]> git.saurik.com Git - apple/ipsec.git/blob - ipsec-tools/racoon_test/racoon_test.c
projects / apple / ipsec.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ipsec-317.tar.gz
[apple/ipsec.git] / ipsec-tools / racoon_test / racoon_test.c
1 //
2 // racoon_test.c
3 // ipsec
4 //
5 // Copyright (c) 2017 Apple Inc. All rights reserved.
6 //
7
8 #include "oakley.h"
9 #include "crypto_cssm.h"
10 #include "racoon_certs_data.h"
11
12 #include <TargetConditionals.h>
13 #include <Security/SecCertificate.h>
14 #include <sysexits.h>
15 #include <getopt.h>
16
17 #define racoon_test_pass 0
18 #define racoon_test_failure 1
19
20 static struct option long_options[] =
21 {
22 {"unit_test", no_argument, 0, 'u'},
23 {"help" , no_argument, 0, 'h'}
24 };
25
26 static void
27 print_usage(char *name)
28 {
29 printf("Usage: %s\n", name);
30 printf(" -unit_test\n");
31 }
32
33 static int
34 racoon_cert_validity_test(void)
35 {
36 int result = racoon_test_pass;
37 #ifndef HAVE_OPENSSL
38 /*
39 * Below tests are applicable only for embedded
40 * because the crypto_cssm_check_x509cert_dates()
41 * does nothing on osx.
42 */
43 cert_status_t cert_status;
44
45 fprintf(stdout, "[TEST] RacoonCertValidity\n");
46
47 // For certificate info, look at past_cert.der
48 fprintf(stdout, "[BEGIN] ExpiredCertTest\n");
49 CFDataRef past_cert_data = CFDataCreate(kCFAllocatorDefault, past_cert_der, sizeof(past_cert_der));
50 SecCertificateRef past_cert_ref = SecCertificateCreateWithData(NULL, past_cert_data);
51 cert_status = crypto_cssm_check_x509cert_dates (past_cert_ref);
52 if (cert_status != CERT_STATUS_EXPIRED) {
53 fprintf(stdout, "[FAIL] ExpiredCertTest\n");
54 result = racoon_test_failure;
55 } else {
56 fprintf(stdout, "[PASS] ExpiredCertTest\n");
57 }
58
59 // For certificate info, look at future_cert.der
60 fprintf(stdout, "[BEGIN] PrematureCertTest\n");
61 CFDataRef future_cert_data = CFDataCreate(kCFAllocatorDefault, future_cert_der, sizeof(future_cert_der));
62 SecCertificateRef future_cert_ref = SecCertificateCreateWithData(NULL, future_cert_data);
63 cert_status = crypto_cssm_check_x509cert_dates (future_cert_ref);
64 if (cert_status != CERT_STATUS_PREMATURE) {
65 fprintf(stdout, "[FAIL] PrematureCertTest\n");
66 result = racoon_test_failure;
67 } else {
68 fprintf(stdout, "[PASS] PrematureCertTest\n");
69 }
70
71
72 // For certificate info, look at valid_cert.der
73 fprintf(stdout, "[BEGIN] ValidCertTest\n");
74 CFDataRef valid_cert_data = CFDataCreate(kCFAllocatorDefault, valid_cert_der, sizeof(valid_cert_der));
75 SecCertificateRef valid_cert_ref = SecCertificateCreateWithData(NULL, valid_cert_data);
76 cert_status = crypto_cssm_check_x509cert_dates (valid_cert_ref);
77 if (cert_status != CERT_STATUS_OK) {
78 fprintf(stdout, "[FAIL] ValidCertTest\n");
79 result = racoon_test_failure;
80 } else {
81 fprintf(stdout, "[PASS] ValidCertTest\n");
82 }
83 #endif // HAVE_OPENSSL
84 return result;
85 }
86
87 static void
88 racoon_unit_test(void)
89 {
90 int result = racoon_test_pass;
91
92 if (racoon_cert_validity_test() == racoon_test_failure) {
93 result = racoon_test_failure;
94 }
95
96 if (result == racoon_test_pass) {
97 fprintf(stdout, "\nAll Tests Passed\n\n");
98 }
99 }
100
101 int
102 main(int argc, char *argv[])
103 {
104 int opt = 0;
105 int opt_index = 0;
106
107 if (argc < 2) {
108 print_usage(argv[0]);
109 return (0);
110 }
111
112 while ((opt = getopt_long_only(argc, argv, "", long_options, &opt_index)) != -1) {
113 switch (opt) {
114 case 'u':
115 {
116 racoon_unit_test();
117 break;
118 }
119 case 'h':
120 default:
121 {
122 print_usage(argv[0]);
123 exit(EXIT_FAILURE);
124 }
125 }
126 }
127
128 return (0);
129 }
mirror of ipsec