]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/threadTest/getCachedFields.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-57336.1.9.tar.gz
[apple/security.git] / SecurityTests / clxutils / threadTest / getCachedFields.cpp
1 /*
2 * getCachedFields.cpp
3 *
4 * do a "CSSM_CL_CertGetFirstCachedFieldValue" 'n' times on a known good
5 * cert; with a variety of fields; verify same results each time.
6 */
7 #include "testParams.h"
8 #include <Security/cssm.h>
9 #include <utilLib/common.h>
10 #include <utilLib/cspwrap.h>
11 #include <clAppUtils/clutils.h>
12 #include <clAppUtils/tpUtils.h>
13 #include <security_cdsa_utils/cuFileIo.h>
14 #include <stdio.h>
15 #include <stdlib.h>
16 #include <time.h>
17 #include <string.h>
18 #include <Security/oidscert.h>
19 #include <Security/x509defs.h>
20 #include <Security/oidsattr.h>
21
22 #define DO_PAUSE 0
23
24 //static const char *CERT_FILE = "serverpremium.crt";
25 static const char *CERT_FILE = "mypage.apple_v3.100.cer";
26
27 #define NUM_INNER_LOOPS 10
28
29 /* common data, our known good cert, shared by all threads */
30 static unsigned char *certData = NULL;
31 static unsigned certLength = 0;
32
33 /*
34 * Hard coded list of field OIDs to fetch
35 */
36 static const CSSM_OID *fieldOids[] =
37 {
38 &CSSMOID_X509V1Version,
39 &CSSMOID_X509V1SubjectName,
40 &CSSMOID_X509V1IssuerName,
41 &CSSMOID_X509V1SerialNumber,
42 &CSSMOID_X509V1ValidityNotBefore,
43 &CSSMOID_X509V1ValidityNotAfter,
44 &CSSMOID_X509V1Signature
45 /* etc. */
46 };
47 #define NUM_FIELD_OIDS (sizeof(fieldOids) / sizeof(CSSM_OID *))
48
49
50 /* read in our known good cert file, just once */
51 int getCachedFieldsInit(TestParams *testParams)
52 {
53 if(certData != NULL) {
54 return 0;
55 }
56 if(testParams->verbose) {
57 printf("getFields thread %d: reading cert file %s...\n",
58 testParams->threadNum, CERT_FILE);
59 }
60 if(readFile(CERT_FILE, &certData, &certLength)) {
61 printf("Error reading %s; aborting\n", CERT_FILE);
62 printf("***This test must be run from the clxutils/threadTest directory.\n");
63 return 1;
64 }
65 return 0;
66 }
67
68 static int compareFields(
69 const CSSM_OID *oid,
70 const CSSM_DATA *val1,
71 const CSSM_DATA *val2)
72 {
73 /* data length must match */
74 if(val1->Length != val2->Length) {
75 printf("***FieldValue.Length miscompare\n");
76 return 1;
77 }
78
79 /*
80 * The hard part. Most OIDs have some kind of C struct pointer in their
81 * FieldValue.Data pointers, so comparison is on an oid-by-oid basis.
82 * We'll just do the easy ones, and the ones we suspect may be causing
83 * trouble.
84 */
85 if(appCompareCssmData(oid, &CSSMOID_X509V1Version)) {
86 if(!appCompareCssmData(val1, val2)) {
87 printf("***CSSMOID_X509V1Version mismatch\n");
88 return 1;
89 }
90 }
91 else if(appCompareCssmData(oid, &CSSMOID_X509V1SerialNumber)) {
92 if(!appCompareCssmData(val1, val2)) {
93 printf("***CSSMOID_X509V1SerialNumber mismatch\n");
94 return 1;
95 }
96 }
97 else if(appCompareCssmData(oid, &CSSMOID_X509V1ValidityNotBefore)) {
98 CSSM_X509_TIME *cssmTime1 = (CSSM_X509_TIME *)val1->Data;
99 CSSM_X509_TIME *cssmTime2 = (CSSM_X509_TIME *)val2->Data;
100 if(!appCompareCssmData(&cssmTime1->time, &cssmTime2->time)) {
101 printf("***CSSMOID_X509V1ValidityNotBefore mismatch\n");
102 return 1;
103 }
104 }
105 else if(appCompareCssmData(oid, &CSSMOID_X509V1ValidityNotAfter)) {
106 CSSM_X509_TIME *cssmTime1 = (CSSM_X509_TIME *)val1->Data;
107 CSSM_X509_TIME *cssmTime2 = (CSSM_X509_TIME *)val2->Data;
108 if(!appCompareCssmData(&cssmTime1->time, &cssmTime2->time)) {
109 printf("***CSSMOID_X509V1ValidityNotAfter mismatch\n");
110 return 1;
111 }
112 }
113 else if(appCompareCssmData(oid, &CSSMOID_X509V1CertificateIssuerUniqueId)) {
114 if(!appCompareCssmData(val1, val2)) {
115 printf("***CSSMOID_X509V1CertificateIssuerUniqueId mismatch\n");
116 return 1;
117 }
118 }
119 else if(appCompareCssmData(oid, &CSSMOID_X509V1CertificateSubjectUniqueId)) {
120 if(!appCompareCssmData(val1, val2)) {
121 printf("***CSSMOID_X509V1CertificateSubjectUniqueId mismatch\n");
122 return 1;
123 }
124 }
125 else if(appCompareCssmData(oid, &CSSMOID_X509V1Signature)) {
126 if(!appCompareCssmData(val1, val2)) {
127 printf("***CSSMOID_X509V1Signature mismatch\n");
128 return 1;
129 }
130 }
131 return 0;
132 }
133
134 static int checkOneField(
135 CSSM_CL_HANDLE clHand,
136 CSSM_HANDLE cacheHand1,
137 CSSM_HANDLE cacheHand2,
138 const CSSM_OID *fieldOid)
139 {
140 CSSM_DATA_PTR fieldData1 = NULL;
141 CSSM_DATA_PTR fieldData2 = NULL;
142 CSSM_RETURN crtn;
143 CSSM_HANDLE resultHand1 = 0;
144 CSSM_HANDLE resultHand2 = 0;
145 uint32 numFields = 0;
146 int rtn;
147
148 crtn = CSSM_CL_CertGetFirstCachedFieldValue(
149 clHand,
150 cacheHand1,
151 fieldOid,
152 &resultHand1,
153 &numFields,
154 &fieldData1);
155 if(crtn) {
156 return crtn;
157 }
158 if(numFields != 1) {
159 printf("Fiedl not present; try another cert\n");
160 return 1;
161 }
162 crtn = CSSM_CL_CertGetFirstCachedFieldValue(
163 clHand,
164 cacheHand2,
165 fieldOid,
166 &resultHand2,
167 &numFields,
168 &fieldData2);
169 if(crtn) {
170 return crtn;
171 }
172 rtn = compareFields(fieldOid, fieldData1, fieldData2);
173 CSSM_CL_CertAbortQuery(clHand, resultHand1);
174 CSSM_CL_CertAbortQuery(clHand, resultHand2);
175 CSSM_CL_FreeFieldValue(clHand, fieldOid, fieldData1);
176 CSSM_CL_FreeFieldValue(clHand, fieldOid, fieldData2);
177 return rtn;
178 }
179
180 int getCachedFields(TestParams *testParams)
181 {
182 CSSM_RETURN crtn;
183 CSSM_HANDLE cacheHand1;
184 CSSM_HANDLE cacheHand2;
185 unsigned fieldNum;
186 unsigned loopNum;
187 CSSM_DATA cert;
188
189 for(loopNum=0; loopNum<testParams->numLoops; loopNum++) {
190 if(testParams->verbose) {
191 printf("getCachedFields loop %d\n", loopNum);
192 }
193 else if(!testParams->quiet) {
194 printChar(testParams->progressChar);
195 }
196
197 /* get two cached certs */
198 cert.Data = certData;
199 cert.Length = certLength;
200 crtn = CSSM_CL_CertCache(testParams->clHand, &cert, &cacheHand1);
201 if(crtn) {
202 printError("CSSM_CL_CertCache(1)", crtn);
203 return 1;
204 }
205 crtn = CSSM_CL_CertCache(testParams->clHand, &cert, &cacheHand2);
206 if(crtn) {
207 printError("CSSM_CL_CertCache(2)", crtn);
208 return 1;
209 }
210
211 /* grind thru the known OIDs */
212 for(fieldNum=0; fieldNum<NUM_FIELD_OIDS; fieldNum++) {
213 int rtn = checkOneField(testParams->clHand,
214 cacheHand1,
215 cacheHand2,
216 fieldOids[fieldNum]);
217 if(rtn) {
218 return 1;
219 }
220 }
221 CSSM_CL_CertAbortCache(testParams->clHand, cacheHand1);
222 CSSM_CL_CertAbortCache(testParams->clHand, cacheHand2);
223 /* leak debug */
224 #if DO_PAUSE
225 fpurge(stdin);
226 printf("Hit CR to continue: ");
227 getchar();
228 #endif
229 } /* outer loop */
230 return 0;
231 }
mirror of Security