1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/cryptoservices/certificateandkeymgmt/tpkixcert/testspecs.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,219 @@
1.4 +/*
1.5 +* Copyright (c) 1998-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +*
1.19 +*/
1.20 +
1.21 +
1.22 +#if !defined(__E32STD_H__)
1.23 +#include <e32std.h>
1.24 +#endif
1.25 +
1.26 +#if !defined (__BADESCA_H__)
1.27 +#include <badesca.h>
1.28 +#endif
1.29 +
1.30 +#include <x509certchain.h>
1.31 +
1.32 +_LIT(KCorrectFile1, "correctchain.txt");
1.33 +
1.34 +//certs
1.35 +//thawte root
1.36 +_LIT(KTWSSRoot, "thawteserverca.cer");
1.37 +//rsa/verisign root
1.38 +_LIT(KRSASSCA, "vsignss.cer");
1.39 +_LIT(KRSASSCA_OLD, "rsassca_old.crt");
1.40 + _LIT(KDashnet, "dashnet.crt");
1.41 + _LIT(K3Do, "3do.crt");
1.42 +
1.43 +_LIT(KVSignCA3, "verisignclass3primaryca.cer");
1.44 + _LIT(KVSignServer3, "verisignserverclass3.crt");
1.45 + _LIT(KLloyds, "lloyds.crt");
1.46 +
1.47 +_LIT(KRoot, "CA3_root.crt");
1.48 + _LIT(KCA2, "CA2.crt");
1.49 + _LIT(KCA1, "CA1.crt");
1.50 + _LIT(KEE, "EE.crt");
1.51 +//noise
1.52 +_LIT(KCA1SameDN, "CA1_H_sameDN.crt");
1.53 +_LIT(KCA2SameDN, "CA2_H_sameDN.crt");
1.54 +_LIT(KExtra, "interclear.crt");
1.55 +//
1.56 +_LIT(KGSRoot, "globalsignroot.cer");
1.57 + _LIT(KGSPC1, "globalsignprimaryclass1ca.cer");
1.58 + _LIT(KGSC1, "globalsignclass1ca.cer");
1.59 + _LIT(KGSWB, "willsglobalsign.crt");
1.60 +
1.61 +//fortezza test certs
1.62 +//1st hierachy
1.63 +_LIT(KFortezzaPAA1, "x22paa.crt");
1.64 + _LIT(KFortezzaPCA1, "x22pca1.crt");
1.65 + _LIT(KFortezzaCA1, "x22ca1.crt");
1.66 + //user certs off this...
1.67 + _LIT(KFortezzaCA1EE1, "rich1.crt");
1.68 + _LIT(KFortezzaCA1EE2, "david1.crt");
1.69 + _LIT(KFortezzaExpired, "expired.crt");
1.70 + _LIT(KFortezzaFuture, "future.crt");
1.71 + _LIT(KFortezzaNameMismatch, "nameMismatch.crt");
1.72 + _LIT(KFortezzaInvalidSig, "invalidSig.crt");
1.73 + //next one just tests CRL-related errors, so should validate OK
1.74 + _LIT(KFortezzaKeyCompromise, "KeyCompromise.crt");
1.75 + _LIT(KFortezzaBadSubjName1, "BadSubjName1.crt");
1.76 + _LIT(KFortezzaBadSubjName2, "BadSubjName2.crt");
1.77 + _LIT(KFortezzaInvalidConstraints, "InvalidConstraints.crt");
1.78 + //other sub-hierachies
1.79 + _LIT(KFortezzaTestCA2, "testCA2.crt");
1.80 + _LIT(KFortezzaTestSubCA2, "testSubCA.crt");
1.81 + _LIT(KFortezzaPathLen, "pathLen.crt");
1.82 + _LIT(KFortezzaBadCA1, "BadCA1.crt");
1.83 + _LIT(KFortezzaInvalidCAUser1, "InvalidCAUser1.crt");
1.84 + _LIT(KFortezzaBadCA2, "BadCA2.crt");
1.85 + _LIT(KFortezzaInvalidCAUser2, "InvalidCAUser2.crt");
1.86 +//2nd hierachy
1.87 +_LIT(KFortezzaPAA2, "rn_paa.crt");
1.88 + _LIT(KFortezzaPCA2, "rn_pca.crt");
1.89 + _LIT(KFortezzaCA2, "rn_ca.crt");
1.90 + _LIT(KFortezzaCA2EE1, "rn_user1.crt");
1.91 + _LIT(KFortezzaCA2BadAltName, "rn_BadAltName.crt");
1.92 + _LIT(KFortezzaCA2BadPolicy, "rn_BadPolicy.crt");
1.93 +
1.94 +//3rd hierachy
1.95 +_LIT(KMedRootCA, "1A.cer");
1.96 + _LIT(KMedCA1, "24.cer");
1.97 + _LIT(KMedCA1EE1, "11C5.cer");
1.98 + _LIT(KMedCA1EE2, "139F.cer");
1.99 +
1.100 +//cross certificate
1.101 +_LIT(KFortezzaX22RNCrossCert, "rn_cross.crt");
1.102 +
1.103 +//FINEID certificates
1.104 +_LIT(KFINEIDCitizenCA, "citizen-ca.crt");
1.105 + _LIT(KFINEIDLipponenSign, "lipponen-sign.crt");
1.106 + _LIT(KFINEIDLipponenEncrypt, "lipponen-encrypt.crt");
1.107 +_LIT(KFINEIDTestCA3, "finsign-test3-ca.crt");
1.108 + _LIT(KFINEIDHelsinkiSign, "helsinki-sign.crt");
1.109 + _LIT(KFINEIDHelsinkiEncrypt, "helsinki-encrypt.crt");
1.110 +
1.111 +//apache
1.112 +_LIT(KApacheRSARoot, "ca-rsa.crt");
1.113 + _LIT(KApacheRSAServer, "rsa.crt");
1.114 +_LIT(KApacheDSARoot, "ca-dsa.crt");
1.115 + _LIT(KApacheDSAServer, "dsa.crt");
1.116 +
1.117 +//policy testing
1.118 +_LIT(KX22Policy, "2.16.840.1.101.2.1.11");
1.119 +_LIT(KRNPolicy, "2.16.840.1.101.2.1.11.2");
1.120 +//_LIT(KExtraBogusPolicy, "2.16.840.1.101.2.1.11.4");
1.121 +_LIT(KExtraBogusPolicy, "bogus!!");
1.122 +
1.123 +class CTestChain : public CBase
1.124 + {
1.125 +public:
1.126 + ~CTestChain();
1.127 + CTestChain();
1.128 + virtual void ConstructL();
1.129 + CDesCArray* iServerCerts;
1.130 + CDesCArray* iRootCerts;
1.131 + CDesCArray* iExtraCerts;
1.132 + };
1.133 +
1.134 +class CTestChainBuild : public CTestChain
1.135 + {
1.136 +public:
1.137 + static CTestChainBuild* NewL();
1.138 + static CTestChainBuild* NewLC();
1.139 + ~CTestChainBuild();
1.140 + HBufC* iCorrectChain;
1.141 + };
1.142 +
1.143 +class CTestChainValidate : public CTestChain
1.144 + {
1.145 +public:
1.146 + static CTestChainValidate* NewL();
1.147 + static CTestChainValidate* NewLC();
1.148 + void ConstructL();
1.149 + ~CTestChainValidate();
1.150 + TValidationStatus* iError;
1.151 + CArrayFixFlat<TValidationStatus>* iWarnings;
1.152 + CDesCArray* iPolicies;
1.153 + };
1.154 +
1.155 +class TestSpec
1.156 + {
1.157 +public:
1.158 + TestSpec();
1.159 +//chain build tests
1.160 + CTestChainBuild* TestBuildSpec1();
1.161 + CTestChainBuild* TestBuildSpec2();
1.162 + CTestChainBuild* TestBuildSpec3();
1.163 + CTestChainBuild* TestBuildSpec4();
1.164 + CTestChainBuild* TestBuildSpec5();
1.165 + CTestChainBuild* TestBuildSpec6();
1.166 +
1.167 + CTestChainBuild* TestBuildSpec7();
1.168 + CTestChainBuild* TestBuildSpec8();
1.169 + CTestChainBuild* TestBuildSpec9();
1.170 + CTestChainBuild* TestBuildSpec10();
1.171 + CTestChainBuild* TestBuildSpec11();
1.172 + CTestChainBuild* TestBuildSpec12();
1.173 +
1.174 +//chain validate tests
1.175 +//Fortezza tests
1.176 + CTestChainValidate* TestValidateSpec1();
1.177 + CTestChainValidate* TestValidateSpec2();
1.178 + CTestChainValidate* TestValidateSpec3();
1.179 + CTestChainValidate* TestValidateSpec4();
1.180 + CTestChainValidate* TestValidateSpec5();
1.181 + CTestChainValidate* TestValidateSpec6();
1.182 + CTestChainValidate* TestValidateSpec7();
1.183 + CTestChainValidate* TestValidateSpec8();
1.184 + CTestChainValidate* TestValidateSpec9();
1.185 + CTestChainValidate* TestValidateSpec10();
1.186 + CTestChainValidate* TestValidateSpec11();
1.187 + CTestChainValidate* TestValidateSpec12();
1.188 + CTestChainValidate* TestValidateSpec13();
1.189 + CTestChainValidate* TestValidateSpec14();
1.190 + CTestChainValidate* TestValidateSpec15();
1.191 + CTestChainValidate* TestValidateSpec16();
1.192 + CTestChainValidate* TestValidateSpec17();
1.193 +//lloyds chain
1.194 + CTestChainValidate* TestValidateSpec18();
1.195 +//test case where only one self signed trusted cert is supplied
1.196 + CTestChainValidate* TestValidateSpec19();
1.197 +//test case where only one self signed untrusted cert is supplied
1.198 + CTestChainValidate* TestValidateSpec20();
1.199 +//test case where no certs are supplied (this one should leave)
1.200 + CTestChainValidate* TestValidateSpec21();
1.201 +//test case for chain using RSA+SHA1
1.202 + CTestChainValidate* TestValidateSpec22();
1.203 + CTestChainValidate* TestValidateSpec23();
1.204 +//FINEID test cases
1.205 + CTestChainValidate* TestValidateSpec24();
1.206 + CTestChainValidate* TestValidateSpec25();
1.207 + CTestChainValidate* TestValidateSpec26();
1.208 + CTestChainValidate* TestValidateSpec27();
1.209 +//test warning generated when root cert not self signed
1.210 + CTestChainValidate* TestValidateSpec28();
1.211 +//test case with Apache default certs
1.212 + CTestChainValidate* TestValidateSpec29();
1.213 + CTestChainValidate* TestValidateSpec30();
1.214 +//policy processing tests
1.215 + CTestChainValidate* TestValidateSpec31();
1.216 + CTestChainValidate* TestValidateSpec32();
1.217 + CTestChainValidate* TestValidateSpec33();
1.218 + CTestChainValidate* TestValidateSpec34();
1.219 + CTestChainValidate* TestValidateSpec35();
1.220 + };
1.221 +
1.222 +