test.h

老外写的加密库cryptlib(版本3.1)

  #define PGP_SIG_FILE_TEMPLATE		"testlib/zsig%d"
  #define PGP_COPR_FILE_TEMPLATE	"testlib/zcopr%d"

  #define COMPRESS_FILE				"testlib/test"
#elif defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ )
  #define TEST_PRIVKEY_FILE			":test:key_test.p15"
  #define TEST_PRIVKEY_ALT_FILE		":test:key_test.p12"
  #define CA_PRIVKEY_FILE			":test:key_ca.p15"
  #define ICA_PRIVKEY_FILE			":test:key_ica.p15"
  #define SCEPCA_PRIVKEY_FILE		":test:key_sca.p15"
  #define USER_PRIVKEY_FILE			":test:key_user.p15"
  #define DUAL_PRIVKEY_FILE			":test:key_dual.p15"
  #define RENEW_PRIVKEY_FILE		":test:key_ren.p15"
  #define BIG_PRIVKEY_FILE			":test:key_big.p15"
  #define CMP_PRIVKEY_FILE_TEMPLATE	":test:key_cmp%d.p15"
  #define PNP_PRIVKEY_FILE			":test:key_pnp.p15"
  #define SERVER_PRIVKEY_FILE		":test:key_srv.p15"
  #define SSH_PRIVKEY_FILE			":test:key_ssh.p15"
  #define TSA_PRIVKEY_FILE			":test:key_tsa.p15"

  #define PGP_PUBKEY_FILE			":test:pubring.pgp"
  #define PGP_PRIVKEY_FILE			":test:secring.pgp"
  #define OPENPGP_PUBKEY_FILE		":test:pubring.gpg"
  #define OPENPGP_PRIVKEY_FILE		":test:secring.gpg"
  #define OPENPGP_PUBKEY_HASH_FILE	":test:pubrinh.gpg"
  #define OPENPGP_PRIVKEY_HASH_FILE	":test:secrinh.gpg"
  #define NAIPGP_PUBKEY_FILE		":test:pubring.pkr"
  #define NAIPGP_PRIVKEY_FILE		":test:secring.skr"
  #define PKCS12_FILE				":test:key.p12"

  #define CERT_FILE_TEMPLATE		":test:cert%d.der"
  #define BASE64CERT_FILE_TEMPLATE	":test:cert%d.asc"
  #define BROKEN_CERT_FILE			":test:certb.der"
  #define BROKEN_USER_CERT_FILE		":test:certbus.der"
  #define BROKEN_CA_CERT_FILE		":test:certbca.der"
  #define CERTREQ_FILE_TEMPLATE		":test:certreq%d.der"
  #define CRL_FILE_TEMPLATE			":test:crl%d.der"
  #define CERTCHAIN_FILE_TEMPLATE	":test:certchn%d.der"
  #define RTCS_OK_FILE				":test:rtcsrok.der"
  #define OCSP_OK_FILE				":test:ocsprok.der"
  #define OCSP_REV_FILE				":test:ocsprrev.der"
  #define OCSP_CA_FILE				":test:ocspca.der"
  #define CRLCERT_FILE_TEMPLATE		":test:crl_cert%d.der"
  #define CHAINCERT_FILE_TEMPLATE	":test:chn_cert%d.der"
  #define RTCS_FILE_TEMPLATE		":test:rtcs_ee%do.der"
  #define OCSP_CA_FILE_TEMPLATE		":test:ocsp_ca%d.der"
  #define OCSP_EEOK_FILE_TEMPLATE	":test:ocsp_ee%do.der"
  #define OCSP_EEREV_FILE_TEMPLATE	":test:ocsp_ee%dr.der"
  #define CMP_CA_FILE_TEMPLATE		":test:cmp_ca%d.der"
  #define SCEP_CA_FILE_TEMPLATE		":test:scep_ca%d.der"

  #define SMIME_SIG_FILE_TEMPLATE	":est:smime%d.p7s"
  #define SMIME_ENVELOPED_FILE		":test:smime.p7m"
  #define PGP_ENC_FILE_TEMPLATE		":test:enc%d.pgp"
  #define PGP_PKE_FILE_TEMPLATE		":test:enc_pk%d.pgp"
  #define OPENPGP_PKE_FILE_TEMPLATE	":test:enc_pk%d.gpg"
  #define PGP_SIG_FILE_TEMPLATE		":test:sig%d.pgp"
  #define PGP_COPR_FILE_TEMPLATE	":test:copr%d.pgp"

  #define COMPRESS_FILE				":test:test.h"
#elif defined( DDNAME_IO )
  #define TEST_PRIVKEY_FILE			"DD:CLBTEST"
  #define TEST_PRIVKEY_ALT_FILE		"DD:CLBTESTA"
  #define CA_PRIVKEY_FILE			"DD:CLBP15(KEYCA)"
  #define ICA_PRIVKEY_FILE			"DD:CLBP15(KEYICA)"
  #define SCEPCA_PRIVKEY_FILE		"DD:CLBP15(KEYSCA)"
  #define USER_PRIVKEY_FILE			"DD:CLBP15(KEYUSER)"
  #define DUAL_PRIVKEY_FILE			"DD:CLBP15(KEYDUAL)"
  #define RENEW_PRIVKEY_FILE		"DD:CLBP15(KEYREN)"
  #define BIG_PRIVKEY_FILE			"DD:CLBP15(KEYBIG)"
  #define CMP_PRIVKEY_FILE_TEMPLATE	"DD:CLBP15(KEYCMP%d)"
  #define PNP_PRIVKEY_FILE			"DD:CLBP15(KEYPNP)"
  #define SERVER_PRIVKEY_FILE		"DD:CLBP15(KEYSRV)"
  #define SSH_PRIVKEY_FILE			"DD:CLBP15(KEYSSH)"
  #define TSA_PRIVKEY_FILE			"DD:CLBP15(KEYTSA)"

  #define PGP_PUBKEY_FILE			"DD:CLBPGP(PUBRING)"
  #define PGP_PRIVKEY_FILE			"DD:CLBPGP(SECRING)"
  #define OPENPGP_PUBKEY_FILE		"DD:CLBGPG(PUBRING)"
  #define OPENPGP_PRIVKEY_FILE		"DD:CLBGPG(SECRING)"
  #define OPENPGP_PUBKEY_HASH_FILE	"DD:CLBGPG(PUBRINH)"
  #define OPENPGP_PRIVKEY_HASH_FILE	"DD:CLBGPG(SECRINH)"
  #define NAIPGP_PUBKEY_FILE		"DD:CLBPKR(PUBRING)"
  #define NAIPGP_PRIVKEY_FILE		"DD:CLBSKR(SECRING)"
  #define PKCS12_FILE				"DD:CLBP12(KEY)"

  #define CERT_FILE_TEMPLATE		"DD:CLBDER(CERT%d)"
  #define BASE64CERT_FILE_TEMPLATE	"DD:CLBDER(CERT%d)"
  #define BROKEN_CERT_FILE			"DD:CLBDER(CERTB)"
  #define BROKEN_USER_CERT_FILE		"DD:CLBDER(CERTBUS)"
  #define BROKEN_CA_CERT_FILE		"DD:CLBDER(CERTBCA)"
  #define CERTREQ_FILE_TEMPLATE		"DD:CLBDER(CERTREQ%d)"
  #define CRL_FILE_TEMPLATE			"DD:CLBDER(CRL%d)"
  #define CERTCHAIN_FILE_TEMPLATE	"DD:CLBDER(CERTCHN%d)"
  #define RTCS_OK_FILE				"DD:CLBDER(RTCSROK)"
  #define OCSP_OK_FILE				"DD:CLBDER(OCSPROK)"
  #define OCSP_REV_FILE				"DD:CLBDER(OCSPRREV)"
  #define OCSP_CA_FILE				"DD:CLBDER(OCSPCA)"
  #define CRLCERT_FILE_TEMPLATE		"DD:CLBDER(CRLCERT%d)"
  #define CHAINCERT_FILE_TEMPLATE	"DD:CLBDER(CHNCERT%d)"
  #define RTCS_FILE_TEMPLATE		"DD:CLBDER(RTCSEE%dO)"
  #define OCSP_CA_FILE_TEMPLATE		"DD:CLBDER(OCSPCA%d)"
  #define OCSP_EEOK_FILE_TEMPLATE	"DD:CLBDER(OCSPEE%dO)"
  #define OCSP_EEREV_FILE_TEMPLATE	"DD:CLBDER(OCSPEE%dR)"
  #define CMP_CA_FILE_TEMPLATE		"DD:CLBDER(CMPCA%d)"
  #define SCEP_CA_FILE_TEMPLATE		"DD:CLBDER(SCEPCA%d)"

  #define SMIME_SIG_FILE_TEMPLATE	"DD:CLBP7S(SMIME%d)"
  #define SMIME_ENVELOPED_FILE		"DD:CLBP7M(SMIME)"
  #define PGP_ENC_FILE_TEMPLATE		"DD:CLBPGP(ENC%d)"
  #define PGP_PKE_FILE_TEMPLATE		"DD:CLBPGP(ENCPK%d)"
  #define OPENPGP_PKE_FILE_TEMPLATE	"DD:CLBGPG(ENCPK%d)"
  #define PGP_SIG_FILE_TEMPLATE		"DD:CLBPGP(SIG%d)"
  #define PGP_COPR_FILE_TEMPLATE	"DD:CLBPGP(COPR%d)"

  #define COMPRESS_FILE				"DD:CLBCMP(TEST)"
#else
  #define TEST_PRIVKEY_FILE			"test/key_test.p15"
  #define TEST_PRIVKEY_ALT_FILE		"test/key_test.p12"
  #define CA_PRIVKEY_FILE			"test/key_ca.p15"
  #define ICA_PRIVKEY_FILE			"test/key_ica.p15"
  #define SCEPCA_PRIVKEY_FILE		"test/key_sca.p15"
  #define USER_PRIVKEY_FILE			"test/key_user.p15"
  #define DUAL_PRIVKEY_FILE			"test/key_dual.p15"
  #define RENEW_PRIVKEY_FILE		"test/key_ren.p15"
  #define BIG_PRIVKEY_FILE			"test/key_big.p15"
  #define CMP_PRIVKEY_FILE_TEMPLATE	"test/key_cmp%d.p15"
  #define PNP_PRIVKEY_FILE			"test/key_pnp.p15"
  #define SERVER_PRIVKEY_FILE		"test/key_srv.p15"
  #define SSH_PRIVKEY_FILE			"test/key_ssh.p15"
  #define TSA_PRIVKEY_FILE			"test/key_tsa.p15"

  #define PGP_PUBKEY_FILE			"test/pubring.pgp"
  #define PGP_PRIVKEY_FILE			"test/secring.pgp"
  #define OPENPGP_PUBKEY_FILE		"test/pubring.gpg"
  #define OPENPGP_PRIVKEY_FILE		"test/secring.gpg"
  #define OPENPGP_PUBKEY_HASH_FILE	"test/pubrinh.gpg"
  #define OPENPGP_PRIVKEY_HASH_FILE	"test/secrinh.gpg"
  #define NAIPGP_PUBKEY_FILE		"test/pubring.pkr"
  #define NAIPGP_PRIVKEY_FILE		"test/secring.skr"
  #define PKCS12_FILE				"test/key.p12"

  #define CERT_FILE_TEMPLATE		"test/cert%d.der"
  #define BASE64CERT_FILE_TEMPLATE	"test/cert%d.asc"
  #define BROKEN_CERT_FILE			"test/certb.der"
  #define BROKEN_USER_CERT_FILE		"test/certbus.der"
  #define BROKEN_CA_CERT_FILE		"test/certbca.der"
  #define CERTREQ_FILE_TEMPLATE		"test/certreq%d.der"
  #define CRL_FILE_TEMPLATE			"test/crl%d.der"
  #define CERTCHAIN_FILE_TEMPLATE	"test/certchn%d.der"
  #define RTCS_OK_FILE				"test/rtcsrok.der"
  #define OCSP_OK_FILE				"test/ocsprok.der"
  #define OCSP_REV_FILE				"test/ocsprrev.der"
  #define OCSP_CA_FILE				"test/ocspca.der"
  #define CRLCERT_FILE_TEMPLATE		"test/crl_cert%d.der"
  #define CHAINCERT_FILE_TEMPLATE	"test/chn_cert%d.der"
  #define RTCS_FILE_TEMPLATE		"test/rtcs_ee%do.der"
  #define OCSP_CA_FILE_TEMPLATE		"test/ocsp_ca%d.der"
  #define OCSP_EEOK_FILE_TEMPLATE	"test/ocsp_ee%do.der"
  #define OCSP_EEREV_FILE_TEMPLATE	"test/ocsp_ee%dr.der"
  #define CMP_CA_FILE_TEMPLATE		"test/cmp_ca%d.der"
  #define SCEP_CA_FILE_TEMPLATE		"test/scep_ca%d.der"

  #define SMIME_SIG_FILE_TEMPLATE	"test/smime%d.p7s"
  #define SMIME_ENVELOPED_FILE		"test/smime.p7m"
  #define PGP_ENC_FILE_TEMPLATE		"test/enc%d.pgp"
  #define PGP_PKE_FILE_TEMPLATE		"test/enc_pk%d.pgp"
  #define OPENPGP_PKE_FILE_TEMPLATE	"test/enc_pk%d.gpg"
  #define PGP_SIG_FILE_TEMPLATE		"test/sig%d.pgp"
  #define PGP_COPR_FILE_TEMPLATE	"test/copr%d.pgp"

  #define COMPRESS_FILE				"test/test.h"
#endif /* OS-specific naming */

/* Since the handling of filenames can get unwieldy when we have large
   numbers of similar files, we use a function to map a filename template
   and number into an actual filename rather the having to use huge
   numbers of defines */

#define filenameFromTemplate( buffer, fileTemplate, count ) \
		sprintf( buffer, fileTemplate, count )

/* When we're using common code to handle a variety of key file types for
   key read/encryption/signing tests, we need to distinguish between the
   different key files to use.  The following types are handled in the test
   code */

typedef enum { KEYFILE_X509, KEYFILE_PGP, KEYFILE_OPENPGP,
			   KEYFILE_OPENPGP_HASH, KEYFILE_NAIPGP } KEYFILE_TYPE;

/* The generic password for private keys */

#define TEST_PRIVKEY_PASSWORD	"test"

/* The database keyset type and name.  Under Windoze we use ODBC, for
   anything else we use the first database which is enabled by a preprocessor
   define, defaulting to an internal plugin (which doesn't have to be
   available, if it's not present we continue after printing a warning) */

#if defined( _MSC_VER )
  #define DATABASE_KEYSET_TYPE	CRYPT_KEYSET_ODBC
  #define CERTSTORE_KEYSET_TYPE	CRYPT_KEYSET_ODBC_STORE
#elif defined( DBX_MYSQL )
  #define DATABASE_KEYSET_TYPE	CRYPT_KEYSET_DATABASE
  #define CERTSTORE_KEYSET_TYPE	CRYPT_KEYSET_DATABASE_STORE
#elif defined( DBX_PLUGIN )
  #define DATABASE_KEYSET_TYPE	CRYPT_KEYSET_PLUGIN
  #define CERTSTORE_KEYSET_TYPE	CRYPT_KEYSET_PLUGIN_STORE
#else
  #define DATABASE_KEYSET_TYPE	CRYPT_KEYSET_DATABASE
  #define CERTSTORE_KEYSET_TYPE	CRYPT_KEYSET_DATABASE_STORE
#endif /* Various database backends */
#define DATABASE_KEYSET_NAME		"testkeys"
#define CERTSTORE_KEYSET_NAME		"testcertstore"
#define DATABASE_PLUGIN_KEYSET_NAME	"localhost:6500"

/* Some LDAP keyset names and names of probably-present certs and CRLs.
   These keysets (and their contents) come and go, so we have a variety of
   them and try them in turn until something works.  There's a list of more
   LDAP servers at http://www.dante.net/np/pdi.html, but none of these are
   known to contain certificates */

#define LDAP_KEYSET_NAME1		"ldap.diginotar.nl"
#define LDAP_CERT_NAME1			"cn=Root Certificaat Productie, "\
								"o=DigiNotar Root,c=NL"
#define LDAP_CRL_NAME1			"CN=CRL Productie,O=DigiNotar CRL,C=NL"
#define LDAP_KEYSET_NAME2		"ds.katalog.posten.se"
#define LDAP_CERT_NAME2			"cn=Posten CertPolicy_eIDKort_1 CA_nyckel_1, " \
								"o=Posten_Sverige_AB 556451-4148, c=SE"
#define LDAP_CRL_NAME2			"cn=Posten CertPolicy_eIDKort_1 CA_nyckel_1, " \
								"o=Posten_Sverige_AB 556451-4148, c=SE"

/* The HTTP keyset names (actually URLs for pages containing a cert and
   CRL) */

#define HTTP_KEYSET_CERT_NAME	"www.thawte.com/persfree.crt"
#define HTTP_KEYSET_CRL_NAME	"crl.verisign.com/Class1Individual.crl"
#define HTTP_KEYSET_HUGECRL_NAME "crl.verisign.com/RSASecureServer.crl"

/* Assorted default server names and authentication information, and the PKI
   SRV server (redirecting to mail.cryptoapps.com:8080).  There are so many
   TSP, OCSP, and CMP servers, and they never stay around for long, that we
   allow remapping in the functions where the secure session tests are
   performed */

#define SSH_USER_NAME			"test"
#define SSH_PASSWORD			"test"
#define SSL_USER_NAME			"test"
#define SSL_PASSWORD			"test"
#define PKI_SRV_NAME			"_pkiboot._tcp.cryptoapps.com"
#define TSP_DEFAULTSERVER_NAME	"http://www.edelweb.fr/cgi-bin/service-tsp"

/* Labels for the various public-key objects.  These are needed when the
   underlying implementation creates persistent objects (eg keys held in PKCS
   #11 tokens) that need to be identified */

#define RSA_PUBKEY_LABEL		"Test RSA public key"
#define RSA_PRIVKEY_LABEL		"Test RSA private key"
#define RSA_BIG_PRIVKEY_LABEL	"Test RSA big private key"
#define DSA_PUBKEY_LABEL		"Test DSA sigcheck key"
#define DSA_PRIVKEY_LABEL		"Test DSA signing key"
#define ELGAMAL_PUBKEY_LABEL	"Test Elgamal public key"
#define ELGAMAL_PRIVKEY_LABEL	"Test Elgamal private key"
#define DH_KEY1_LABEL			"Test DH key #1"
#define DH_KEY2_LABEL			"Test DH key #2"
#define CA_PRIVKEY_LABEL		RSA_PRIVKEY_LABEL
#define USER_PRIVKEY_LABEL		"Test user key"
#define USER_EMAIL				"dave@wetaburgers.com"
#define DUAL_SIGNKEY_LABEL		"Test signing key"
#define DUAL_ENCRYPTKEY_LABEL	"Test encryption key"
#define SSH_PRIVKEY_LABEL		"SSH host key"

/* A structure that allows us to specify a collection of extension
   components.  This is used when adding a collection of extensions to a
   cert */

typedef enum { IS_VOID, IS_NUMERIC, IS_STRING, IS_WCSTRING,
			   IS_TIME } COMPONENT_TYPE;

typedef struct {
	const CRYPT_ATTRIBUTE_TYPE type;/* Extension component ID */
	const COMPONENT_TYPE componentType;	/* Component type */
	const int numericValue;			/* Value if numeric */
	const void *stringValue;		/* Value if string */
	const time_t timeValue;			/* Value if time */
	} CERT_DATA;

/****************************************************************************
*																			*
*								Utility Functions							*
*																			*
****************************************************************************/

/* Prototypes for functions in certutil.c */

void printErrorAttributeInfo( const CRYPT_CERTIFICATE certificate );