|
1 /* |
|
2 * Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 #if !defined(__E32STD_H__) |
|
20 #include <e32std.h> |
|
21 #endif |
|
22 |
|
23 #if !defined (__BADESCA_H__) |
|
24 #include <badesca.h> |
|
25 #endif |
|
26 |
|
27 #include <x509certchain.h> |
|
28 |
|
29 _LIT(KCorrectFile1, "correctchain.txt"); |
|
30 |
|
31 //certs |
|
32 //thawte root |
|
33 _LIT(KTWSSRoot, "thawteserverca.cer"); |
|
34 //rsa/verisign root |
|
35 _LIT(KRSASSCA, "vsignss.cer"); |
|
36 _LIT(KRSASSCA_OLD, "rsassca_old.crt"); |
|
37 _LIT(KDashnet, "dashnet.crt"); |
|
38 _LIT(K3Do, "3do.crt"); |
|
39 |
|
40 _LIT(KVSignCA3, "verisignclass3primaryca.cer"); |
|
41 _LIT(KVSignServer3, "verisignserverclass3.crt"); |
|
42 _LIT(KLloyds, "lloyds.crt"); |
|
43 |
|
44 _LIT(KRoot, "CA3_root.crt"); |
|
45 _LIT(KCA2, "CA2.crt"); |
|
46 _LIT(KCA1, "CA1.crt"); |
|
47 _LIT(KEE, "EE.crt"); |
|
48 //noise |
|
49 _LIT(KCA1SameDN, "CA1_H_sameDN.crt"); |
|
50 _LIT(KCA2SameDN, "CA2_H_sameDN.crt"); |
|
51 _LIT(KExtra, "interclear.crt"); |
|
52 // |
|
53 _LIT(KGSRoot, "globalsignroot.cer"); |
|
54 _LIT(KGSPC1, "globalsignprimaryclass1ca.cer"); |
|
55 _LIT(KGSC1, "globalsignclass1ca.cer"); |
|
56 _LIT(KGSWB, "willsglobalsign.crt"); |
|
57 |
|
58 //fortezza test certs |
|
59 //1st hierachy |
|
60 _LIT(KFortezzaPAA1, "x22paa.crt"); |
|
61 _LIT(KFortezzaPCA1, "x22pca1.crt"); |
|
62 _LIT(KFortezzaCA1, "x22ca1.crt"); |
|
63 //user certs off this... |
|
64 _LIT(KFortezzaCA1EE1, "rich1.crt"); |
|
65 _LIT(KFortezzaCA1EE2, "david1.crt"); |
|
66 _LIT(KFortezzaExpired, "expired.crt"); |
|
67 _LIT(KFortezzaFuture, "future.crt"); |
|
68 _LIT(KFortezzaNameMismatch, "nameMismatch.crt"); |
|
69 _LIT(KFortezzaInvalidSig, "invalidSig.crt"); |
|
70 //next one just tests CRL-related errors, so should validate OK |
|
71 _LIT(KFortezzaKeyCompromise, "KeyCompromise.crt"); |
|
72 _LIT(KFortezzaBadSubjName1, "BadSubjName1.crt"); |
|
73 _LIT(KFortezzaBadSubjName2, "BadSubjName2.crt"); |
|
74 _LIT(KFortezzaInvalidConstraints, "InvalidConstraints.crt"); |
|
75 //other sub-hierachies |
|
76 _LIT(KFortezzaTestCA2, "testCA2.crt"); |
|
77 _LIT(KFortezzaTestSubCA2, "testSubCA.crt"); |
|
78 _LIT(KFortezzaPathLen, "pathLen.crt"); |
|
79 _LIT(KFortezzaBadCA1, "BadCA1.crt"); |
|
80 _LIT(KFortezzaInvalidCAUser1, "InvalidCAUser1.crt"); |
|
81 _LIT(KFortezzaBadCA2, "BadCA2.crt"); |
|
82 _LIT(KFortezzaInvalidCAUser2, "InvalidCAUser2.crt"); |
|
83 //2nd hierachy |
|
84 _LIT(KFortezzaPAA2, "rn_paa.crt"); |
|
85 _LIT(KFortezzaPCA2, "rn_pca.crt"); |
|
86 _LIT(KFortezzaCA2, "rn_ca.crt"); |
|
87 _LIT(KFortezzaCA2EE1, "rn_user1.crt"); |
|
88 _LIT(KFortezzaCA2BadAltName, "rn_BadAltName.crt"); |
|
89 _LIT(KFortezzaCA2BadPolicy, "rn_BadPolicy.crt"); |
|
90 |
|
91 //3rd hierachy |
|
92 _LIT(KMedRootCA, "1A.cer"); |
|
93 _LIT(KMedCA1, "24.cer"); |
|
94 _LIT(KMedCA1EE1, "11C5.cer"); |
|
95 _LIT(KMedCA1EE2, "139F.cer"); |
|
96 |
|
97 //cross certificate |
|
98 _LIT(KFortezzaX22RNCrossCert, "rn_cross.crt"); |
|
99 |
|
100 //FINEID certificates |
|
101 _LIT(KFINEIDCitizenCA, "citizen-ca.crt"); |
|
102 _LIT(KFINEIDLipponenSign, "lipponen-sign.crt"); |
|
103 _LIT(KFINEIDLipponenEncrypt, "lipponen-encrypt.crt"); |
|
104 _LIT(KFINEIDTestCA3, "finsign-test3-ca.crt"); |
|
105 _LIT(KFINEIDHelsinkiSign, "helsinki-sign.crt"); |
|
106 _LIT(KFINEIDHelsinkiEncrypt, "helsinki-encrypt.crt"); |
|
107 |
|
108 //apache |
|
109 _LIT(KApacheRSARoot, "ca-rsa.crt"); |
|
110 _LIT(KApacheRSAServer, "rsa.crt"); |
|
111 _LIT(KApacheDSARoot, "ca-dsa.crt"); |
|
112 _LIT(KApacheDSAServer, "dsa.crt"); |
|
113 |
|
114 //policy testing |
|
115 _LIT(KX22Policy, "2.16.840.1.101.2.1.11"); |
|
116 _LIT(KRNPolicy, "2.16.840.1.101.2.1.11.2"); |
|
117 //_LIT(KExtraBogusPolicy, "2.16.840.1.101.2.1.11.4"); |
|
118 _LIT(KExtraBogusPolicy, "bogus!!"); |
|
119 |
|
120 class CTestChain : public CBase |
|
121 { |
|
122 public: |
|
123 ~CTestChain(); |
|
124 CTestChain(); |
|
125 virtual void ConstructL(); |
|
126 CDesCArray* iServerCerts; |
|
127 CDesCArray* iRootCerts; |
|
128 CDesCArray* iExtraCerts; |
|
129 }; |
|
130 |
|
131 class CTestChainBuild : public CTestChain |
|
132 { |
|
133 public: |
|
134 static CTestChainBuild* NewL(); |
|
135 static CTestChainBuild* NewLC(); |
|
136 ~CTestChainBuild(); |
|
137 HBufC* iCorrectChain; |
|
138 }; |
|
139 |
|
140 class CTestChainValidate : public CTestChain |
|
141 { |
|
142 public: |
|
143 static CTestChainValidate* NewL(); |
|
144 static CTestChainValidate* NewLC(); |
|
145 void ConstructL(); |
|
146 ~CTestChainValidate(); |
|
147 TValidationStatus* iError; |
|
148 CArrayFixFlat<TValidationStatus>* iWarnings; |
|
149 CDesCArray* iPolicies; |
|
150 }; |
|
151 |
|
152 class TestSpec |
|
153 { |
|
154 public: |
|
155 TestSpec(); |
|
156 //chain build tests |
|
157 CTestChainBuild* TestBuildSpec1(); |
|
158 CTestChainBuild* TestBuildSpec2(); |
|
159 CTestChainBuild* TestBuildSpec3(); |
|
160 CTestChainBuild* TestBuildSpec4(); |
|
161 CTestChainBuild* TestBuildSpec5(); |
|
162 CTestChainBuild* TestBuildSpec6(); |
|
163 |
|
164 CTestChainBuild* TestBuildSpec7(); |
|
165 CTestChainBuild* TestBuildSpec8(); |
|
166 CTestChainBuild* TestBuildSpec9(); |
|
167 CTestChainBuild* TestBuildSpec10(); |
|
168 CTestChainBuild* TestBuildSpec11(); |
|
169 CTestChainBuild* TestBuildSpec12(); |
|
170 |
|
171 //chain validate tests |
|
172 //Fortezza tests |
|
173 CTestChainValidate* TestValidateSpec1(); |
|
174 CTestChainValidate* TestValidateSpec2(); |
|
175 CTestChainValidate* TestValidateSpec3(); |
|
176 CTestChainValidate* TestValidateSpec4(); |
|
177 CTestChainValidate* TestValidateSpec5(); |
|
178 CTestChainValidate* TestValidateSpec6(); |
|
179 CTestChainValidate* TestValidateSpec7(); |
|
180 CTestChainValidate* TestValidateSpec8(); |
|
181 CTestChainValidate* TestValidateSpec9(); |
|
182 CTestChainValidate* TestValidateSpec10(); |
|
183 CTestChainValidate* TestValidateSpec11(); |
|
184 CTestChainValidate* TestValidateSpec12(); |
|
185 CTestChainValidate* TestValidateSpec13(); |
|
186 CTestChainValidate* TestValidateSpec14(); |
|
187 CTestChainValidate* TestValidateSpec15(); |
|
188 CTestChainValidate* TestValidateSpec16(); |
|
189 CTestChainValidate* TestValidateSpec17(); |
|
190 //lloyds chain |
|
191 CTestChainValidate* TestValidateSpec18(); |
|
192 //test case where only one self signed trusted cert is supplied |
|
193 CTestChainValidate* TestValidateSpec19(); |
|
194 //test case where only one self signed untrusted cert is supplied |
|
195 CTestChainValidate* TestValidateSpec20(); |
|
196 //test case where no certs are supplied (this one should leave) |
|
197 CTestChainValidate* TestValidateSpec21(); |
|
198 //test case for chain using RSA+SHA1 |
|
199 CTestChainValidate* TestValidateSpec22(); |
|
200 CTestChainValidate* TestValidateSpec23(); |
|
201 //FINEID test cases |
|
202 CTestChainValidate* TestValidateSpec24(); |
|
203 CTestChainValidate* TestValidateSpec25(); |
|
204 CTestChainValidate* TestValidateSpec26(); |
|
205 CTestChainValidate* TestValidateSpec27(); |
|
206 //test warning generated when root cert not self signed |
|
207 CTestChainValidate* TestValidateSpec28(); |
|
208 //test case with Apache default certs |
|
209 CTestChainValidate* TestValidateSpec29(); |
|
210 CTestChainValidate* TestValidateSpec30(); |
|
211 //policy processing tests |
|
212 CTestChainValidate* TestValidateSpec31(); |
|
213 CTestChainValidate* TestValidateSpec32(); |
|
214 CTestChainValidate* TestValidateSpec33(); |
|
215 CTestChainValidate* TestValidateSpec34(); |
|
216 CTestChainValidate* TestValidateSpec35(); |
|
217 }; |