Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
From 193777aedc558c56bb6501ba8e2134668ee5697b Mon Sep 17 00:00:00 2001
Bug 1162897, util: add minimal PKCS#11 URI parser, r=rrelyea
  • Loading branch information
ueno committed May 3, 2017
1 parent 02db64a commit 0e99f0e
Show file tree
Hide file tree
Showing 10 changed files with 1,087 additions and 0 deletions.
3 changes: 3 additions & 0 deletions cpputil/scoped_ptrs.h
Expand Up @@ -11,6 +11,7 @@
#include "cert.h"
#include "keyhi.h"
#include "pk11pub.h"
#include "pkcs11uri.h"

struct ScopedDelete {
void operator()(CERTCertificate* cert) { CERT_DestroyCertificate(cert); }
Expand All @@ -32,6 +33,7 @@ struct ScopedDelete {
void operator()(SECKEYPrivateKeyList* list) {
SECKEY_DestroyPrivateKeyList(list);
}
void operator()(PK11URI* uri) { PK11URI_DestroyURI(uri); }
};

template <class T>
Expand Down Expand Up @@ -59,6 +61,7 @@ SCOPED(SECItem);
SCOPED(SECKEYPublicKey);
SCOPED(SECKEYPrivateKey);
SCOPED(SECKEYPrivateKeyList);
SCOPED(PK11URI);

#undef SCOPED

Expand Down
1 change: 1 addition & 0 deletions gtests/util_gtest/manifest.mn
Expand Up @@ -9,6 +9,7 @@ MODULE = nss
CPPSRCS = \
util_utf8_unittest.cc \
util_b64_unittest.cc \
util_pkcs11uri_unittest.cc \
$(NULL)

INCLUDES += \
Expand Down
1 change: 1 addition & 0 deletions gtests/util_gtest/util_gtest.gyp
Expand Up @@ -13,6 +13,7 @@
'sources': [
'util_utf8_unittest.cc',
'util_b64_unittest.cc',
'util_pkcs11uri_unittest.cc',
'<(DEPTH)/gtests/common/gtests.cc',
],
'dependencies': [
Expand Down
167 changes: 167 additions & 0 deletions gtests/util_gtest/util_pkcs11uri_unittest.cc
@@ -0,0 +1,167 @@
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */

#include <climits>
#include <memory>
#include "pkcs11uri.h"

#include "gtest/gtest.h"
#include "scoped_ptrs.h"

namespace nss_test {

class PK11URITest : public ::testing::Test {
public:
bool TestCreate(const PK11URIAttribute *pattrs, size_t num_pattrs,
const PK11URIAttribute *qattrs, size_t num_qattrs) {
ScopedPK11URI tmp(
PK11URI_CreateURI(pattrs, num_pattrs, qattrs, num_qattrs));
return tmp != nullptr;
}

void TestCreateRetrieve(const PK11URIAttribute *pattrs, size_t num_pattrs,
const PK11URIAttribute *qattrs, size_t num_qattrs) {
ScopedPK11URI tmp(
PK11URI_CreateURI(pattrs, num_pattrs, qattrs, num_qattrs));
ASSERT_TRUE(tmp);

size_t i;
for (i = 0; i < num_pattrs; i++) {
const char *value = PK11URI_GetPathAttribute(tmp.get(), pattrs[i].name);
ASSERT_TRUE(value);
ASSERT_EQ(std::string(value), std::string(pattrs[i].value));
}
for (i = 0; i < num_qattrs; i++) {
const char *value = PK11URI_GetQueryAttribute(tmp.get(), qattrs[i].name);
ASSERT_TRUE(value);
ASSERT_EQ(std::string(value), std::string(qattrs[i].value));
}
}

void TestCreateFormat(const PK11URIAttribute *pattrs, size_t num_pattrs,
const PK11URIAttribute *qattrs, size_t num_qattrs,
const std::string &formatted) {
ScopedPK11URI tmp(
PK11URI_CreateURI(pattrs, num_pattrs, qattrs, num_qattrs));
ASSERT_TRUE(tmp);
char *out = PK11URI_FormatURI(nullptr, tmp.get());
ASSERT_TRUE(out);
ASSERT_EQ(std::string(out), formatted);
PORT_Free(out);
}

bool TestParse(const std::string &str) {
ScopedPK11URI tmp(PK11URI_ParseURI(str.c_str()));
return tmp != nullptr;
}

void TestParseRetrieve(const std::string &str, const PK11URIAttribute *pattrs,
size_t num_pattrs, const PK11URIAttribute *qattrs,
size_t num_qattrs) {
ScopedPK11URI tmp(PK11URI_ParseURI(str.c_str()));
ASSERT_TRUE(tmp);

size_t i;
for (i = 0; i < num_pattrs; i++) {
const char *value = PK11URI_GetPathAttribute(tmp.get(), pattrs[i].name);
ASSERT_TRUE(value);
ASSERT_EQ(std::string(value), std::string(pattrs[i].value));
}
for (i = 0; i < num_qattrs; i++) {
const char *value = PK11URI_GetQueryAttribute(tmp.get(), qattrs[i].name);
ASSERT_TRUE(value);
ASSERT_EQ(std::string(value), std::string(qattrs[i].value));
}
}

void TestParseFormat(const std::string &str, const std::string &formatted) {
ScopedPK11URI tmp(PK11URI_ParseURI(str.c_str()));
ASSERT_TRUE(tmp);
char *out = PK11URI_FormatURI(nullptr, tmp.get());
ASSERT_TRUE(out);
ASSERT_EQ(std::string(out), formatted);
PORT_Free(out);
}

protected:
};

const PK11URIAttribute pattrs[] = {
{"token", "aaa"}, {"manufacturer", "bbb"}, {"vendor", "ccc"}};

const PK11URIAttribute qattrs[] = {{"pin-source", "|grep foo /etc/passwd"},
{"pin-value", "secret"},
{"vendor", "ddd"}};

const PK11URIAttribute pattrs_invalid[] = {{"token", "aaa"},
{"manufacturer", "bbb"},
{"vendor", "ccc"},
{"$%*&", "invalid"},
{"", "empty"}};

const PK11URIAttribute qattrs_invalid[] = {
{"pin-source", "|grep foo /etc/passwd"},
{"pin-value", "secret"},
{"vendor", "ddd"},
{"$%*&", "invalid"},
{"", "empty"}};

TEST_F(PK11URITest, CreateTest) {
EXPECT_TRUE(
TestCreate(pattrs, PR_ARRAY_SIZE(pattrs), qattrs, PR_ARRAY_SIZE(qattrs)));
EXPECT_FALSE(TestCreate(pattrs_invalid, PR_ARRAY_SIZE(pattrs_invalid), qattrs,
PR_ARRAY_SIZE(qattrs)));
EXPECT_FALSE(TestCreate(pattrs, PR_ARRAY_SIZE(pattrs), qattrs_invalid,
PR_ARRAY_SIZE(qattrs_invalid)));
EXPECT_FALSE(TestCreate(pattrs_invalid, PR_ARRAY_SIZE(pattrs_invalid),
qattrs_invalid, PR_ARRAY_SIZE(qattrs_invalid)));
}

TEST_F(PK11URITest, CreateRetrieveTest) {
TestCreateRetrieve(pattrs, PR_ARRAY_SIZE(pattrs), qattrs,
PR_ARRAY_SIZE(qattrs));
}

TEST_F(PK11URITest, CreateFormatTest) {
TestCreateFormat(pattrs, PR_ARRAY_SIZE(pattrs), qattrs, PR_ARRAY_SIZE(qattrs),
"pkcs11:token=aaa;manufacturer=bbb;vendor=ccc?pin-source=|"
"grep%20foo%20/etc/passwd&pin-value=secret&vendor=ddd");
}

TEST_F(PK11URITest, ParseTest) {
EXPECT_FALSE(TestParse("pkcs11:token=aaa;token=bbb"));
EXPECT_FALSE(TestParse("pkcs11:dup=aaa;dup=bbb"));
EXPECT_FALSE(TestParse("pkcs11:?pin-value=aaa&pin-value=bbb"));
EXPECT_FALSE(TestParse("pkcs11:=empty"));
EXPECT_FALSE(TestParse("pkcs11:token=%2;manufacturer=aaa"));
}

TEST_F(PK11URITest, ParseRetrieveTest) {
TestParseRetrieve(
"pkcs11:token=aaa;manufacturer=bbb;vendor=ccc?pin-source=|"
"grep%20foo%20/etc/passwd&pin-value=secret&vendor=ddd",
pattrs, PR_ARRAY_SIZE(pattrs), qattrs, PR_ARRAY_SIZE(qattrs));
}

TEST_F(PK11URITest, ParseFormatTest) {
TestParseFormat("pkcs11:", "pkcs11:");
TestParseFormat("pkcs11:token=aaa", "pkcs11:token=aaa");
TestParseFormat("pkcs11:token=aaa;manufacturer=bbb",
"pkcs11:token=aaa;manufacturer=bbb");
TestParseFormat("pkcs11:manufacturer=bbb;token=aaa",
"pkcs11:token=aaa;manufacturer=bbb");
TestParseFormat("pkcs11:manufacturer=bbb;token=aaa;vendor2=ddd;vendor1=ccc",
"pkcs11:token=aaa;manufacturer=bbb;vendor1=ccc;vendor2=ddd");
TestParseFormat("pkcs11:?pin-value=secret", "pkcs11:?pin-value=secret");
TestParseFormat("pkcs11:?dup=aaa&dup=bbb", "pkcs11:?dup=aaa&dup=bbb");
TestParseFormat(
"pkcs11:?pin-source=|grep%20foo%20/etc/passwd&pin-value=secret",
"pkcs11:?pin-source=|grep%20foo%20/etc/passwd&pin-value=secret");
TestParseFormat("pkcs11:token=aaa?pin-value=secret",
"pkcs11:token=aaa?pin-value=secret");
}

} // namespace nss_test
1 change: 1 addition & 0 deletions lib/util/exports.gyp
Expand Up @@ -30,6 +30,7 @@
'pkcs11p.h',
'pkcs11t.h',
'pkcs11u.h',
'pkcs11uri.h',
'pkcs1sig.h',
'portreg.h',
'secasn1.h',
Expand Down
2 changes: 2 additions & 0 deletions lib/util/manifest.mn
Expand Up @@ -41,6 +41,7 @@ EXPORTS = \
utilrename.h \
utilpars.h \
utilparst.h \
pkcs11uri.h \
$(NULL)

PRIVATE_EXPORTS = \
Expand Down Expand Up @@ -76,6 +77,7 @@ CSRCS = \
utf8.c \
utilmod.c \
utilpars.c \
pkcs11uri.c \
$(NULL)

MODULE = nss
Expand Down
11 changes: 11 additions & 0 deletions lib/util/nssutil.def
Expand Up @@ -296,3 +296,14 @@ SEC_ASN1DecoderSetMaximumElementSize;
;+ local:
;+ *;
;+};
;+NSSUTIL_3.31 { # NSS Utilities 3.31 release
;+ global:
PK11URI_CreateURI;
PK11URI_ParseURI;
PK11URI_FormatURI;
PK11URI_DestroyURI;
PK11URI_GetPathAttribute;
PK11URI_GetQueryAttribute;
;+ local:
;+ *;
;+};

0 comments on commit 0e99f0e

Please sign in to comment.