]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
enhanced set_pkcs12_cred test.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 11 Jan 2014 10:20:17 +0000 (11:20 +0100)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 11 Jan 2014 10:20:17 +0000 (11:20 +0100)
tests/pkcs12-decode/Makefile.am
tests/pkcs12-decode/cert-ca.p12 [new file with mode: 0644]
tests/set_pkcs12_cred.c

index c08e4d9ae23cfb4902ba64cd52dda9136da70439..3ccaa1cd8c590d38b1ff1b77c2fae81fc73659fa 100644 (file)
@@ -20,7 +20,7 @@
 # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
 EXTRA_DIST = client.p12 noclient.p12 unclient.p12 pkcs12_2certs.p12 \
-       pkcs12_5certs.p12 test-null.p12
+       pkcs12_5certs.p12 test-null.p12 cert-ca.p12
 
 dist_check_SCRIPTS = pkcs12
 
diff --git a/tests/pkcs12-decode/cert-ca.p12 b/tests/pkcs12-decode/cert-ca.p12
new file mode 100644 (file)
index 0000000..cddde70
Binary files /dev/null and b/tests/pkcs12-decode/cert-ca.p12 differ
index 9381c3f659c664c4385de8ac445d598890f25964..edc4b1061d433d3670a4a970e8f0d5545d034d85 100644 (file)
@@ -34,11 +34,24 @@ static void tls_log_func(int level, const char *str)
        fprintf(stderr, "<%d>| %s", level, str);
 }
 
-#ifndef ENABLE_FIPS140
+typedef struct {
+       const char *file;
+       const char *pass;
+} files_st;
+
+files_st files[] = {
+       {"client.p12", "foobar"},
+       {"cert-ca.p12", "1234"}, /* 2 certs, one is a CA */
+       {"pkcs12_2certs.p12", ""}, /* 2 certs, on is unrelated */
+       {NULL, NULL}
+};
+
 void doit(void)
 {
        gnutls_certificate_credentials_t x509cred;
-       const char *file, *password;
+       const char *path;
+       unsigned int i;
+       char file[512];
        int ret;
 
        ret = global_init();
@@ -49,74 +62,37 @@ void doit(void)
        if (debug)
                gnutls_global_set_log_level(4711);
 
-       ret = gnutls_certificate_allocate_credentials(&x509cred);
-       if (ret < 0)
-               fail("gnutls_certificate_allocate_credentials failed %d\n",
-                    ret);
-
-       file = getenv("PKCS12FILE");
-       password = getenv("PKCS12PASSWORD");
-
-       if (!file)
-               file = "pkcs12-decode/client.p12";
-       if (!password)
-               password = "foobar";
-
-       if (debug)
-               success
-                   ("Reading PKCS#12 blob from `%s' using password `%s'.\n",
-                    file, password);
-       ret =
-           gnutls_certificate_set_x509_simple_pkcs12_file(x509cred, file,
-                                                          GNUTLS_X509_FMT_DER,
-                                                          password);
-       if (ret < 0)
-               fail("x509_pkcs12 failed %d: %s\n", ret,
-                    gnutls_strerror(ret));
-
-       if (debug)
-               success("Read file OK\n");
-
-       gnutls_certificate_free_credentials(x509cred);
+       for (i = 0; files[i].file != NULL; i++) {
 
-       /* try now if we can read correctly from a pkcs12 file that
-        * contains two certificates (one unrelated with key)
-        */
-       ret = gnutls_certificate_allocate_credentials(&x509cred);
-       if (ret < 0)
-               fail("gnutls_certificate_allocate_credentials failed %d\n",
-                    ret);
+               ret = gnutls_certificate_allocate_credentials(&x509cred);
+               if (ret < 0)
+                       fail("gnutls_certificate_allocate_credentials failed %d\n", ret);
 
-       file = getenv("PKCS12FILE_2");
-       password = getenv("PKCS12PASSWORD_2");
+               path = getenv("PKCS12PATH");
+               if (!path)
+                       path = "pkcs12-decode/";
 
-       if (!file)
-               file = "pkcs12-decode/pkcs12_2certs.p12";
-       if (!password)
-               password = "";
+               snprintf(file, sizeof(file), "%s/%s", path, files[i].file);
 
-       if (debug)
-               success
-                   ("Reading PKCS#12 blob from `%s' using password `%s'.\n",
-                    file, password);
-       ret =
-           gnutls_certificate_set_x509_simple_pkcs12_file(x509cred, file,
-                                                          GNUTLS_X509_FMT_DER,
-                                                          password);
-       if (ret < 0)
-               fail("x509_pkcs12 failed %d: %s\n", ret,
-                    gnutls_strerror(ret));
+               if (debug)
+                       success
+                           ("Reading PKCS#12 blob from `%s' using password `%s'.\n",
+                            file, files[i].pass);
+               ret =
+                   gnutls_certificate_set_x509_simple_pkcs12_file(x509cred,
+                                                                  file,
+                                                                  GNUTLS_X509_FMT_DER,
+                                                                  files[i].
+                                                                  pass);
+               if (ret < 0)
+                       fail("x509_pkcs12 failed %d: %s\n", ret,
+                            gnutls_strerror(ret));
 
-       if (debug)
-               success("Read file OK\n");
+               if (debug)
+                       success("Read file OK\n");
 
-       gnutls_certificate_free_credentials(x509cred);
+               gnutls_certificate_free_credentials(x509cred);
+       }
 
        gnutls_global_deinit();
 }
-#else
-void doit(void)
-{
-       exit(77);
-}
-#endif