📄 testlib.c
字号:
if( status )
testReadCertHTTP();
#else
puts( "Skipping test of keyset read routines...\n" );
#endif /* TEST_KEYSET */
/* Test the certificate processing and CA cert management functionality */
#ifdef TEST_CERTPROCESS
if( !testCertProcess() )
goto errorExit;
status = testCertManagement();
if( status == CRYPT_ERROR_NOTAVAIL )
puts( "Handling for CA certificate stores doesn't appear to be "
"enabled in this\nbuild of cryptlib, skipping the test of "
"the certificate management routines.\n" );
else
if( !status )
goto errorExit;
#else
puts( "Skipping test of certificate handling/CA management...\n" );
#endif /* TEST_CERTPROCESS */
/* Test the high-level routines (these are similar to the mid-level
routines but rely on things like certificate management to work) */
#ifdef TEST_HIGHLEVEL
if( !testKeyExportImportCMS() )
goto errorExit;
if( !testSignDataCMS() )
goto errorExit;
#endif /* TEST_HIGHLEVEL */
/* Test the enveloping routines */
#ifdef TEST_ENVELOPE
if( !testEnvelopeData() )
goto errorExit;
if( !testEnvelopeDataLargeBuffer() )
goto errorExit;
if( !testEnvelopeCompress() )
goto errorExit;
if( !testEnvelopeCompressedDataImport() )
goto errorExit;
if( !testEnvelopeSessionCrypt() )
goto errorExit;
if( !testEnvelopeSessionCryptLargeBuffer() )
goto errorExit;
if( !testEnvelopeCrypt() )
goto errorExit;
if( !testEnvelopePasswordCrypt() )
goto errorExit;
if( !testEnvelopePasswordCryptImport() )
goto errorExit;
if( !testEnvelopePKCCrypt() )
goto errorExit;
if( !testEnvelopePKCCryptImport() )
goto errorExit;
if( !testEnvelopeSign() )
goto errorExit;
if( !testEnvelopeSignOverflow() )
goto errorExit;
if( !testEnvelopeSignedDataImport() )
goto errorExit;
if( !testEnvelopeAuthenticate() )
goto errorExit;
if( !testCMSEnvelopePKCCrypt() )
goto errorExit;
if( !testCMSEnvelopePKCCryptDoubleCert() )
goto errorExit;
if( !testCMSEnvelopeSign() )
goto errorExit;
if( !testCMSEnvelopeDualSign() )
goto errorExit;
if( !testCMSEnvelopeDetachedSig() )
goto errorExit;
if( !testCMSEnvelopeSignedDataImport() )
goto errorExit;
#else
puts( "Skipping test of enveloping routines...\n" );
#endif /* TEST_ENVELOPE */
/* Test the session routines */
#ifdef TEST_SESSION
status = testSessionUrlParse();
if( !status )
goto errorExit;
if( status == CRYPT_ERROR_NOTAVAIL )
puts( "Network access doesn't appear to be enabled in this build of "
"cryptlib,\nskipping the test of the secure session routines.\n" );
else
{
if( !testSessionSSHv1() )
goto errorExit;
if( !testSessionSSH() )
goto errorExit;
if( !testSessionSSHClientCert() )
goto errorExit;
if( !testSessionSSHPortforward() )
goto errorExit;
if( !testSessionSSL() )
goto errorExit;
if( !testSessionSSLLocalSocket() )
goto errorExit;
if( !testSessionTLS() )
goto errorExit;
if( !testSessionTLS11() )
goto errorExit;
if( !testSessionOCSP() )
goto errorExit;
if( !testSessionTSP() )
goto errorExit;
if( !testSessionEnvTSP() )
goto errorExit;
if( !testSessionCMP() )
goto errorExit;
/* Test loopback client/server sessions. These require a threaded
OS and are aliased to nops on non-threaded systems. In addition
there can be synchronisation problems between the two threads if
the server is delayed for some reason, resulting in the client
waiting for a socket that isn't opened yet. This isn't easy to
fix without a lot of explicit intra-thread synchronisation, if
there's a problem it's easier to just re-run the tests */
if( !testSessionSSHv1ClientServer() )
goto errorExit;
if( !testSessionSSHClientServer() )
goto errorExit;
if( !testSessionSSHClientServerFingerprint() )
goto errorExit;
if( !testSessionSSHClientServerPortForward() )
goto errorExit;
if( !testSessionSSHClientServerMultichannel() )
goto errorExit;
if( !testSessionSSLClientServer() )
goto errorExit;
if( !testSessionSSLClientCertClientServer() )
goto errorExit;
if( !testSessionTLSClientServer() )
goto errorExit;
if( !testSessionTLSSharedKeyClientServer() )
goto errorExit;
if( !testSessionTLSBulkTransferClientServer() )
goto errorExit;
if( !testSessionTLS11ClientServer() )
goto errorExit;
if( !testSessionHTTPCertstoreClientServer() )
goto errorExit;
if( !testSessionRTCSClientServer() )
goto errorExit;
if( !testSessionOCSPClientServer() )
goto errorExit;
if( !testSessionTSPClientServer() )
goto errorExit;
if( !testSessionTSPClientServerPersistent() )
goto errorExit;
if( !testSessionSCEPClientServer() )
goto errorExit;
if( !testSessionCMPClientServer() )
goto errorExit;
if( !testSessionCMPPKIBootClientServer() )
goto errorExit;
if( !testSessionPNPPKIClientServer() )
goto errorExit;
if( !testSessionPNPPKICAClientServer() )
goto errorExit;
}
#endif /* TEST_SESSION */
/* Test the user routines */
#ifdef TEST_USER
if( !testUser() )
goto errorExit;
#endif /* TEST_USER */
/* Shut down cryptlib */
status = cryptEnd();
if( cryptStatusError( status ) )
{
if( status == CRYPT_ERROR_INCOMPLETE )
puts( "cryptEnd() failed with error code CRYPT_ERROR_INCOMPLETE, "
"a code path in the\nself-test code resulted in an error "
"return without a full cleanup of objects.\nIf you were "
"running the multithreaded loopback tests this may be "
"because one\nor more threads lost sync with other threads "
"and exited without cleaning up\nits objects. This "
"happens occasionally due to network timing issues or\n"
"thread scheduling differences." );
else
printf( "cryptEnd() failed with error code %d.\n", status );
goto errorExit1;
}
puts( "All tests concluded successfully." );
return( EXIT_SUCCESS );
/* All errors end up here */
#if defined( TEST_LOWLEVEL ) || defined( TEST_MIDLEVEL ) || \
defined( TEST_DEVICE ) || defined( TEST_CERT ) || \
defined( TEST_KEYSET ) || defined( TEST_CERTPROCESS ) || \
defined( TEST_CERTMANAGEMENT ) || defined( TEST_HIGHLEVEL ) || \
defined( TEST_ENVELOPE ) || defined( TEST_SESSION ) || \
defined( TEST_SESSION ) || defined( TEST_USER )
errorExit:
cryptEnd();
#endif /* Eliminate compiler warning about unreferenced label */
errorExit1:
puts( "\nThe test was aborted due to an error being detected. If you "
"want to report\nthis problem, please provide as much information "
"as possible to allow it to\nbe diagnosed, for example the call "
"stack, the location inside cryptlib where\nthe problem occurred, "
"and the values of any variables that might be\nrelevant." );
#ifdef WINDOWS_THREADS
puts( "\nIf the error occurred during one of the multi-threaded network "
"loopback\ntests, this was probably due to the different threads "
"losing synchronisation.\nFor the secure sessions this usually "
"results in read/write, timeout, or\nconnection-closed errors "
"when one thread is pre-empted for too long. For the\n"
"certificate-management sessions it usually results in an error "
"related to the\nserver being pre-empted for too long by database "
"updates. Since the self-\ntest exists only to exercise "
"cryptlib's capabilities, it doesn't bother with\ncomplex thread "
"synchronisation during the multi-threaded loopback tests.\nThis "
"type of error is non-fatal, and should disappear if the test is "
"re-run." );
#endif /* WINDOWS_THREADS */
#ifdef __WINDOWS__
/* The pseudo-CLI VC++ output windows are closed when the program exits
so we have to explicitly wait to allow the user to read them */
puts( "\nHit a key..." );
getchar();
#endif /* __WINDOWS__ */
return( EXIT_FAILURE );
}
/* PalmOS wrapper for main() */
#ifdef __PALMSOURCE__
#include <CmnErrors.h>
#include <CmnLaunchCodes.h>
uint32_t PilotMain( uint16_t cmd, void *cmdPBP, uint16_t launchFlags )
{
switch( cmd )
{
case sysAppLaunchCmdNormalLaunch:
main( 0, NULL );
}
return( errNone );
}
#endif /* __PALMSOURCE__ */
/* Test the system-specific defines in crypt.h. This is the last function in
the file because we want to avoid any definitions in crypt.h messing with
the rest of the test.c code.
The following include is needed only so we can check whether the defines
are set right. crypt.h should never be included in a program that uses
cryptlib */
#undef __WINDOWS__
#undef __WIN16__
#undef __WIN32__
#undef BOOLEAN
#undef BYTE
#undef FALSE
#undef TRUE
#if defined( __MVS__ ) || defined( __VMCMS__ )
#pragma convlit( resume )
#endif /* Resume ASCII use on EBCDIC systems */
#if defined( __ILEC400__ )
#pragma convert( 819 )
#endif /* Resume ASCII use on EBCDIC systems */
#ifdef _MSC_VER
#include "../crypt.h"
#else
#include "crypt.h"
#endif /* Braindamaged MSC include handling */
#if defined( __MVS__ ) || defined( __VMCMS__ )
#pragma convlit( suspend )
#endif /* Suspend ASCII use on EBCDIC systems */
#if defined( __ILEC400__ )
#pragma convert( 0 )
#endif /* Suspend ASCII use on EBCDIC systems */
#undef mktime /* Undo mktime() bugfix in crypt.h */
#ifndef _WIN32_WCE
static time_t testTime( const int year )
{
struct tm theTime;
memset( &theTime, 0, sizeof( struct tm ) );
theTime.tm_isdst = -1;
theTime.tm_year = 100 + year;
theTime.tm_mon = 5;
theTime.tm_mday = 5;
theTime.tm_hour = 12;
theTime.tm_min = 13;
theTime.tm_sec = 14;
return( mktime( &theTime ) );
}
#endif /* !WinCE */
void testSystemSpecific( void )
{
int bigEndian;
#ifndef _WIN32_WCE
int i;
#endif /* WinCE */
/* Make sure that we've got the endianness set right. If the machine is
big-endian (up to 64 bits) the following value will be signed,
otherwise it will be unsigned. We can't easily test for things like
middle-endianness without knowing the size of the data types, but
then again it's unlikely we're being run on a PDP-11 */
bigEndian = ( *( long * ) "\x80\x00\x00\x00\x00\x00\x00\x00" < 0 );
#ifdef DATA_LITTLEENDIAN
if( bigEndian )
{
puts( "The CPU endianness define is set wrong in crypt.h, this "
"machine appears to be\nbig-endian, not little-endian. Edit "
"the file and rebuild cryptlib." );
exit( EXIT_FAILURE );
}
#else
if( !bigEndian )
{
puts( "The CPU endianness define is set wrong in crypt.h, this "
"machine appears to be\nlittle-endian, not big-endian. Edit "
"the file and rebuild cryptlib." );
exit( EXIT_FAILURE );
}
#endif /* DATA_LITTLEENDIAN */
/* Make sure that the compiler doesn't use variable-size enums */
if( sizeof( CRYPT_ALGO_TYPE ) != sizeof( int ) || \
sizeof( CRYPT_MODE_TYPE ) != sizeof( int ) ||
sizeof( CRYPT_ATTRIBUTE_TYPE ) != sizeof( int ) )
{
puts( "The compiler you are using treats enumerated types as "
"variable-length non-\ninteger values, making it impossible "
"to reliably pass the address of an\nenum as a function "
"parameter. To fix this, you need to rebuild cryptlib\nwith "
"the appropriate compiler option or pragma to ensure that\n"
"sizeof( enum ) == sizeof( int )." );
exit( EXIT_FAILURE );
}
/* Make sure that mktime() works properly (there are some systems on
which it fails well before 2038) */
#ifndef _WIN32_WCE
for( i = 10; i < 36; i ++ )
{
const time_t theTime = testTime( i );
if( theTime < 0 )
{
printf( "Warning: This system has a buggy mktime() that can't "
"handle dates beyond %d.\n Some certificate tests "
"will fail, and long-lived CA certificates\n won't "
"be correctly imported.\n", 2000 + i );
break;
}
}
#endif /* !WinCE */
/* If we're compiling under Unix with threading support, make sure the
default thread stack size is sensible. We don't perform the check for
UnixWare/SCO since this already has the workaround applied */
#if defined( UNIX_THREADS ) && !defined( __SCO_VERSION__ )
{
pthread_attr_t attr;
size_t stackSize;
pthread_attr_init( &attr );
pthread_attr_getstacksize( &attr, &stackSize );
pthread_attr_destroy( &attr );
#if ( defined( sun ) && OSVERSION > 4 )
/* Slowaris uses a special-case value of 0 (actually NULL) to indicate
the default stack size of 1MB (32-bit) or 2MB (64-bit), so we have to
handle this specially */
if( stackSize < 32768 && stackSize != 0 )
#else
if( stackSize < 32768 )
#endif /* Slowaris special-case handling */
{
printf( "The pthread stack size is defaulting to %d bytes, which is "
"too small for\ncryptlib to run in. To fix this, edit the "
"thread-creation function macro in\ncryptos.h and recompile "
"cryptlib.\n", stackSize );
exit( EXIT_FAILURE );
}
}
#endif /* UNIX_THREADS */
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -