1 /******************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * LICENSE-2.0" target="_blank">http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
20 ******************************************************************/
25 #include <oic_malloc.h>
26 #include <gtest/gtest.h>
29 #include "cert_generator.h"
30 #include "ck_manager.h"
35 #include "crl_generator.h"
36 #include "crlresource.h"
43 #define READ_WRITE_BLOCK_N 1ul
44 #define N_LENGTH_BYTES 3
46 const char *CKMI_PS_FILE_NAME = "CKMInfo.dat";
48 #define CRL_DEFAULT_CRL_ID 1
49 #define CRL_DEFAULT_THIS_UPDATE "150101000000Z"
50 #define CRL_DEFAULT_CRL_DATA "-"
52 #define NUMBER_OF_REVOKED 2
54 OCPersistentStorage ps = { NULL, NULL, NULL, NULL, NULL};
56 //#define NUM_ACE_FOR_WILDCARD_IN_CKM1_JSON (2)
58 FILE* ckm_fopen(const char * /*path*/, const char *mode)
60 return fopen(CKMI_PS_FILE_NAME, mode);
63 #define STRINGIZE2(x) #x
64 #define STRINGIZE(x) STRINGIZE2(x)
66 static char* resolve_file_path(const char* filename )
68 int len = strlen(STRINGIZE(SECURITY_BUILD_UNITTEST_DIR)) + strlen(filename) + 1;
69 char *filepath = (char *)OICCalloc(1, len);
73 printf("filepath memory allocation failed. \n");
76 int ret = snprintf(filepath, len, "%s%s", STRINGIZE(SECURITY_BUILD_UNITTEST_DIR), filename);
80 void SetPersistentHandler(OCPersistentStorage *ps)
92 // Length of test certificate
93 #define SIMPLE_CRT_LEN 469
95 class PKITest : public ::testing::Test
98 static void SetUpTestCase()
100 SetPersistentHandler(&ps);
101 OCStackResult res = OCRegisterPersistentStorageHandler(&ps);
102 ASSERT_TRUE(res == OC_STACK_OK);
105 static void TearDownTestCase()
109 static CertificateX509 g_certificate;
111 static const ByteArray g_caPublicKey;
113 static const ByteArray g_derCode ;
115 static ByteArray g_serNum;
118 CertificateX509 PKITest::g_certificate;
120 const ByteArray PKITest::g_derCode = {(uint8_t[])
122 0x30, 0x82, 0x01, 0xd1, 0x30, 0x82, 0x01, 0x77, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
123 0xd7, 0x56, 0x8c, 0xfc, 0x53, 0x18, 0xb0, 0xab, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
124 0x3d, 0x04, 0x03, 0x02, 0x30, 0x45, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
125 0x02, 0x41, 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f,
126 0x6d, 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04,
127 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67,
128 0x69, 0x74, 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x30, 0x1e, 0x17, 0x0d, 0x31,
129 0x35, 0x30, 0x33, 0x31, 0x32, 0x31, 0x32, 0x32, 0x35, 0x31, 0x31, 0x5a, 0x17, 0x0d, 0x31, 0x37,
130 0x30, 0x33, 0x31, 0x31, 0x31, 0x32, 0x32, 0x35, 0x31, 0x31, 0x5a, 0x30, 0x45, 0x31, 0x0b, 0x30,
131 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03,
132 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31,
133 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e,
134 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67, 0x69, 0x74, 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c,
135 0x74, 0x64, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06,
136 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x8c, 0xc8, 0x92,
137 0x1d, 0xaa, 0x7f, 0xf0, 0xe4, 0xb2, 0x75, 0xd6, 0x4a, 0xf1, 0xd5, 0x14, 0x3f, 0x1a, 0x09, 0xc5,
138 0x3e, 0x52, 0xd6, 0xda, 0xa0, 0xbf, 0x90, 0x43, 0xd1, 0x6b, 0xfe, 0xd1, 0xb3, 0x75, 0x5c, 0xdd,
139 0x69, 0xac, 0x42, 0xa1, 0xcb, 0x03, 0x16, 0xee, 0xa4, 0x30, 0xa5, 0x8d, 0x36, 0x8f, 0xc5, 0x7b,
140 0xb4, 0xb5, 0x6a, 0x7d, 0x9b, 0x16, 0x04, 0x46, 0xab, 0xae, 0xbb, 0x56, 0xa1, 0xa3, 0x50, 0x30,
141 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x5c, 0x0e, 0x30, 0xa8,
142 0x8e, 0x7f, 0xc9, 0x02, 0xcd, 0xa8, 0xed, 0x0d, 0x1a, 0x1b, 0xd9, 0x7d, 0xe6, 0xce, 0x2a, 0x59,
143 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0x5c, 0x0e, 0x30,
144 0xa8, 0x8e, 0x7f, 0xc9, 0x02, 0xcd, 0xa8, 0xed, 0x0d, 0x1a, 0x1b, 0xd9, 0x7d, 0xe6, 0xce, 0x2a,
145 0x59, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xff, 0x30,
146 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45,
147 0x02, 0x21, 0x00, 0xf6, 0x79, 0xed, 0x69, 0xd5, 0xe5, 0xba, 0x42, 0x14, 0xfc, 0xce, 0x47, 0xf1,
148 0x61, 0x1c, 0x51, 0x11, 0x2b, 0xba, 0x04, 0x70, 0x56, 0x78, 0xaf, 0xa9, 0xa6, 0x98, 0x8f, 0x4b,
149 0xa8, 0x11, 0x67, 0x02, 0x20, 0x3a, 0xdf, 0xf1, 0x74, 0xc9, 0x2f, 0xfb, 0x84, 0x46, 0xde, 0xbc,
150 0x2d, 0xda, 0xe3, 0x05, 0xb4, 0x81, 0x31, 0x45, 0xf7, 0x3d, 0x71, 0x46, 0x07, 0xa7, 0xd8, 0xcb,
151 0xae, 0x1e, 0x1b, 0x1c, 0x5a
155 const ByteArray PKITest::g_caPublicKey = {(uint8_t[])
157 0x8c, 0xc8, 0x92, 0x1d, 0xaa, 0x7f, 0xf0, 0xe4, 0xb2, 0x75, 0xd6, 0x4a, 0xf1, 0xd5, 0x14, 0x3f,
158 0x1a, 0x09, 0xc5, 0x3e, 0x52, 0xd6, 0xda, 0xa0, 0xbf, 0x90, 0x43, 0xd1, 0x6b, 0xfe, 0xd1, 0xb3,
159 0x75, 0x5c, 0xdd, 0x69, 0xac, 0x42, 0xa1, 0xcb, 0x03, 0x16, 0xee, 0xa4, 0x30, 0xa5, 0x8d, 0x36,
160 0x8f, 0xc5, 0x7b, 0xb4, 0xb5, 0x6a, 0x7d, 0x9b, 0x16, 0x04, 0x46, 0xab, 0xae, 0xbb, 0x56, 0xa1
161 }, PUBLIC_KEY_SIZE };
164 ByteArray PKITest::g_serNum = {(uint8_t[SERIAL_NUMBER_MAX_LEN]) {0}, SERIAL_NUMBER_MAX_LEN};
166 //registering persistent storage test
167 TEST(CKManager, RegisterPersistentStorage)
169 SetPersistentHandler(&ps);
170 ASSERT_EQ(OC_STACK_OK, OCRegisterPersistentStorageHandler(&ps));
173 //check decoding predefined certificate
174 TEST(X509Certificate, DecodeTest)
176 ByteArray code = PKITest::g_derCode;
178 ASSERT_EQ(DecodeCertificate(code, &PKITest::g_certificate), PKI_SUCCESS);
180 ASSERT_NE(DecodeCertificate(code, &PKITest::g_certificate), PKI_SUCCESS);
183 //check decoding of random symbols sequence
184 TEST(X509Certificate, RandomDecode)
186 srand((unsigned int)time(NULL));
189 INIT_BYTE_ARRAY(code);
191 for (unsigned int i = 0; i < RUNS; i++)
193 code.len = (size_t)((size_t)rand() % MAX_LEN);
194 code.data = (uint8_t *)malloc(code.len * sizeof(uint8_t));
196 EXPECT_NE(code.data, (uint8_t *)NULL);
198 for (unsigned int j = 0; j < code.len; j++)
200 code.data[j] = (uint8_t)(rand() % 128 + 1);
203 EXPECT_NE(PKI_SUCCESS, DecodeCertificate(code, &PKITest::g_certificate));
208 //testing validity check of predefined certificate
209 TEST(X509Certificate, testCheckValidity)
211 CertificateX509 tempCrt;
212 ASSERT_EQ(PKI_SUCCESS, DecodeCertificate(PKITest::g_derCode, &tempCrt));
213 ASSERT_EQ(PKI_SUCCESS, CheckValidity(tempCrt.validFrom, tempCrt.validTo));
214 ByteArray temp = tempCrt.validTo;
216 tempCrt.validTo = tempCrt.validFrom;
217 tempCrt.validFrom = temp;
218 ASSERT_EQ(PKI_CERT_DATE_INVALID, CheckValidity(tempCrt.validFrom, tempCrt.validTo));
221 //testing signature check of predefined certificate
222 TEST(X509Certificate, CheckSignature)
224 ByteArray code = PKITest::g_derCode;
226 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(code, PKITest::g_caPublicKey));
228 ASSERT_NE(PKI_SUCCESS, CheckCertificate(code, PKITest::g_caPublicKey));
231 //test saving certificate into file
232 TEST_F(PKITest, DERCertificateFile)
234 uint8_t derData[ISSUER_MAX_CERT_SIZE] = {0};
235 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
236 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
238 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
239 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
240 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
241 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
243 certDer.data = derData;
244 certDer.len = ISSUER_MAX_CERT_SIZE;
246 pubKeyIss.data = caPubKey;
247 pubKeyIss.len = sizeof(caPubKey);
248 privKeyIss.data = caPrivKey;
249 privKeyIss.len = sizeof(caPrivKey);
250 rootName.data = (uint8_t *)"ROOT1";
251 rootName.len = strlen((char *)rootName.data);
252 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
254 for (int i = 1; i <= RUNS; i++)
256 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
257 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(i));
258 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
259 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate(0, 0, &certDer));
260 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
261 ASSERT_EQ(PKI_SUCCESS, GenerateDERCertificateFile (&certDer, "der_cert"));
263 ASSERT_EQ(CloseCKMInfo(), PKI_SUCCESS);
266 //test checking time validity of generated certificate
267 TEST_F(PKITest, TimeValidity)
269 uint8_t derData[ISSUER_MAX_CERT_SIZE] = {0};
270 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
271 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
273 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
274 ByteArray pubKey = BYTE_ARRAY_INITIALIZER;
275 ByteArray privKey = BYTE_ARRAY_INITIALIZER;
276 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
278 privKey.data = caPrivKey;
279 privKey.len = sizeof(caPrivKey);
281 certDer.data = derData;
282 certDer.len = sizeof(derData);
284 pubKey.data = caPubKey;
285 pubKey.len = sizeof(caPubKey);
287 rootName.data = (uint8_t *)"ROOT3";
288 rootName.len = strlen((char *)rootName.data);
289 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
291 for (int i = 1; i <= RUNS; i++)
293 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKey, &pubKey));
294 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(i));
295 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
297 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate(0, 0, &certDer));
298 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKey));
300 certDer.len = sizeof(derData);
301 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate(0, (uint8_t *)"130101000000Z", &certDer));
302 ASSERT_EQ(PKI_CERT_DATE_INVALID, CheckCertificate(certDer, pubKey));
304 certDer.len = sizeof(derData);
305 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate((uint8_t *)"170101000000Z", 0, &certDer));
306 ASSERT_EQ(PKI_CERT_DATE_INVALID, CheckCertificate(certDer, pubKey));
308 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
311 //testing certificate generation by certificate signing request
312 TEST_F(PKITest, CertificateSigningRequest)
314 uint8_t certData[ISSUER_MAX_CERT_SIZE] = {0};
315 uint8_t csrData[CSR_MAX_SIZE] = {0};
316 uint8_t subjPubKey[PUBLIC_KEY_SIZE] = {0};
317 uint8_t subjPrivKey[PRIVATE_KEY_SIZE] = {0};
318 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
319 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
320 uint8_t *subjName = (uint8_t *)"Subject05";
322 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
323 ByteArray csrDer = BYTE_ARRAY_INITIALIZER;
324 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
325 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
326 ByteArray pubKeySubj = BYTE_ARRAY_INITIALIZER;
327 ByteArray privKeySubj = BYTE_ARRAY_INITIALIZER;
328 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
330 certDer.data = certData;
331 certDer.len = sizeof(certData);
332 csrDer.data = csrData;
333 csrDer.len = CSR_MAX_SIZE;
335 pubKeyIss.data = caPubKey;
336 pubKeyIss.len = sizeof(caPubKey);
337 privKeyIss.data = caPrivKey;
338 privKeyIss.len = sizeof(caPrivKey);
339 pubKeySubj.data = subjPubKey;
340 pubKeySubj.len = sizeof(subjPubKey);
341 privKeySubj.data = subjPrivKey;
342 privKeySubj.len = sizeof(subjPrivKey);
343 rootName.data = (uint8_t *)"ROOT2";
344 rootName.len = strlen((char *)rootName.data);
345 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
347 ASSERT_EQ(GenerateCAKeyPair(&privKeyIss, &pubKeyIss), PKI_SUCCESS);
348 ASSERT_EQ(SetSerialNumber(1), PKI_SUCCESS);
349 ASSERT_EQ(SetRootName(rootName), PKI_SUCCESS);
351 for (int i = 1; i <= RUNS; i++)
353 ASSERT_EQ(PKI_SUCCESS, GenerateKeyPair(&privKeySubj, &pubKeySubj));
354 ASSERT_EQ(PKI_SUCCESS, GenerateCSR(subjName, subjPubKey, subjPrivKey, &csrDer));
355 ASSERT_EQ(PKI_SUCCESS, GenerateCertificateByCSR(&csrDer, &certDer));
356 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
358 ASSERT_NE(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
360 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
362 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
365 //test public key structure parsing
366 TEST(X509Certificate, testParsePublicKey)
368 ASSERT_EQ(PKI_SUCCESS, ParsePublicKey((ByteArray*)&PKITest::g_caPublicKey));
371 uint8_t shortAr[length];
372 ByteArray shortArray = {shortAr, length};
373 ASSERT_EQ(PKI_WRONG_ARRAY_LEN, ParsePublicKey(&shortArray));
375 uint8_t uncompressed[PUBLIC_KEY_SIZE + 2];
377 uncompressed[1] = ASN1_UNCOMPRESSED_KEY;
378 memcpy(&uncompressed[2], PKITest::g_caPublicKey.data, PUBLIC_KEY_SIZE);
379 ByteArray uncomprArr = {uncompressed, PUBLIC_KEY_SIZE+2};
380 ParsePublicKey(&uncomprArr);
381 ASSERT_EQ((size_t)PUBLIC_KEY_SIZE, uncomprArr.len);
382 ASSERT_EQ(0, memcmp(uncomprArr.data, PKITest::g_caPublicKey.data, PUBLIC_KEY_SIZE));
385 //test checking of certificate generated by OpenSSL
386 TEST(OpenSSLCompatibility, verifyOpenSslCertSign)
390 uint8_t crtData[ISSUER_MAX_CERT_SIZE] = {0};
391 uint8_t pubKeyData[PUBLIC_KEY_SIZE] = {0};
392 ByteArray crtDer = BYTE_ARRAY_INITIALIZER;
393 ByteArray pubKey = BYTE_ARRAY_INITIALIZER;
394 CertificateX509 certificate;
396 crtDer.data = crtData;
397 crtDer.len = sizeof(crtData);
398 pubKey.data = pubKeyData;
399 pubKey.len = sizeof(pubKeyData);
402 fpath = resolve_file_path("/01.der");
403 int fileCert = open(fpath, O_RDONLY);
406 ASSERT_TRUE(fileCert != -1);
408 ASSERT_TRUE(fstat(fileCert, &st) == 0);
410 int res = read(fileCert, crtDer.data, crtDer.len);
412 EXPECT_EQ(st.st_size, res);
416 fpath = resolve_file_path("/capub.der");
417 int fileKey = open(fpath, O_RDONLY);
419 ASSERT_TRUE(fileKey != -1);
421 ASSERT_TRUE(fstat(fileKey, &st) == 0);
423 if(st.st_size > PUBLIC_KEY_SIZE)
425 ASSERT_NE(-1, lseek(fileKey, (st.st_size - PUBLIC_KEY_SIZE), SEEK_SET));
429 res = read(fileKey, pubKey.data, pubKey.len);
431 EXPECT_EQ(PUBLIC_KEY_SIZE, res);
434 EXPECT_EQ(PKI_SUCCESS, DecodeCertificate(crtDer, &certificate));
435 EXPECT_EQ(PKI_SUCCESS, CheckCertificate(crtDer, pubKey));
438 //test parsing of certificate chain generated by OpenSSL
439 TEST(CertificateChain, LoadCertificateChain)
442 ByteArray crtChainDer[MAX_CHAIN_LEN] = {{0,0},};
443 CertificateX509 crtChain[MAX_CHAIN_LEN] = {{{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0}},};
444 ByteArray msg = BYTE_ARRAY_INITIALIZER;
447 fpath = resolve_file_path("/cert_chain.dat");
448 FILE *file = fopen(fpath, "rb");
450 ASSERT_TRUE(file != NULL);
454 msg.data = (uint8_t *) realloc (msg.data, msg.len + 1);
455 msg.data[msg.len] = fgetc (file);
460 INC_BYTE_ARRAY(msg, 3);
461 EXPECT_EQ(PKI_SUCCESS, LoadCertificateChain (msg, crtChainDer, &chainLength));
463 printf("chain len: %d\n", chainLength);
465 EXPECT_EQ(PKI_UNKNOWN_OID, ParseCertificateChain (crtChainDer, crtChain, chainLength));
470 //test checking CA certificate generated by OpenSSL
471 TEST(OpenSSLCompatibility, testOpenSSLCertificate)
475 ByteArray crtDer = BYTE_ARRAY_INITIALIZER;
476 uint8_t crtData[ISSUER_MAX_CERT_SIZE] = {0};
478 crtDer.data = crtData;
479 crtDer.len = sizeof(crtData);
482 fpath = resolve_file_path("/cacert.der");
483 int fd = open(fpath, O_RDONLY);
485 ASSERT_TRUE(fd != -1);
487 ASSERT_TRUE(fstat(fd, &st) == 0);
490 int res = read(fd, crtDer.data, crtDer.len);
492 ASSERT_EQ(st.st_size, res);
495 crtDer.len = st.st_size;
498 printf("Length of cert: %lu\n", crtDer.len);
500 EXPECT_EQ(PKI_SUCCESS, DecodeCertificate(crtDer, &PKITest::g_certificate));
503 //test signatures checking of certificate chain generated by OpenSSL
504 TEST(OpenSSLCompatibility, ParseAndCheckCertificateChain)
507 ByteArray crtChainDer[MAX_CHAIN_LEN] = {{0,0},};
508 CertificateX509 crtChain[MAX_CHAIN_LEN] = {{{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0},{0,0}},};
509 ByteArray msg = BYTE_ARRAY_INITIALIZER;
512 char* chainPath = resolve_file_path("/chain.der");
513 FILE *fileChain = fopen(chainPath, "rb");
515 ASSERT_TRUE(fileChain != NULL);
518 ASSERT_NE(-1, fseek(fileChain, 0, SEEK_END));
519 int len = ftell(fileChain);
521 msg.len = (size_t) len;
522 ASSERT_NE(-1, fseek(fileChain, 0, SEEK_SET));
524 msg.data = (uint8_t*)malloc(msg.len+1);
526 ASSERT_EQ(READ_WRITE_BLOCK_N, fread(msg.data, msg.len, READ_WRITE_BLOCK_N, fileChain));
530 INC_BYTE_ARRAY(msg, 3);
531 EXPECT_EQ(PKI_SUCCESS, LoadCertificateChain(msg, crtChainDer, &chainLength));
532 EXPECT_EQ(3, chainLength);
534 printf("Length of the chain: %d\n", chainLength);
537 EXPECT_EQ(PKI_SUCCESS, ParseCertificateChain(crtChainDer, crtChain, chainLength));
539 ByteArray caPubKey = BYTE_ARRAY_INITIALIZER;
540 uint8_t pubKeyData[PUBLIC_KEY_SIZE] = {0};
542 caPubKey.data = pubKeyData;
543 caPubKey.len = sizeof(pubKeyData);
546 char* fpath = resolve_file_path("/capub.der");
547 int fileKey = open(fpath, O_RDONLY);
549 ASSERT_TRUE(fileKey != -1);
551 ASSERT_TRUE(fstat(fileKey, &st) == 0);
553 if(st.st_size > PUBLIC_KEY_SIZE)
555 ASSERT_NE(-1, lseek(fileKey, (st.st_size - PUBLIC_KEY_SIZE), SEEK_SET));
559 int res = read(fileKey, caPubKey.data, caPubKey.len);
561 EXPECT_EQ(PUBLIC_KEY_SIZE, res);
564 EXPECT_EQ(PKI_SUCCESS, CheckCertificateChain(crtChain, chainLength, caPubKey));
569 //testing correctness of decoding certificate length from ASN.1 structure
570 TEST(CRL, testDecodeLength)
572 ByteArray cert = BYTE_ARRAY_INITIALIZER;
574 EXPECT_EQ(PKI_NULL_PASSED, DecodeLength(&cert, &length));
577 size_t derLength = (size_t)rand() % LEN_LONG;
578 cert.len = derLength + 2;
579 uint8_t *certData = (uint8_t*)malloc(cert.len);
580 cert.data = certData;
581 cert.data[0] = (uint8_t)0x30; //mixed types
582 cert.data[1] = (uint8_t)(derLength & 0xff);
583 EXPECT_EQ(PKI_SUCCESS, DecodeLength(&cert, &length));
584 EXPECT_EQ(derLength, length);
588 //testing serial number storage
589 TEST(CRL, StoreSerialNumber)
591 uint8_t data[10] = {0x01, 0x82, 0x01, 0xd1, 0x30, 0x82, 0x01, 0x77, 0xa0, 0x03};
592 const ByteArray sn = { data, sizeof(data) / sizeof(uint8_t)};
594 for (i = 0; i < 400; i++)
597 ASSERT_EQ(PKI_SUCCESS, StoreSerialNumber(sn));
599 ASSERT_EQ(PKI_CERT_REVOKED, CheckSerialNumber(sn));
602 ASSERT_EQ(PKI_SUCCESS, CheckSerialNumber(sn));
606 #ifdef ARDUINO_MEMORY_DEBUG
607 //testing memory allocation fault handling at Arduino
608 TEST(SNStore, MemoryOverflow)
610 uint8_t data[10] = {0x01, 0x82, 0x01, 0xd1, 0x30, 0x82, 0x01, 0x77, 0xa0, 0x03};
611 const ByteArray sn = { data, sizeof(data) / sizeof(uint8_t)};
616 res = StoreSerialNumber(sn);
618 while (res == PKI_SUCCESS);
619 ASSERT_EQ(PKI_MEMORY_ALLOC_FAILED, res);
623 #endif /* ARDUINO_MEMORY_DEBUG */
625 //testing next certificate serial number handling by "CKM info" unit
626 TEST_F(PKITest, CAInitAndSerialNum)
628 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
629 long serialNum = (long)((long)rand() % (MAX_LEN - 1) + 1);
630 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
631 //all the serials should start from
632 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(serialNum));
634 ASSERT_EQ(PKI_SUCCESS, GetNextSerialNumber(&nextSerial));
635 ASSERT_EQ(nextSerial, serialNum);
636 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
639 //testing CA name handling by "CKM info" unit
640 TEST_F(PKITest, testCAName)
642 ByteArray caName = BYTE_ARRAY_INITIALIZER;
643 caName.len = (size_t)((size_t)rand() % (ISSUER_MAX_NAME_SIZE - 1) + 1);
644 caName.data = (uint8_t*)malloc(caName.len);
646 for(i = 0; i < caName.len; i++){
647 caName.data[i] = (uint8_t)(rand() % 128);
649 EXPECT_EQ(PKI_SUCCESS, InitCKMInfo());
650 EXPECT_EQ(PKI_SUCCESS, SetRootName(caName));
651 ByteArray getName = BYTE_ARRAY_INITIALIZER;
652 uint8_t uint8CAName[ISSUER_MAX_NAME_SIZE] = {0};
653 getName.data = uint8CAName;
654 getName.len = ISSUER_MAX_NAME_SIZE;
655 EXPECT_EQ(PKI_SUCCESS, GetCAName(&getName));
656 EXPECT_EQ(0, memcmp(caName.data, getName.data, caName.len));
658 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
661 //testing key pair generation and storing by "CKM info" unit
662 TEST_F(PKITest, testKeyPair)
664 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
665 rootName.data = (uint8_t *)"ROOT";
666 rootName.len = strlen((char *)rootName.data);
667 SetRootName(rootName);
669 //first test the GenerateCAKeyPair - this writes to the CA storage
670 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
671 privKeyIss.len = PRIVATE_KEY_SIZE;
672 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
673 privKeyIss.data = caPrivKey;
675 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
676 pubKeyIss.len = PUBLIC_KEY_SIZE;
677 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
678 pubKeyIss.data = caPubKey;
680 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
681 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
683 ByteArray keyCheck = BYTE_ARRAY_INITIALIZER;
684 keyCheck.len = PUBLIC_KEY_SIZE;
685 uint8_t keyCheckData[PUBLIC_KEY_SIZE] = {0};
686 keyCheck.data = keyCheckData;
687 ASSERT_EQ(PKI_SUCCESS, GetCAPrivateKey(&keyCheck));
688 ASSERT_EQ(0, memcmp(keyCheck.data, privKeyIss.data, PRIVATE_KEY_SIZE));
690 ASSERT_EQ(PKI_SUCCESS, GetCAPublicKey(&keyCheck));
691 ASSERT_EQ(0, memcmp(keyCheck.data, pubKeyIss.data, PUBLIC_KEY_SIZE));
693 //now test the GenerateKeyPair - does not write to the CA storage
694 ASSERT_EQ(PKI_SUCCESS, GenerateKeyPair(&privKeyIss, &pubKeyIss));
696 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
697 ASSERT_EQ(PKI_SUCCESS, GetCAPrivateKey(&keyCheck));
698 ASSERT_NE(0, memcmp(keyCheck.data, privKeyIss.data, PRIVATE_KEY_SIZE));
700 ASSERT_EQ(PKI_SUCCESS, GetCAPublicKey(&keyCheck));
701 ASSERT_NE(0, memcmp(keyCheck.data, pubKeyIss.data, PUBLIC_KEY_SIZE));
702 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
705 //testing CRL encoding
706 TEST_F(PKITest, testEncodeCRL)
710 uint8_t *uint8ThisUpdateTime = (uint8_t *)"130101000000Z";
711 uint32_t numberOfRevoked = 0;
712 uint32_t revokedNumbers[2];
713 const uint8_t *revocationDates[2];
715 ByteArray code = BYTE_ARRAY_INITIALIZER;
716 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
717 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
718 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
720 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
721 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
723 pubKeyIss.data = caPubKey;
724 pubKeyIss.len = PUBLIC_KEY_SIZE;
725 privKeyIss.data = caPrivKey;
726 privKeyIss.len = PRIVATE_KEY_SIZE;
730 revokedNumbers[0] = 100; // serial number of first revoked certificate
731 revokedNumbers[1] = 200; // serial number of second revoked certificate
732 revocationDates[0] = (const uint8_t *)"130101000001Z";
733 revocationDates[1] = (const uint8_t *)"130101000002Z";
735 rootName.data = (uint8_t *)"ROOT2";
736 rootName.len = strlen((char *)rootName.data);
737 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
738 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
739 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
741 code.data = (uint8_t *)calloc(1,
742 (CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4)));
743 code.len = (CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4));
745 EXPECT_EQ(PKI_SUCCESS,CKMIssueCRL(uint8ThisUpdateTime, numberOfRevoked, revokedNumbers,
746 revocationDates,&code));
747 EXPECT_EQ(PKI_SUCCESS, DecodeCertificateList (code, &crl, pubKeyIss));
755 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
758 //check correctness of certificate revocation by CKMIssueCRL() and CKMRevocateCertificate()
759 TEST_F(PKITest, testRevocateCertificate)
763 uint8_t *uint8ThisUpdateTime = (uint8_t *)"130101000000Z";
764 uint32_t numberOfRevoked = 0;
765 uint32_t revokedNumbers[2];
766 const uint8_t *revocationDates[2];
768 ByteArray code = BYTE_ARRAY_INITIALIZER;
769 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
770 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
771 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
773 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
774 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
776 pubKeyIss.data = caPubKey;
777 pubKeyIss.len = sizeof(caPubKey);
778 privKeyIss.data = caPrivKey;
779 privKeyIss.len = sizeof(caPrivKey);
783 revokedNumbers[0] = 100; // serial number of first revoked certificate
784 revokedNumbers[1] = 200; // serial number of second revoked certificate
785 revocationDates[0] = (const uint8_t *)"130101000001Z";
786 revocationDates[1] = (const uint8_t *)"130101000002Z";
788 rootName.data = (uint8_t *)"ROOT2";
789 rootName.len = strlen((char *)rootName.data);
790 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
791 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
792 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
794 code.len = CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4);
795 code.data = (uint8_t *)calloc(1, code.len);
797 EXPECT_EQ(PKI_SUCCESS, CKMIssueCRL (uint8ThisUpdateTime, numberOfRevoked, revokedNumbers,
798 revocationDates, &code));
799 EXPECT_EQ(PKI_SUCCESS, DecodeCertificateList (code, &crl, pubKeyIss));
802 code.len = CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4);
803 code.data = (uint8_t *)calloc(1, code.len);
804 EXPECT_EQ(PKI_SUCCESS, CKMRevocateCertificate (uint8ThisUpdateTime, 50, &code));
805 EXPECT_EQ(PKI_SUCCESS, DecodeCertificateList (code, &crl, pubKeyIss));
813 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
816 //checck correctness of saving root certificate to binary file
817 TEST_F(PKITest, StoreCKMInfo)
820 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
821 uint8_t derData[ISSUER_MAX_CERT_SIZE] = {0};
822 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
823 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
824 const long serNum = 48598490;
826 uint8_t *uint8ThisUpdateTime = (uint8_t *)"130101000000Z";
827 uint32_t numberOfRevoked = 0;
828 uint32_t revokedNumbers[2];
829 const uint8_t *revocationDates[2];
831 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
832 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
833 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
834 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
835 ByteArray code = BYTE_ARRAY_INITIALIZER;
837 certDer.data = derData;
838 certDer.len = ISSUER_MAX_CERT_SIZE;
839 pubKeyIss.data = caPubKey;
840 pubKeyIss.len = PUBLIC_KEY_SIZE;
841 privKeyIss.data = caPrivKey;
842 privKeyIss.len = PRIVATE_KEY_SIZE;
843 rootName.data = (uint8_t *)"ROOT";
844 rootName.len = strlen((char *)rootName.data);
846 //generate CA Certificate
847 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
848 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(serNum));
849 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
850 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate(0, 0, &certDer));
853 numberOfRevoked = NUMBER_OF_REVOKED;
855 revokedNumbers[0] = 100; // serial number of first revoked certificate
856 revokedNumbers[1] = 200; // serial number of second revoked certificate
857 revocationDates[0] = (const uint8_t *)"130101000001Z";
858 revocationDates[1] = (const uint8_t *)"130101000002Z";
860 code.data = (uint8_t *)calloc(1,
861 (CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4)));
862 code.len = (CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4));
864 ASSERT_EQ(PKI_SUCCESS, CKMIssueCRL (uint8ThisUpdateTime, numberOfRevoked, revokedNumbers,
865 revocationDates, &code));
867 // Check Certificate file
868 CertificateX509 certificate;
869 ByteArray crtDer = BYTE_ARRAY_INITIALIZER;
870 uint8_t crtDerData[ISSUER_MAX_CERT_SIZE] = {0};
872 crtDer.data = crtDerData;
873 crtDer.len = sizeof(crtDerData);
876 int fd = open(CA_STORAGE_CRT_FILE, O_RDONLY);
877 ASSERT_TRUE(fd != -1);
879 ASSERT_TRUE(fstat(fd, &st) == 0);
881 int res = read(fd, crtDer.data, crtDer.len);
883 EXPECT_EQ(st.st_size > ISSUER_MAX_CERT_SIZE ? ISSUER_MAX_CERT_SIZE : st.st_size, res);
887 crtCheck.data = crtDer.data + 3; //now file contains length of certificate
888 crtCheck.len = crtDer.len - 3;
889 EXPECT_EQ(PKI_SUCCESS, DecodeCertificate(crtCheck, &certificate));
891 PrintCertificate(&certificate);
895 ByteArray crlDer = BYTE_ARRAY_INITIALIZER;
896 crlDer.len = (CRL_MIN_SIZE + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4));
897 crlDer.data = (uint8_t *)malloc(crlDer.len);
899 EXPECT_EQ(PKI_SUCCESS, GetCertificateRevocationList(&crlDer));
901 EXPECT_EQ(PKI_SUCCESS, DecodeCertificateList (crlDer, &crl, pubKeyIss));
905 EXPECT_EQ(PKI_SUCCESS, CloseCKMInfo());
910 //check correctness of root certificate generation
911 TEST_F(PKITest, GenerateRootCertificate)
913 uint8_t derData[ISSUER_MAX_CERT_SIZE] = {0};
914 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
915 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
917 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
918 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
919 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
920 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
922 certDer.data = derData;
923 certDer.len = sizeof(derData);
925 pubKeyIss.data = caPubKey;
926 pubKeyIss.len = sizeof(caPubKey);
927 privKeyIss.data = caPrivKey;
928 privKeyIss.len = sizeof(caPrivKey);
929 rootName.data = (uint8_t *)"ROOT";
930 rootName.len = strlen((char *)rootName.data);
931 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
933 for (int i = 1; i <= RUNS; i++)
935 ASSERT_EQ(PKI_SUCCESS, GenerateCAKeyPair(&privKeyIss, &pubKeyIss));
936 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(i));
937 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
938 ASSERT_EQ(PKI_SUCCESS, CKMIssueRootCertificate(0, 0, &certDer));
940 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
942 ASSERT_NE(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
944 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
946 ASSERT_EQ(PKI_SUCCESS, CloseCKMInfo());
949 //check correctness of ordinal device certificate generation
950 TEST_F(PKITest, GenerateDeviceCertificate)
952 uint8_t derData[ISSUER_MAX_CERT_SIZE] = {0};
953 uint8_t subjPubKey[PUBLIC_KEY_SIZE] = {0};
954 uint8_t subjPrivKey[PRIVATE_KEY_SIZE] = {0};
955 uint8_t caPubKey[PUBLIC_KEY_SIZE] = {0};
956 uint8_t caPrivKey[PRIVATE_KEY_SIZE] = {0};
957 uint8_t *subjName = (uint8_t *)"Subject Name";
959 ByteArray certDer = BYTE_ARRAY_INITIALIZER;
960 ByteArray pubKeyIss = BYTE_ARRAY_INITIALIZER;
961 ByteArray privKeyIss = BYTE_ARRAY_INITIALIZER;
962 ByteArray pubKeySubj = BYTE_ARRAY_INITIALIZER;
963 ByteArray privKeySubj = BYTE_ARRAY_INITIALIZER;
964 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
966 certDer.data = derData;
967 certDer.len = ISSUER_MAX_CERT_SIZE;
969 pubKeyIss.data = caPubKey;
970 pubKeyIss.len = sizeof(caPubKey);
971 privKeyIss.data = caPrivKey;
972 privKeyIss.len = sizeof(caPrivKey);
973 pubKeySubj.data = subjPubKey;
974 pubKeySubj.len = sizeof(subjPubKey);
975 privKeySubj.data = subjPrivKey;
976 privKeySubj.len = sizeof(subjPrivKey);
977 rootName.data = (uint8_t *)"ROOT2";
978 rootName.len = strlen((char *)rootName.data);
979 ASSERT_EQ(PKI_SUCCESS, InitCKMInfo());
981 ASSERT_EQ(GenerateCAKeyPair(&privKeyIss, &pubKeyIss), PKI_SUCCESS);
982 for (int i = 1; i <= RUNS; i++)
984 ASSERT_EQ(PKI_SUCCESS, GenerateKeyPair(&privKeySubj, &pubKeySubj));
985 ASSERT_EQ(PKI_SUCCESS, SetSerialNumber(i));
986 ASSERT_EQ(PKI_SUCCESS, SetRootName(rootName));
987 ASSERT_EQ(PKI_SUCCESS, CKMIssueDeviceCertificate(subjName, 0, 0, subjPubKey, &certDer));
989 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
991 ASSERT_NE(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
993 ASSERT_EQ(PKI_SUCCESS, CheckCertificate(certDer, pubKeyIss));
995 ASSERT_EQ(CloseCKMInfo(), PKI_SUCCESS);
998 //check correctness of saving CRL to storage and loading CRL from storage
999 TEST_F(PKITest, CRLSetGet)
1001 OicSecCrl_t *defaultCrl = NULL;
1002 defaultCrl = (OicSecCrl_t *)OICCalloc(1, sizeof(OicSecCrl_t));
1003 ASSERT_NE(defaultCrl, (OicSecCrl_t *) NULL);
1004 defaultCrl->CrlId = CRL_DEFAULT_CRL_ID;
1005 defaultCrl->CrlData.data = (uint8_t *)CRL_DEFAULT_CRL_DATA;
1006 defaultCrl->CrlData.len = strlen(CRL_DEFAULT_CRL_DATA);
1007 defaultCrl->ThisUpdate.data = (uint8_t *)CRL_DEFAULT_THIS_UPDATE;
1008 defaultCrl->ThisUpdate.len = strlen(CRL_DEFAULT_THIS_UPDATE);
1009 EXPECT_EQ(OC_STACK_OK, UpdateCRLResource(defaultCrl));
1011 EXPECT_NE((void *)NULL, GetCrl());
1012 OICFree(defaultCrl);
1016 TEST_F(PKITest, CKMGetCRL)
1018 const size_t CRL_MAX_SIZE = 1024;
1019 ByteArray certificateRevocationList;
1020 certificateRevocationList.data = (uint8_t*)OICCalloc(1,CRL_MAX_SIZE);
1021 certificateRevocationList.len = CRL_MAX_SIZE;
1022 EXPECT_EQ(PKI_SUCCESS, CKMGetCRL(&certificateRevocationList));
1023 OICFree(certificateRevocationList.data);
1027 TEST_F(PKITest, CKMSetCAInfo)
1029 ByteArray rootName = BYTE_ARRAY_INITIALIZER;
1030 rootName.data = (uint8_t *)"ROOT2";
1031 rootName.len = strlen((char *)rootName.data);
1032 const long serNum = 100;
1033 EXPECT_EQ(PKI_SUCCESS, CKMSetCAInfo(serNum, rootName));
1036 int main(int argc, char **argv)
1039 unsigned int seed = 0;
1041 urandom = open ("/dev/urandom", O_RDONLY);
1044 fprintf(stderr, "Cannot open /dev/urandom\n");
1048 if(read(urandom, &seed, sizeof(seed)) != sizeof(seed))
1050 fprintf(stderr, "Error read from /dev/urandom\n");
1057 ::testing::InitGoogleTest(&argc, argv);
1058 return RUN_ALL_TESTS();