diff options
Diffstat (limited to 'tests/pkcs12')
-rw-r--r-- | tests/pkcs12/8956b9bc.0 | 59 | ||||
-rw-r--r-- | tests/pkcs12/CMakeLists.txt | 70 | ||||
-rw-r--r-- | tests/pkcs12/Invalidcrt.crt | 136 | ||||
-rw-r--r-- | tests/pkcs12/Testing.crt | 35 | ||||
-rw-r--r-- | tests/pkcs12/new_test_cases.cpp | 1532 | ||||
-rw-r--r-- | tests/pkcs12/pkcs12_test.cpp | 32 | ||||
-rw-r--r-- | tests/pkcs12/test.pfx | 35 | ||||
-rw-r--r-- | tests/pkcs12/wifi-server.pem | 18 | ||||
-rw-r--r-- | tests/pkcs12/wifiserver.pfx | bin | 0 -> 5188 bytes | |||
-rw-r--r-- | tests/pkcs12/wifiuser.p12 | bin | 0 -> 5328 bytes | |||
-rw-r--r-- | tests/pkcs12/without_pass.p12 | bin | 0 -> 1892 bytes |
11 files changed, 1917 insertions, 0 deletions
diff --git a/tests/pkcs12/8956b9bc.0 b/tests/pkcs12/8956b9bc.0 new file mode 100644 index 0000000..39105b5 --- /dev/null +++ b/tests/pkcs12/8956b9bc.0 @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 0 (0x0) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=KR, ST=Seoul, O=Samsung, OU=Tizen Test, CN=Test Root CA for PKCS12 Test/emailAddress=tt@gmail.com + Validity + Not Before: May 7 08:25:27 2015 GMT + Not After : May 4 08:25:27 2025 GMT + Subject: C=KR, ST=Seoul, O=Samsung, OU=Tizen Test, CN=Test Root CA for PKCS12 Test/emailAddress=tt@gmail.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:be:32:b4:73:08:76:e2:4a:1e:39:ac:43:31:20: + a6:5b:a2:a2:7c:95:c7:9a:1c:60:10:47:0e:d3:f0: + 50:52:6d:a2:a6:b2:b1:22:25:59:a3:7d:26:ab:3b: + b6:e5:4d:98:9e:47:f3:4f:b3:31:65:a1:16:72:71: + f9:56:64:7b:79:57:9e:f5:5f:d2:af:fa:14:fb:2d: + 3d:1f:40:e8:f7:1e:19:8c:d8:d5:9c:90:c7:f8:00: + 90:d2:a0:47:93:7b:2f:3a:38:7e:e3:f8:59:73:b7: + a4:06:f4:41:4a:0b:68:1e:2a:37:d5:de:91:55:6e: + d7:5c:7d:08:ee:be:1e:ba:1b + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 2C:2D:C8:DC:D0:F1:12:04:33:70:4A:4B:4F:DA:92:E0:4D:02:B2:F8 + X509v3 Authority Key Identifier: + keyid:2C:2D:C8:DC:D0:F1:12:04:33:70:4A:4B:4F:DA:92:E0:4D:02:B2:F8 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 91:7f:c8:cb:43:a6:e8:ee:47:9b:4b:31:c3:6f:c0:e5:3e:32: + 88:c8:4e:5d:96:85:20:8f:86:47:96:b7:c0:53:8d:4b:26:4b: + 01:2f:5a:4e:87:18:60:2c:25:d6:eb:d7:a9:74:44:bc:3f:60: + 7a:3b:14:7a:05:ca:f3:99:cb:d5:73:29:52:c5:b2:11:c0:ad: + e9:7a:c2:fd:c2:30:ac:f6:76:54:13:51:d6:d7:76:1d:56:58: + f0:c9:64:e1:cb:84:b8:af:65:f2:4a:dd:19:b5:05:03:ce:12: + 8a:9e:25:59:00:8b:d1:4f:25:87:66:bc:54:cc:d5:c8:43:5e: + 46:7c +-----BEGIN CERTIFICATE----- +MIIC2DCCAkGgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCS1Ix +DjAMBgNVBAgMBVNlb3VsMRAwDgYDVQQKDAdTYW1zdW5nMRMwEQYDVQQLDApUaXpl +biBUZXN0MSUwIwYDVQQDDBxUZXN0IFJvb3QgQ0EgZm9yIFBLQ1MxMiBUZXN0MRsw +GQYJKoZIhvcNAQkBFgx0dEBnbWFpbC5jb20wHhcNMTUwNTA3MDgyNTI3WhcNMjUw +NTA0MDgyNTI3WjCBiDELMAkGA1UEBhMCS1IxDjAMBgNVBAgMBVNlb3VsMRAwDgYD +VQQKDAdTYW1zdW5nMRMwEQYDVQQLDApUaXplbiBUZXN0MSUwIwYDVQQDDBxUZXN0 +IFJvb3QgQ0EgZm9yIFBLQ1MxMiBUZXN0MRswGQYJKoZIhvcNAQkBFgx0dEBnbWFp +bC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL4ytHMIduJKHjmsQzEg +pluionyVx5ocYBBHDtPwUFJtoqaysSIlWaN9Jqs7tuVNmJ5H80+zMWWhFnJx+VZk +e3lXnvVf0q/6FPstPR9A6PceGYzY1ZyQx/gAkNKgR5N7Lzo4fuP4WXO3pAb0QUoL +aB4qN9XekVVu11x9CO6+HrobAgMBAAGjUDBOMB0GA1UdDgQWBBQsLcjc0PESBDNw +SktP2pLgTQKy+DAfBgNVHSMEGDAWgBQsLcjc0PESBDNwSktP2pLgTQKy+DAMBgNV +HRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4GBAJF/yMtDpujuR5tLMcNvwOU+MojI +Tl2WhSCPhkeWt8BTjUsmSwEvWk6HGGAsJdbr16l0RLw/YHo7FHoFyvOZy9VzKVLF +shHArel6wv3CMKz2dlQTUdbXdh1WWPDJZOHLhLivZfJK3Rm1BQPOEoqeJVkAi9FP +JYdmvFTM1chDXkZ8 +-----END CERTIFICATE----- diff --git a/tests/pkcs12/CMakeLists.txt b/tests/pkcs12/CMakeLists.txt new file mode 100644 index 0000000..50d2d84 --- /dev/null +++ b/tests/pkcs12/CMakeLists.txt @@ -0,0 +1,70 @@ +# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Jacek Migacz (j.migacz@samsung.com) +# @version 1.0 +# @brief This package provides bacis check of internal OpenSSL's PKCS#12 routines. +# + +SET(PKCS12_TEST_SOURCES + ${PROJECT_SOURCE_DIR}/tests/pkcs12/pkcs12_test.cpp + ${PROJECT_SOURCE_DIR}/tests/pkcs12/new_test_cases.cpp + ) + +INCLUDE_DIRECTORIES( + ${PROJECT_SOURCE_DIR}/vcore/src + ${PROJECT_SOURCE_DIR}/tests/pkcs12 + ) + +ADD_EXECUTABLE(${TARGET_PKCS12_TEST} ${PKCS12_TEST_SOURCES}) + +TARGET_LINK_LIBRARIES(${TARGET_PKCS12_TEST} + ${TARGET_VCORE_LIB} + ${VCORE_TEST_DEP_LIBRARIES} + -ldl + ) + +INSTALL(TARGETS ${TARGET_PKCS12_TEST} + DESTINATION ${TZ_SYS_BIN} + PERMISSIONS OWNER_READ + OWNER_WRITE + OWNER_EXECUTE + GROUP_READ + GROUP_EXECUTE + WORLD_READ + WORLD_EXECUTE + ) + + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/tests/pkcs12/without_pass.p12 + DESTINATION ${TZ_SYS_RO_APP}/widget/tests/pkcs12/ +) + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/tests/pkcs12/without_pass.p12 + ${PROJECT_SOURCE_DIR}/tests/pkcs12/Invalidcrt.crt + ${PROJECT_SOURCE_DIR}/tests/pkcs12/Testing.crt + ${PROJECT_SOURCE_DIR}/tests/pkcs12/test.pfx + ${PROJECT_SOURCE_DIR}/tests/pkcs12/wifi-server.pem + ${PROJECT_SOURCE_DIR}/tests/pkcs12/wifiserver.pfx + ${PROJECT_SOURCE_DIR}/tests/pkcs12/wifiuser.p12 + DESTINATION ${TZ_SYS_SHARE}/cert-svc/tests/ +) + +INSTALL(FILES + ${PROJECT_SOURCE_DIR}/tests/pkcs12/8956b9bc.0 + DESTINATION ${TZ_SYS_ETC}/ssl/certs/ +) diff --git a/tests/pkcs12/Invalidcrt.crt b/tests/pkcs12/Invalidcrt.crt new file mode 100644 index 0000000..6ac004f --- /dev/null +++ b/tests/pkcs12/Invalidcrt.crt @@ -0,0 +1,136 @@ + +package android.app.enterprise; + +import android.app.enterprise.BasePolicyParams.PolicyState; +import android.os.Parcel; +import android.os.Parcelable; + +public class WifiAdminProfile implements Parcelable { + + /** Wifi networks SSID */ + public String ssid = null; + + /** Pre-shared key for WPA-PSK network type */ + public String psk = null; + + /** User password for 802.1x EAP network type */ + public String password = null; + + /** Wifi network security type */ + public String security = null; + + /** Default WEP key index (0 to 3) */ + public int wepKeyId = -1; + + /** WEP key 1 (default wepKeyId should be 0)*/ + public String wepKey1 = null; + + /** WEP key 2 (default wepKeyId should be 1) */ + public String wepKey2 = null; + + /** WEP key 3 (default wepKeyId should be 2) */ + public String wepKey3 = null; + + /** WEP key 4 (default wepKeyId should be 3) */ + public String wepKey4 = null; + + /** User identity for 802.1x EAP network type */ + public String userIdentity = null; + + /** User anonymous identity for 802.1x EAP network type */ + public String anonymousIdentity = null; + + /** Phase 2 authentication type for 802.1x EAP network type */ + public String phase2 = null; + + /** Client (User) certicate for 802.1x EAP/TLS network type */ + public String clientCertification = null; + + /** CA certicate for 802.1x EAP/TLS network type */ + public String caCertificate = null; + + /** Private key for 802.1x EAP/TLS network type */ + public String privateKey = null; + + /** Common names used to match server certificate for 802.1x EAP/TLS network type + * Use ";" as separator for name list + */ + public String cnMatchList = null; + + /** SHA-1 fingerprints used to match server certificate for 802.1x EAP/TLS network type + * Use ";" as separator for name list + */ + public String fingerprintMatchList = null; + + /** Allow dynamic certificate authentication*/ + public PolicyState allowDynamicTrust = PolicyState.DEFAULT; + + public void writeToParcel(Parcel dest, int flags) { + dest.writeString(ssid); + dest.writeString(psk); + dest.writeString(password); + dest.writeString(security); + dest.writeInt(wepKeyId); + dest.writeString(wepKey1); + dest.writeString(wepKey2); + dest.writeString(wepKey3); + dest.writeString(wepKey4); + dest.writeString(userIdentity); + dest.writeString(anonymousIdentity); + dest.writeString(phase2); + dest.writeString(clientCertification); + dest.writeString(caCertificate); + dest.writeString(privateKey); + dest.writeString(cnMatchList); + dest.writeString(fingerprintMatchList); + dest.writeInt(allowDynamicTrust.ordinal()); + } + + public WifiAdminProfile() { + // do nothing + } + + private WifiAdminProfile(Parcel in) { + ssid = in.readString(); + psk = in.readString(); + password = in.readString(); + security = in.readString(); + wepKeyId = in.readInt(); + wepKey1 = in.readString(); + wepKey2 = in.readString(); + wepKey3 = in.readString(); + wepKey4 = in.readString(); + userIdentity = in.readString(); + anonymousIdentity = in.readString(); + phase2 = in.readString(); + clientCertification = in.readString(); + caCertificate = in.readString(); + privateKey = in.readString(); + cnMatchList = in.readString(); + fingerprintMatchList = in.readString(); + allowDynamicTrust = PolicyState.valueOf(in.readInt()); + } + + public static final Parcelable.Creator<WifiAdminProfile> CREATOR = new Parcelable.Creator<WifiAdminProfile>() { + public WifiAdminProfile createFromParcel(Parcel in) { + return new WifiAdminProfile(in); + } + + public WifiAdminProfile[] newArray(int size) { + return new WifiAdminProfile[size]; + } + }; + + @Override + public int describeContents() { + return 0; + } + + public PolicyState booleanToEnum(String text) { + if (Boolean.parseBoolean(text)) { + return PolicyState.TRUE; + } + // else: + return PolicyState.FALSE; + } +} diff --git a/tests/pkcs12/Testing.crt b/tests/pkcs12/Testing.crt new file mode 100644 index 0000000..35e2689 --- /dev/null +++ b/tests/pkcs12/Testing.crt @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 +IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB +IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA +Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS +BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v +cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9 +4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB +Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J +0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ +FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx +bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q +SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb +6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV +m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g +eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG +kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7 +6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG +CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc +aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB +gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w +aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6 +tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0 +nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M +77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV +Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L +ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM +zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU +rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF +YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT +oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu +FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB +0m6lG5kngOcLqagA +-----END CERTIFICATE----- diff --git a/tests/pkcs12/new_test_cases.cpp b/tests/pkcs12/new_test_cases.cpp new file mode 100644 index 0000000..2b32898 --- /dev/null +++ b/tests/pkcs12/new_test_cases.cpp @@ -0,0 +1,1532 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file new_test_cases.cpp + * @author Madhan A K (madhan.ak@samsung.com) + * @version 1.0 + * @brief PKCS#12 test cases. + */ + +#include <string.h> +#include <unistd.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <dpl/test/test_runner.h> +#include <cert-svc/cinstance.h> +#include <cert-svc/ccert.h> +#include <glib.h> +#ifdef TIZEN_FEATURE_CERT_SVC_OCSP_CRL +#include <cert-svc/ccrl.h> +#include <cert-svc/cocsp.h> +#endif +#include <cert-svc/cpkcs12.h> +#include <cert-svc/cerror.h> +#include <cert-svc/cprimitives.h> +#include <cert-service.h> +#include <cert-service-debug.h> +#include <openssl/err.h> +#include <openssl/pkcs12.h> +#include <openssl/sha.h> +#include <openssl/x509.h> +#include <openssl/pem.h> +#include <time.h> + +static CertSvcInstance instance; + +#define CREATE_INSTANCE \ + certsvc_instance_new(&instance); +#define FREE_INSTANCE \ + certsvc_instance_free(instance); + +/* Getting the certificate list from system_store */ +RUNNER_TEST(CERTSVC_PKCS12_1001_certsvc_get_root_cert_list) { + + CertStoreType storeType = SYSTEM_STORE; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + int length = 0; + int result; + int count = 0; + CREATE_INSTANCE + + //start time + clock_t tic = clock(); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + clock_t toc = clock(); + //time end + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmpNode = tmpNode->next; + } + + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled in system store and get the status */ +RUNNER_TEST(CERTSVC_PKCS12_1002_certsvc_set_cert_to_disabled_and_get_status_for_system_store) { + + char *gname = "Certum_Root_CA.pem"; + CertStoreType storeType = SYSTEM_STORE; + CertStatus Status; + int status = -1; + int result; + CertSvcString Alias; + + CREATE_INSTANCE + + Alias.privateHandler = gname; + Alias.privateLength = strlen((const char*)gname); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + // if status is already disabled, roll it back to enable and go on + if (status == DISABLED) { + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, ENABLED); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Roll back certificate status to system store failed."); + } + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + FREE_INSTANCE +} + +/* Install a CRT file to individual stores */ +RUNNER_TEST(CERTSVC_PKCS12_1003_add_pem_file_in_individual_store) { + + char path[] = "/usr/share/cert-svc/tests/wifi-server.pem"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + char* pass = NULL; + CertStoreType type; + int result; + int length = 0; + int count = 0; + + CertSvcStoreCertList* certList1 = NULL; + CertSvcString buffer1, gname; + CertSvcString buffer2; + const char *temp = NULL; + CertSvcCertificate certificate; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Pass.privateHandler = pass; + Path.privateHandler = path; + Path.privateLength = strlen(path); + + type = WIFI_STORE; + Alias.privateHandler = "PEM-wifi-server-1"; + Alias.privateLength = strlen(Alias.privateHandler); + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PEM file to WIFI store failed."); + + type = VPN_STORE; + Alias.privateHandler = "PEM-wifi-server-2"; + Alias.privateLength = strlen(Alias.privateHandler); + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PEM file to VPN store failed."); + + type = EMAIL_STORE; + Alias.privateHandler = "PEM-wifi-server-3"; + Alias.privateLength = strlen(Alias.privateHandler); + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PEM file to EMAIL store failed."); + + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + + } + + certList = NULL; + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + certList1=certList; + count = 0; + while(certList!=NULL) + { + gname.privateHandler = (char *)certList->gname; + gname.privateLength = strlen(certList->gname); + result = certsvc_pkcs12_get_certificate_from_store(instance, certList->storeType, certList->gname, &certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get certificate from store."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_SUBJECT, &buffer1); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_ISSUER_COMMON_NAME, &buffer2); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer1, &temp, &length); + certsvc_string_to_cstring(buffer2, &temp, &length); + + certsvc_string_free(buffer1); + certsvc_string_free(buffer2); + certsvc_certificate_free(certificate); + certList = certList->next; + count++; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList1); + if (certList1 != NULL) + + certList=NULL; + certList1=NULL; + + FREE_INSTANCE +} + +/* Installing pem file in all store at once */ +RUNNER_TEST(CERTSVC_PKCS12_1004_add_pem_file_in_all_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifi-server.pem"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + char* pass = NULL; + char *alias = "PEM-wifi-server-all-store"; + CertStoreType type; + int result; + int count = 0; + int length = 0; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = pass; + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + type = (CertStoreType) (VPN_STORE | EMAIL_STORE | WIFI_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PEM file to all store failed."); + + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +/* Install a CRT file to individual stores */ +RUNNER_TEST(CERTSVC_PKCS12_1005_add_crt_file_in_individual_store) { + + const char path[] = "/usr/share/cert-svc/tests/Testing.crt"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + char* pass = NULL; + char *alias = "CRT-TestingCRT1"; + CertStoreType type; + int result; + int length = 0; + int count = 0; + + CertSvcStoreCertList* certList1 = NULL; + CertSvcString buffer1, gname; + CertSvcString buffer2; + const char *temp = NULL; + CertSvcCertificate certificate; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = pass; + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + type = WIFI_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing CRT file to WIFI store failed."); + + type = VPN_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing CRT file to VPN store failed."); + + type = EMAIL_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing CRT file to EMAIL store failed."); + + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + certList = NULL; + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + certList1=certList; + count = 0; + while(certList!=NULL) + { + gname.privateHandler = (char *)certList->gname; + gname.privateLength = strlen(certList->gname); + result = certsvc_pkcs12_get_certificate_from_store(instance, certList->storeType, certList->gname, &certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get certificate from store."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_SUBJECT, &buffer1); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_ISSUER_COMMON_NAME, &buffer2); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer1, &temp, &length); + certsvc_string_to_cstring(buffer2, &temp, &length); + + certsvc_string_free(buffer1); + certsvc_string_free(buffer2); + certsvc_certificate_free(certificate); + certList = certList->next; + count++; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList1); + certList=NULL; + certList1=NULL; + + FREE_INSTANCE +} + +/* Install a CRT file to all store at once */ +RUNNER_TEST(CERTSVC_PKCS12_1006_add_crt_file_in_all_store) { + + const char path[] = "/usr/share/cert-svc/tests/Testing.crt"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + char* pass = NULL; + char *alias = "CRT-TestingCRT1-all-store"; + CertStoreType type; + int result; + int count = 0; + int length = 0; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = pass; + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + type = (CertStoreType )(WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing CRT file to all store failed."); + + type = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, type, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + + } + + FREE_INSTANCE +} + +/* Import a P12 file to individual store */ +RUNNER_TEST(CERTSVC_PKCS12_1007_install_p12_file_to_individual_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifiuser.p12"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + const char pass[] = "wifi"; + char *alias = "P12-WifiUser"; + CertStoreType storeType; + int result; + int length = 0; + int count = 0; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + +/* + result = certsvc_pkcs12_import_from_file(instance, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result == CERTSVC_SUCCESS, "certsvc_pkcs12_import_from_file failed."); +*/ + + storeType = WIFI_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing p12 file to WIFI store failed."); + + storeType = VPN_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing p12 file to VPN store failed."); + + storeType = EMAIL_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing p12 file to EMAIL store failed."); + + storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +/* Import a P12 file to all store */ +RUNNER_TEST(CERTSVC_PKCS12_1008_install_p12_file_to_all_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifiuser.p12"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + const char pass[] = "wifi"; + char *alias = "P12-WifiUser-all-store"; + CertStoreType storeType; + int result; + int length = 0; + int count =0; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + storeType = (CertStoreType )(WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing p12 file to WIFI store failed."); + + storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +/* Import a P12 file to individual store */ +RUNNER_TEST(CERTSVC_PKCS12_1009_install_pfx_file_to_individual_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifiserver.pfx"; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + const char pass[] = "wifi"; + char *alias = "PFX-WifiServer"; + CertStoreType storeType; + int result; + int count = 0; + int length = 0; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + storeType = WIFI_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + storeType = VPN_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to VPN store failed."); + + storeType = EMAIL_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to EMAIL store failed."); + + storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +RUNNER_TEST(CERTSVC_PKCS12_1010_install_pfx_file_to_all_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifiserver.pfx"; + const char pass[] = "wifi"; + char *alias = "PFX-WifiServer-all-store"; + CertStoreType storeType; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + int length = 0; + int count = 0; + int result; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + storeType = (CertStoreType) (VPN_STORE | EMAIL_STORE | WIFI_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + + FREE_INSTANCE +} + +/* Getting all end user & root certificate list from WIFI,VPN,EMAIL store */ +RUNNER_TEST(CERTSVC_PKCS12_1011_get_all_end_user_certificate_from_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertStoreType storeType = (CertStoreType) (WIFI_STORE); + int result; + int length; + + CREATE_INSTANCE + + result = certsvc_pkcs12_get_end_user_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + storeType = (CertStoreType) (VPN_STORE); + result = certsvc_pkcs12_get_end_user_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + storeType = (CertStoreType) (EMAIL_STORE); + result = certsvc_pkcs12_get_end_user_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + storeType = (CertStoreType) (WIFI_STORE); + result = certsvc_pkcs12_get_root_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + storeType = (CertStoreType) (VPN_STORE); + result = certsvc_pkcs12_get_root_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + storeType = (CertStoreType) (EMAIL_STORE); + result = certsvc_pkcs12_get_root_certificate_list_from_store(instance, storeType, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting end user certificate list from store failed."); + tmpNode=certList; + while(tmpNode!=NULL) + { + tmpNode = tmpNode->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList = NULL; + tmpNode = NULL; + + FREE_INSTANCE +} + +/* Delete all certificate from WIFI,VPN,EMAIL store */ +RUNNER_TEST(CERTSVC_PKCS12_1012_delete_all_cert_from_multiple_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* certList1 = NULL; + CertStoreType storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + int result; + int length; + CertSvcString gname; + + CREATE_INSTANCE + + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + certList1=certList; + while(certList1!=NULL) + { + gname.privateHandler = (char *)certList1->gname; + gname.privateLength = strlen(certList1->gname); + result = certsvc_pkcs12_delete_certificate_from_store(instance, (CertStoreType) certList1->storeType, gname); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Deleting certificate from store failed."); + certList1 = certList1->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + certList=NULL; + + FREE_INSTANCE +} + +/* Import the file to one store and try to get the certlist from all store */ +RUNNER_TEST(CERTSVC_PKCS12_1013_install_pfx_file_to_one_store_and_get_list_from_multiple_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifiserver.pfx"; + const char pass[] = "wifi"; + char *alias = "PFX-WifiServer-one-store"; + CertStoreType storeType; + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + CertSvcStoreCertList* tmp = NULL; + int length = 0; + int count = 0; + int result = -1; + gboolean exists = FALSE; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + storeType = (CertStoreType) (VPN_STORE | WIFI_STORE | EMAIL_STORE); + result = certsvc_pkcs12_check_alias_exists_in_store(instance, storeType, Alias, &exists); + if (exists==TRUE) { + /* installing the pfx in one store and getting the list from multiple store */ + storeType = (CertStoreType) ( EMAIL_STORE ); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + storeType = (CertStoreType) ( VPN_STORE | WIFI_STORE ); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + storeType = (CertStoreType) ( VPN_STORE | WIFI_STORE | EMAIL_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from system store failed"); + + if(result == CERTSVC_SUCCESS) + { + tmpNode = certList; + while(tmpNode != NULL) + { + count++; + tmp = tmpNode; + tmpNode = tmpNode->next; + } + result = certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Freeing certificate list from system store failed"); + } + } + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled and trying to delete store */ +RUNNER_TEST(CERTSVC_PKCS12_1014_installing_pfx_without_password_to_individual_store) { + + const char path[] = "/usr/share/cert-svc/tests/without_pass.p12"; + const char pass[] = ""; + char *alias = "PFX-WifiServer-without-password"; + CertStoreType storeType; + int result; + gboolean exists = FALSE; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + storeType = (CertStoreType) (VPN_STORE | WIFI_STORE | EMAIL_STORE); + result = certsvc_pkcs12_check_alias_exists_in_store(instance, storeType, Alias, &exists); + if (exists==TRUE) { + storeType = (CertStoreType) (VPN_STORE | WIFI_STORE | EMAIL_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + } + + FREE_INSTANCE +} + +/* Get certificate from WIFI,VPN,EMAIL store */ +RUNNER_TEST(CERTSVC_PKCS12_1015_get_certificate_from_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* certList1 = NULL; + CertStoreType storeType = (CertStoreType) (WIFI_STORE | VPN_STORE | EMAIL_STORE); + int result; + int length; + CertSvcString buffer1, gname; + CertSvcString buffer2; + const char *temp = NULL; + CertSvcCertificate certificate; + + CREATE_INSTANCE + + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + certList1=certList; + while(certList!=NULL) + { + gname.privateHandler = (char *)certList->gname; + gname.privateLength = strlen(certList->gname); + result = certsvc_pkcs12_get_certificate_from_store(instance, certList->storeType, certList->gname, &certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get certificate from store."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_SUBJECT, &buffer1); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer1, &temp, &length); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_ISSUER_COMMON_NAME, &buffer2); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer2, &temp, &length); + + certsvc_string_free(buffer1); + certsvc_string_free(buffer2); + certsvc_certificate_free(certificate); + certList = certList->next; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList1); + certList=NULL; + certList1=NULL; + + FREE_INSTANCE +} + +/* Get certificate from system store */ +RUNNER_TEST(CERTSVC_PKCS12_1016_get_certificate_from_system_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* certList1 = NULL; + CertStoreType storeType = (CertStoreType) (SYSTEM_STORE); + int result = CERTSVC_SUCCESS; + int length = 0; + int count = 0; + CertSvcString buffer1, gname; + CertSvcString buffer2; + const char *temp = NULL; + CertSvcCertificate certificate; + + CREATE_INSTANCE + + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + certList1=certList; + while(certList!=NULL) + { + gname.privateHandler = (char *)certList->gname; + gname.privateLength = strlen(certList->gname); + result = certsvc_pkcs12_get_certificate_from_store(instance, certList->storeType, certList->gname, &certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get certificate from store."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_SUBJECT, &buffer1); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + result = certsvc_certificate_get_string_field(certificate, CERTSVC_ISSUER_COMMON_NAME, &buffer2); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer1, &temp, &length); + certsvc_string_to_cstring(buffer2, &temp, &length); + + certsvc_string_free(buffer1); + certsvc_string_free(buffer2); + certsvc_certificate_free(certificate); + certList = certList->next; + count++; + } + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &certList1); + + certList=NULL; + certList1=NULL; + + FREE_INSTANCE +} + +/* Load certificate list form store for a certificate */ +RUNNER_TEST(CERTSVC_PKCS12_1017_load_cert_list_from_store) { + + CertStoreType storeType; + CertSvcCertificateList certList; + CertSvcStoreCertList* certList1 = NULL; + CertSvcCertificate cert; + int result = CERTSVC_SUCCESS; + int length = 0; + int i=0; + int certListlength = 0; + const char *temp = NULL; + CertSvcString buffer1,buffer2, gname; + + CREATE_INSTANCE + + storeType = (CertStoreType) (VPN_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList1, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + while(certList1!=NULL) + { + gname.privateHandler = (char *)certList1->gname; + gname.privateLength = strlen(certList1->gname); + + result = certsvc_pkcs12_load_certificate_list_from_store(instance, storeType, gname, &certList); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Load certificate list form store failed."); + + result = certsvc_certificate_list_get_length(certList, &certListlength); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate list get length failed."); + + for(i=0; i<certListlength; i++) + { + result = certsvc_certificate_list_get_one(certList, i, &cert); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "certsvc_certificate_list_get_one returned not CERTSVC_SUCCESS"); + + result = certsvc_certificate_get_string_field(cert, CERTSVC_SUBJECT, &buffer1); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer1, &temp, &length); + + result = certsvc_certificate_get_string_field(cert, CERTSVC_ISSUER_COMMON_NAME, &buffer2); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to get string field."); + + certsvc_string_to_cstring(buffer2, &temp, &length); + } + break; // Should run for only one time // + } + + FREE_INSTANCE +} + +/* Load certificate list form store for a certificate */ +RUNNER_TEST(CERTSVC_PKCS12_1018_get_duplicate_private_key) { + + CertStoreType storeType; + CertSvcStoreCertList* certList1 = NULL; + FILE *fp = NULL; + int result = CERTSVC_SUCCESS; + int length = 0; + CertSvcString gname; + gchar *privatekey_path = NULL; + EVP_PKEY *privatekey = NULL; + + CREATE_INSTANCE + + storeType = (CertStoreType) (VPN_STORE); + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList1, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + while(certList1!=NULL) + { + gname.privateHandler = (char *)certList1->gname; + gname.privateLength = strlen(certList1->gname); + result = certsvc_pkcs12_dup_evp_pkey_from_store(instance, storeType, gname, &privatekey); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting duplicate private key from store failed."); + + privatekey_path = g_strdup_printf("%s", "/usr/share/cert-svc/pkcs12/temp.txt"); + if ((fp = fopen(privatekey_path, "w")) == NULL) { + result = CERTSVC_FAIL; + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to open file for writing."); + } + + result = PEM_write_PrivateKey(fp, privatekey, NULL, NULL, 0, NULL, NULL); + RUNNER_ASSERT_MSG(result!=0, "Failed to write private key onto file."); + fclose(fp); + + certsvc_pkcs12_free_evp_pkey(privatekey); + + break; // Should run for only one time // + } + + FREE_INSTANCE +} + +/* Get certificate from system store */ +RUNNER_TEST(CERTSVC_PKCS12_1019_check_alias_exists) { + + char *alias = "PFX-WifiServer-without-password"; + CertStoreType storeType; + int result = CERTSVC_SUCCESS; + gboolean exists = FALSE; + + CREATE_INSTANCE + CertSvcString Alias; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + storeType = (CertStoreType) (VPN_STORE | WIFI_STORE | EMAIL_STORE); + result = certsvc_pkcs12_check_alias_exists_in_store(instance, storeType, Alias, &exists); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled in wifi,vpn,email store */ +RUNNER_TEST(CERTSVC_PKCS12_1020_certsvc_set_cert_to_disabled_and_get_status_for_individual_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + int array[3]={VPN_STORE,WIFI_STORE,EMAIL_STORE}; + int result = CERTSVC_SUCCESS; + CertSvcString Alias; + CertStatus Status; + int status = -1; + int length = 0; + int count = 0; + int i; + + CREATE_INSTANCE + + for(int j=0;j<3;j++) + { + i = array[j]; + + result = certsvc_pkcs12_get_certificate_list_from_store(instance, (CertStoreType)i, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + tmpNode = certList; + while(certList!=NULL) + { + count++; + Alias.privateHandler = certList->gname; + Alias.privateLength = strlen((const char*)certList->gname); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + certList = certList->next; + } + + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &tmpNode); + } + + FREE_INSTANCE +} + +/* Negative test case */ +/* Install a PEM file to invalid store */ +RUNNER_TEST(CERTSVC_PKCS12_1021_add_pem_file_to_invalid_store) { + + const char path[] = "/usr/share/cert-svc/tests/wifi-server.pem"; + char* pass = NULL; + char *alias = "PFX-WifiServer-one-store"; + int result; + CertStoreType storeType = (CertStoreType) (-1); + CertSvcString Alias, Path, Pass; + + CREATE_INSTANCE + + Alias.privateHandler = alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = pass; + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_INVALID_STORE_TYPE, "Importing certifcate with existing alias to WIFI store failed."); + + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_INVALID_STORE_TYPE, "Importing certifcate with existing alias to VPN store failed."); + + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result==CERTSVC_INVALID_STORE_TYPE, "Importing certifcate with existing alias to EMAIL store failed."); + + /* Installing a PEM certificate to system store should fail */ + storeType = SYSTEM_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PEM file to EMAIL store failed."); + + /* Removing certificate to system store should fail */ + result = certsvc_pkcs12_delete_certificate_from_store(instance, storeType, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Deleting certificate from store failed."); + + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled from invalid store */ +RUNNER_TEST(CERTSVC_PKCS12_1022_certsvc_set_cert_to_disabled_and_get_status_for_invalid_store) { + + char* gname = "eb375c3e.0"; + CertStoreType storeType = (CertStoreType) (DISABLED); + CertStatus Status; + int status = -1; + int result; + CertSvcString Alias; + + CREATE_INSTANCE + + Alias.privateHandler = gname; + Alias.privateLength = strlen((const char*)gname); + + /* getting status from a invalid store should fail */ + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + /* setting status to a invalid store should fail */ + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + /* getting status from a invalid store should fail */ + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + /* setting status to a invalid store should fail */ + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + /* setting status to a invalid store should fail */ + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled in wifi,vpn,email store */ +RUNNER_TEST(CERTSVC_PKCS12_1023_certsvc_set_cert_to_disabled_and_get_status_for_invalid_store) { + + CertStoreType storeType = (CertStoreType) (0); + CertSvcStoreCertList* certList = NULL; + CertStatus Status; + int status = -1; + int length; + int result; + CertSvcString Alias; + + CREATE_INSTANCE + + /* Getting certificate list from invalid store should fail */ + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Getting certificate list from store failed."); + while(certList!=NULL) + { + Alias.privateHandler = certList->gname; + Alias.privateLength = strlen((const char*)certList->gname); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, storeType, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, storeType, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + certList = certList->next; + } + + FREE_INSTANCE +} + +/* Intsalling an invalid crt file to valid store & invalid store*/ +RUNNER_TEST(CERTSVC_PKCS12_1024_certsvc_set_and_get_for_invalid_store) { + + const char path[] = "/usr/share/cert-svc/tests/Invalidcrt.crt"; + char* pass = NULL; + char *alias = "TestingCRT1"; + CertStoreType type; + int result; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = pass; + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + /* Installing an invalid CRT file to valid store should fail */ + type = WIFI_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing CRT file to WIFI store failed."); + + /* Installing an invalid CRT file to valid store should fail */ + type = VPN_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing CRT file to VPN store failed."); + + /* Installing an invalid CRT file to valid store should fail */ + type = EMAIL_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing CRT file to EMAIL store failed."); + + /* Installing an invalid CRT file to valid store should fail */ + type = (CertStoreType) 0; + result = certsvc_pkcs12_import_from_file_to_store(instance, type, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing CRT file to EMAIL store failed."); + + FREE_INSTANCE +} + +/* Import a invalid P12 file to individual and all store */ +RUNNER_TEST(CERTSVC_PKCS12_1025_install_invalid_pfx_file_to_individual_and_all_store) { + + const char path[] = "/usr/share/cert-svc/tests/test.pfx"; + const char pass[] = "wifi"; + char *alias = "WifiServer-123"; + CertStoreType storeType; + int result; + + CREATE_INSTANCE + CertSvcString Alias, Path, Pass; + + Alias.privateHandler = (char *)alias; + Alias.privateLength = strlen(alias); + Pass.privateHandler = (char *)pass; + Pass.privateLength = strlen(pass); + Path.privateHandler = (char *)path; + Path.privateLength = strlen(path); + + /* importing p12/pfx to system store should fail */ + storeType = SYSTEM_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + /* Importing invalid pfx file to valid store should fail */ + storeType = WIFI_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PFX file to WIFI store failed."); + + /* Importing invalid pfx file to valid store should fail */ + storeType = VPN_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PFX file to VPN store failed."); + + /* Importing invalid pfx file to valid store should fail */ + storeType = EMAIL_STORE; + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PFX file to EMAIL store failed."); + + /* Importing invalid pfx file to valid store should fail */ + storeType = (CertStoreType) (EMAIL_STORE | VPN_STORE | WIFI_STORE); + result = certsvc_pkcs12_import_from_file_to_store(instance, storeType, Path, Pass, Alias); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Importing PFX file to EMAIL store failed."); + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled in wifi,vpn,email store */ +RUNNER_TEST(CERTSVC_PKCS12_1026_deleting_a_certificate_from_invalid_store) { + + CertStoreType storeType = (CertStoreType) (WIFI_STORE); + CertSvcStoreCertList* certList = NULL; + CertStatus Status; + int status = -1; + int length; + int result; + CertSvcString Alias; + + CREATE_INSTANCE + + /* Getting certificate list from invalid store should fail */ + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + while(certList!=NULL) + { + Alias.privateHandler = certList->gname; + Alias.privateLength = strlen((const char*)certList->gname); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)-1, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)-1, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)-1, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)-1, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Set certificate status to system store failed."); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)-1, Alias, &status); + RUNNER_ASSERT_MSG(result!=CERTSVC_SUCCESS, "Get certificate status from system store failed."); + + certList = certList->next; + } + + FREE_INSTANCE +} + +#define EAP_TLS_USER_CERT_PATH "user_cert.pem" +#define EAP_TLS_PATH "/tmp/" +#define EAP_TLS_CA_CERT_PATH "ca_cert.pem" +#define EAP_TLS_PRIVATEKEY_PATH "privatekey.pem" + +/* Set the status of the certificate to disabled/enabled in wifi,vpn,email store */ +RUNNER_TEST(CERTSVC_PKCS12_1027_get_alias_name_from_gname_from_store) { + + CertStoreType storeType = (CertStoreType) (WIFI_STORE); + CertSvcStoreCertList* certList = NULL; + CertSvcCertificate user_certificate; + CertSvcCertificateList cert_list; + CertSvcCertificate ca_certificate; + CertSvcCertificate *selected_certificate = NULL; + int length; + int result; + int count=1; + int validity; + int cert_counts = 0; + CertSvcString Alias; + char *alias = NULL; + X509 *x509 = NULL; + FILE *fp = NULL; + EVP_PKEY *privatekey = NULL; + gchar *privatekey_path = NULL; + gchar *ca_cert_path = NULL; + gchar *user_cert_path = NULL; + int cert_index = 0; + + CREATE_INSTANCE + + /* Getting certificate list from invalid store should fail */ + result = certsvc_pkcs12_get_certificate_list_from_store(instance, storeType, DISABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + while(certList!=NULL) { + Alias.privateHandler = certList->gname; + Alias.privateLength = strlen((const char*)certList->gname); + + result = certsvc_pkcs12_get_alias_name_for_certificate_in_store(instance, certList->storeType, Alias, &alias); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting alias name from gname failed."); + + result = certsvc_pkcs12_load_certificate_list_from_store(instance, certList->storeType, Alias, &cert_list); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "failed to certsvc_pkcs12_load_certificate_list"); + + result = certsvc_certificate_list_get_length(cert_list, &cert_counts); + RUNNER_ASSERT_MSG(cert_counts >= 1, "there is no certificates"); + + selected_certificate = g_try_new0(CertSvcCertificate, cert_counts); + RUNNER_ASSERT_MSG(selected_certificate != NULL, "failed to allocate memory"); + + result = certsvc_certificate_list_get_one(cert_list, 0, &user_certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "failed to certsvc_certificate_list_get_one"); + + result = certsvc_certificate_dup_x509(user_certificate, &x509); + + user_cert_path = g_strdup_printf("/usr/share/cert-svc/pkcs12/file_%d", count++); + fp = fopen(user_cert_path, "w"); + RUNNER_ASSERT_MSG(fp != NULL, "Failed to open the file for writing"); + + if (count==5) break; + + result = PEM_write_X509(fp, x509); + fclose(fp); + certsvc_certificate_free_x509(x509); + certList = certList->next; + + cert_index = cert_counts - 1; + selected_certificate[0] = user_certificate; + + ca_cert_path = g_strdup_printf("%s%s_%s", EAP_TLS_PATH, certList->gname, EAP_TLS_CA_CERT_PATH); + while (cert_index) { + result = certsvc_certificate_list_get_one(cert_list, cert_index, &ca_certificate); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to certsvc_certificate_list_get_one"); + + selected_certificate[cert_counts-cert_index] = ca_certificate; + cert_index--; + + result = certsvc_certificate_dup_x509(ca_certificate, &x509); + + fp = fopen(ca_cert_path, "a"); + RUNNER_ASSERT_MSG(fp != NULL, "Failed to open the file for writing"); + + result = PEM_write_X509(fp, x509); + fclose(fp); + certsvc_certificate_free_x509(x509); + } + result = certsvc_certificate_verify(selected_certificate[0], selected_certificate, cert_counts, NULL, 0, &validity); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to verify ca_certificate"); + RUNNER_ASSERT_MSG(validity != 0, "Invalid certificate"); + + result = certsvc_pkcs12_dup_evp_pkey_from_store(instance, WIFI_STORE, Alias, &privatekey); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Failed to duplicate the private key for a certificate from wifi store"); + + privatekey_path = g_strdup_printf("%s%s_%s", EAP_TLS_PATH, certList->gname, EAP_TLS_PRIVATEKEY_PATH); + + fp = fopen(privatekey_path, "w"); + RUNNER_ASSERT_MSG(fp != NULL, "Failed to open the file for writing"); + + result = PEM_write_PrivateKey(fp, privatekey, NULL, NULL, 0, NULL, NULL); + fclose(fp); + certsvc_pkcs12_free_evp_pkey(privatekey); + } + + FREE_INSTANCE +} + +/* Set the status of the certificate to disabled/enabled in wifi,vpn,email store */ +RUNNER_TEST(CERTSVC_PKCS12_1028_certsvc_set_cert_to_disabled_and_get_status_for_individual_store) { + + CertSvcStoreCertList* certList = NULL; + CertSvcStoreCertList* tmpNode = NULL; + int array[3]={VPN_STORE,WIFI_STORE,EMAIL_STORE}; + int result = CERTSVC_SUCCESS; + CertSvcString Alias; + CertStatus Status; + int status = -1; + int length = 0; + int count = 0; + int i; + + CREATE_INSTANCE + + for(int j=0;j<3;j++) + { + i = array[j]; + + result = certsvc_pkcs12_get_certificate_list_from_store(instance, (CertStoreType)i, ENABLED, &certList, &length); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Getting certificate list from store failed."); + tmpNode = certList; + while(certList!=NULL) + { + count++; + Alias.privateHandler = certList->gname; + Alias.privateLength = strlen((const char*)certList->gname); + + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from store failed."); + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, ENABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to store failed."); + + status = DISABLED; + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, ENABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to store failed."); + + status = DISABLED; + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from store failed."); + + Status=DISABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to store failed."); + + status = DISABLED; + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from store failed."); + + Status=ENABLED; + result = certsvc_pkcs12_set_certificate_status_to_store(instance, (CertStoreType)i, DISABLED, Alias, Status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Set certificate status to store failed."); + + status = DISABLED; + result = certsvc_pkcs12_get_certificate_status_from_store(instance, (CertStoreType)i, Alias, &status); + RUNNER_ASSERT_MSG(result==CERTSVC_SUCCESS, "Get certificate status from store failed."); + + certList = certList->next; + } + + certsvc_pkcs12_free_certificate_list_loaded_from_store(instance, &tmpNode); + } + + FREE_INSTANCE +} diff --git a/tests/pkcs12/pkcs12_test.cpp b/tests/pkcs12/pkcs12_test.cpp new file mode 100644 index 0000000..95debc4 --- /dev/null +++ b/tests/pkcs12/pkcs12_test.cpp @@ -0,0 +1,32 @@ +/* + * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file pkcs12_test.cpp + * @author Jacek Migacz (j.migacz@samsung.com) + * @version 1.0 + * @brief PKCS#12 test runner. + */ +#include <dpl/test/test_runner.h> +#include <cert-svc/ccert.h> + +CertSvcInstance vinstance; + +int main (int argc, char *argv[]) { + certsvc_instance_new(&vinstance); + int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv); + certsvc_instance_free(vinstance); + return status; +} diff --git a/tests/pkcs12/test.pfx b/tests/pkcs12/test.pfx new file mode 100644 index 0000000..35e2689 --- /dev/null +++ b/tests/pkcs12/test.pfx @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGCDCCA/CgAwIBAgIBATANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 +IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB +IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA +Y2FjZXJ0Lm9yZzAeFw0wNTEwMTQwNzM2NTVaFw0zMzAzMjgwNzM2NTVaMFQxFDAS +BgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5v +cmcxHDAaBgNVBAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQCrSTURSHzSJn5TlM9Dqd0o10Iqi/OHeBlYfA+e2ol9 +4fvrcpANdKGWZKufoCSZc9riVXbHF3v1BKxGuMO+f2SNEGwk82GcwPKQ+lHm9WkB +Y8MPVuJKQs/iRIwlKKjFeQl9RrmK8+nzNCkIReQcn8uUBByBqBSzmGXEQ+xOgo0J +0b2qW42S0OzekMV/CsLj6+YxWl50PpczWejDAz1gM7/30W9HxM3uYoNSbi4ImqTZ +FRiRpoWSR7CuSOtttyHshRpocjWr//AQXcD0lKdq1TuSfkyQBX6TwSyLpI5idBVx +bgtxA+qvFTia1NIFcm+M+SvrWnIl+TlG43IbPgTDZCciECqKT1inA62+tC4T7V2q +SNfVfdQqe1z6RgRQ5MwOQluM7dvyz/yWk+DbETZUYjQ4jwxgmzuXVjit89Jbi6Bb +6k6WuHzX1aCGcEDTkSm3ojyt9Yy7zxqSiuQ0e8DYbF/pCsLDpyCaWt8sXVJcukfV +m+8kKHA4IC/VfynAskEDaJLM4JzMl0tF7zoQCqtwOpiVcK01seqFK6QcgCExqa5g +eoAmSAC4AcCTY1UikTxW56/bOiXzjzFU6iaLgVn5odFTEcV7nQP2dBHgbbEsPyyG +kZlxmqZ3izRg0RS0LKydr4wQ05/EavhvE/xzWfdmQnQeiuP43NJvmJzLR5iVQAX7 +6QIDAQABo4G/MIG8MA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEEUTBPMCMG +CCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEFBQcwAoYc +aHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBBMD8GCCsGAQQB +gZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5w +aHA/aWQ9MTAwDQYJKoZIhvcNAQEEBQADggIBAH8IiKHaGlBJ2on7oQhy84r3HsQ6 +tHlbIDCxRd7CXdNlafHCXVRUPIVfuXtCkcKZ/RtRm6tGpaEQU55tiKxzbiwzpvD0 +nuB1wT6IRanhZkP+VlrRekF490DaSjrxC1uluxYG5sLnk7mFTZdPsR44Q4Dvmw2M +77inYACHV30eRBzLI++bPJmdr7UpHEV5FpZNJ23xHGzDwlVks7wU4vOkHx4y/CcV +Bc/dLq4+gmF78CEQGPZE6lM5+dzQmiDgxrvgu1pPxJnIB721vaLbLmINQjRBvP+L +ivVRIqqIMADisNS8vmW61QNXeZvo3MhN+FDtkaVSKKKs+zZYPumUK5FQhxvWXtaM +zPcPEAxSTtAWYeXlCmy/F8dyRlecmPVsYGN6b165Ti/Iubm7aoW8mA3t+T6XhDSU +rgCvoeXnkm5OvfPi2RSLXNLrAWygF6UtEOucekq9ve7O/e0iQKtwOIj1CodqwqsF +YMlIBdpTwd5Ed2qz8zw87YC8pjhKKSRf/lk7myV6VmMAZLldpGJ9VzZPrYPvH5JT +oI53V93lYRE9IwCQTDz6o2CTBKOvNfYOao9PSmCnhQVsRqGP9Md246FZV/dxssRu +FFxtbUFm3xuTsdQAw+7Lzzw9IYCpX2Nl/N3gX6T0K/CFcUHUZyX7GrGXrtaZghNB +0m6lG5kngOcLqagA +-----END CERTIFICATE----- diff --git a/tests/pkcs12/wifi-server.pem b/tests/pkcs12/wifi-server.pem new file mode 100644 index 0000000..d960df3 --- /dev/null +++ b/tests/pkcs12/wifi-server.pem @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC0DCCAjmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMCS1Ix +FDASBgNVBAgTC0t5dW5nLWdpIGRvMRIwEAYDVQQHEwlTdS13b24gc2kxEDAOBgNV +BAoTB1NhbXN1bmcxDDAKBgNVBAsTA0RNQzEQMA4GA1UEAxMHQ0EgY2VydDEdMBsG +CSqGSIb3DQEJARYOY2FAc2Ftc3VuZy5jb20wHhcNMTEwNDAxMDgyNDAyWhcNMTIw +MzMxMDgyNDAyWjBWMQswCQYDVQQGEwJLUjEUMBIGA1UECBMLS3l1bmctZ2kgZG8x +EDAOBgNVBAoTB1NhbXN1bmcxDDAKBgNVBAsTA0RNQzERMA8GA1UEAxMIdGVzdHRl +c3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOP+k1tVoVt6Sbvv/y41PP/2 +abO0S3EJW2p/twZ164Dzd7g21r63zUkBfD3pET0x2IL1N48QlTYwDj7bmzRH+i1v +7Jxk4w6Op7Oho0mPjJ+Plvjfz5LCuwOOupw5V6TpZ2FtGaFcNWIK20BaLuZOyDAl +m0HXGbfkuESZ9dayHvEtAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgEN +BB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBQ6leM2 +NG1RdqMk7cmJ1IVi2Zjk+DAfBgNVHSMEGDAWgBTNauriVKaL7CMpmNmXIOmNU7GR +hTANBgkqhkiG9w0BAQUFAAOBgQCU+c0daLk+AHvSOetVRVFkkY3VMnWw7RURD8CU +FDkb+Kz6huYlvh9pfkGn7HmxjUARJ6UpxokZ69toOv1UB0Ix4kyT3CCvf0EcnrjG +1fAYrROOhNYlntSTDcgwB2VzXSZ9WEAOBj/B+/nGb7gkkAmf++4FKTMQLZvg5gQr +700V7Q== +-----END CERTIFICATE----- diff --git a/tests/pkcs12/wifiserver.pfx b/tests/pkcs12/wifiserver.pfx Binary files differnew file mode 100644 index 0000000..18cb6d2 --- /dev/null +++ b/tests/pkcs12/wifiserver.pfx diff --git a/tests/pkcs12/wifiuser.p12 b/tests/pkcs12/wifiuser.p12 Binary files differnew file mode 100644 index 0000000..b7d56db --- /dev/null +++ b/tests/pkcs12/wifiuser.p12 diff --git a/tests/pkcs12/without_pass.p12 b/tests/pkcs12/without_pass.p12 Binary files differnew file mode 100644 index 0000000..4b58ba9 --- /dev/null +++ b/tests/pkcs12/without_pass.p12 |