST(read_key_usage)
+{
+ const guchar *extension;
+ gsize n_extension;
+ guint key_usage;
+ GckDataResult res;
+
+ extension = find_extension (certificate2, certificate2_data, n_certificate2_data, "2.5.29.15", &n_extension);
+ g_assert (extension);
+
+ res = gck_data_der_read_key_usage (extension, n_extension, &key_usage);
+ g_assert (res == GCK_DATA_SUCCESS);
+ g_assert_cmpuint (key_usage, ==, 0x80);
+}
+
+DEFINE_TEST(read_enhanced_usage)
+{
+ const guchar *extension;
+ gsize n_extension;
+ GQuark *usages;
+ GckDataResult res;
+
+ extension = find_extension (certificate2, certificate2_data, n_certificate2_data, "2.5.29.37", &n_extension);
+ g_assert (extension);
+
+ res = gck_data_der_read_enhanced_usage (extension, n_extension, &usages);
+ g_assert (res == GCK_DATA_SUCCESS);
+
+ g_free (usages);
+}
+
DEFINE_TEST(read_all_pkcs8)
{
gcry_sexp_t sexp;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]