+++ /dev/null
-/*
- * getCachedFields.cpp
- *
- * do a "CSSM_CL_CertGetFirstCachedFieldValue" 'n' times on a known good
- * cert; with a variety of fields; verify same results each time.
- */
-#include "testParams.h"
-#include <Security/cssm.h>
-#include <utilLib/common.h>
-#include <utilLib/cspwrap.h>
-#include <clAppUtils/clutils.h>
-#include <clAppUtils/tpUtils.h>
-#include <security_cdsa_utils/cuFileIo.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <time.h>
-#include <string.h>
-#include <Security/oidscert.h>
-#include <Security/x509defs.h>
-#include <Security/oidsattr.h>
-
-#define DO_PAUSE 0
-
-//static const char *CERT_FILE = "serverpremium.crt";
-static const char *CERT_FILE = "mypage.apple_v3.100.cer";
-
-#define NUM_INNER_LOOPS 10
-
-/* common data, our known good cert, shared by all threads */
-static unsigned char *certData = NULL;
-static unsigned certLength = 0;
-
-/*
- * Hard coded list of field OIDs to fetch
- */
-static const CSSM_OID *fieldOids[] =
-{
- &CSSMOID_X509V1Version,
- &CSSMOID_X509V1SubjectName,
- &CSSMOID_X509V1IssuerName,
- &CSSMOID_X509V1SerialNumber,
- &CSSMOID_X509V1ValidityNotBefore,
- &CSSMOID_X509V1ValidityNotAfter,
- &CSSMOID_X509V1Signature
- /* etc. */
-};
-#define NUM_FIELD_OIDS (sizeof(fieldOids) / sizeof(CSSM_OID *))
-
-
-/* read in our known good cert file, just once */
-int getCachedFieldsInit(TestParams *testParams)
-{
- if(certData != NULL) {
- return 0;
- }
- if(testParams->verbose) {
- printf("getFields thread %d: reading cert file %s...\n",
- testParams->threadNum, CERT_FILE);
- }
- if(readFile(CERT_FILE, &certData, &certLength)) {
- printf("Error reading %s; aborting\n", CERT_FILE);
- printf("***This test must be run from the clxutils/threadTest directory.\n");
- return 1;
- }
- return 0;
-}
-
-static int compareFields(
- const CSSM_OID *oid,
- const CSSM_DATA *val1,
- const CSSM_DATA *val2)
-{
- /* data length must match */
- if(val1->Length != val2->Length) {
- printf("***FieldValue.Length miscompare\n");
- return 1;
- }
-
- /*
- * The hard part. Most OIDs have some kind of C struct pointer in their
- * FieldValue.Data pointers, so comparison is on an oid-by-oid basis.
- * We'll just do the easy ones, and the ones we suspect may be causing
- * trouble.
- */
- if(appCompareCssmData(oid, &CSSMOID_X509V1Version)) {
- if(!appCompareCssmData(val1, val2)) {
- printf("***CSSMOID_X509V1Version mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1SerialNumber)) {
- if(!appCompareCssmData(val1, val2)) {
- printf("***CSSMOID_X509V1SerialNumber mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1ValidityNotBefore)) {
- CSSM_X509_TIME *cssmTime1 = (CSSM_X509_TIME *)val1->Data;
- CSSM_X509_TIME *cssmTime2 = (CSSM_X509_TIME *)val2->Data;
- if(!appCompareCssmData(&cssmTime1->time, &cssmTime2->time)) {
- printf("***CSSMOID_X509V1ValidityNotBefore mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1ValidityNotAfter)) {
- CSSM_X509_TIME *cssmTime1 = (CSSM_X509_TIME *)val1->Data;
- CSSM_X509_TIME *cssmTime2 = (CSSM_X509_TIME *)val2->Data;
- if(!appCompareCssmData(&cssmTime1->time, &cssmTime2->time)) {
- printf("***CSSMOID_X509V1ValidityNotAfter mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1CertificateIssuerUniqueId)) {
- if(!appCompareCssmData(val1, val2)) {
- printf("***CSSMOID_X509V1CertificateIssuerUniqueId mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1CertificateSubjectUniqueId)) {
- if(!appCompareCssmData(val1, val2)) {
- printf("***CSSMOID_X509V1CertificateSubjectUniqueId mismatch\n");
- return 1;
- }
- }
- else if(appCompareCssmData(oid, &CSSMOID_X509V1Signature)) {
- if(!appCompareCssmData(val1, val2)) {
- printf("***CSSMOID_X509V1Signature mismatch\n");
- return 1;
- }
- }
- return 0;
-}
-
-static int checkOneField(
- CSSM_CL_HANDLE clHand,
- CSSM_HANDLE cacheHand1,
- CSSM_HANDLE cacheHand2,
- const CSSM_OID *fieldOid)
-{
- CSSM_DATA_PTR fieldData1 = NULL;
- CSSM_DATA_PTR fieldData2 = NULL;
- CSSM_RETURN crtn;
- CSSM_HANDLE resultHand1 = 0;
- CSSM_HANDLE resultHand2 = 0;
- uint32 numFields = 0;
- int rtn;
-
- crtn = CSSM_CL_CertGetFirstCachedFieldValue(
- clHand,
- cacheHand1,
- fieldOid,
- &resultHand1,
- &numFields,
- &fieldData1);
- if(crtn) {
- return crtn;
- }
- if(numFields != 1) {
- printf("Fiedl not present; try another cert\n");
- return 1;
- }
- crtn = CSSM_CL_CertGetFirstCachedFieldValue(
- clHand,
- cacheHand2,
- fieldOid,
- &resultHand2,
- &numFields,
- &fieldData2);
- if(crtn) {
- return crtn;
- }
- rtn = compareFields(fieldOid, fieldData1, fieldData2);
- CSSM_CL_CertAbortQuery(clHand, resultHand1);
- CSSM_CL_CertAbortQuery(clHand, resultHand2);
- CSSM_CL_FreeFieldValue(clHand, fieldOid, fieldData1);
- CSSM_CL_FreeFieldValue(clHand, fieldOid, fieldData2);
- return rtn;
-}
-
-int getCachedFields(TestParams *testParams)
-{
- CSSM_RETURN crtn;
- CSSM_HANDLE cacheHand1;
- CSSM_HANDLE cacheHand2;
- unsigned fieldNum;
- unsigned loopNum;
- CSSM_DATA cert;
-
- for(loopNum=0; loopNum<testParams->numLoops; loopNum++) {
- if(testParams->verbose) {
- printf("getCachedFields loop %d\n", loopNum);
- }
- else if(!testParams->quiet) {
- printChar(testParams->progressChar);
- }
-
- /* get two cached certs */
- cert.Data = certData;
- cert.Length = certLength;
- crtn = CSSM_CL_CertCache(testParams->clHand, &cert, &cacheHand1);
- if(crtn) {
- printError("CSSM_CL_CertCache(1)", crtn);
- return 1;
- }
- crtn = CSSM_CL_CertCache(testParams->clHand, &cert, &cacheHand2);
- if(crtn) {
- printError("CSSM_CL_CertCache(2)", crtn);
- return 1;
- }
-
- /* grind thru the known OIDs */
- for(fieldNum=0; fieldNum<NUM_FIELD_OIDS; fieldNum++) {
- int rtn = checkOneField(testParams->clHand,
- cacheHand1,
- cacheHand2,
- fieldOids[fieldNum]);
- if(rtn) {
- return 1;
- }
- }
- CSSM_CL_CertAbortCache(testParams->clHand, cacheHand1);
- CSSM_CL_CertAbortCache(testParams->clHand, cacheHand2);
- /* leak debug */
- #if DO_PAUSE
- fpurge(stdin);
- printf("Hit CR to continue: ");
- getchar();
- #endif
- } /* outer loop */
- return 0;
-}
projects / apple / security.git / blobdiff