diff options
Diffstat (limited to 'lib/orber/test/csiv2_SUITE.erl')
| -rw-r--r-- | lib/orber/test/csiv2_SUITE.erl | 889 |
1 files changed, 0 insertions, 889 deletions
diff --git a/lib/orber/test/csiv2_SUITE.erl b/lib/orber/test/csiv2_SUITE.erl deleted file mode 100644 index 7844060582..0000000000 --- a/lib/orber/test/csiv2_SUITE.erl +++ /dev/null @@ -1,889 +0,0 @@ -%% -%% %CopyrightBegin% -%% -%% Copyright Ericsson AB 2005-2016. All Rights Reserved. -%% -%% Licensed under the Apache License, Version 2.0 (the "License"); -%% you may not use this file except in compliance with the License. -%% You may obtain a copy of the License at -%% -%% http://www.apache.org/licenses/LICENSE-2.0 -%% -%% Unless required by applicable law or agreed to in writing, software -%% distributed under the License is distributed on an "AS IS" BASIS, -%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -%% See the License for the specific language governing permissions and -%% limitations under the License. -%% -%% %CopyrightEnd% -%% -%% --module(csiv2_SUITE). - --include_lib("common_test/include/ct.hrl"). --include_lib("orber/include/corba.hrl"). --include_lib("orber/COSS/CosNaming/CosNaming.hrl"). --include_lib("orber/src/orber_iiop.hrl"). --include_lib("orber/src/ifr_objects.hrl"). --include("idl_output/orber_test_server.hrl"). --include_lib("orber/COSS/CosNaming/CosNaming_NamingContextExt.hrl"). --include_lib("orber/COSS/CosNaming/CosNaming_NamingContext.hrl"). -%%-include_lib("orber/src/OrberCSIv2.hrl"). - --define(default_timeout, test_server:minutes(5)). - --define(match(ExpectedRes,Expr), - fun() -> - AcTuAlReS = (catch (Expr)), - case AcTuAlReS of - ExpectedRes -> - io:format("------ CORRECT RESULT ------~n~p~n", - [AcTuAlReS]), - AcTuAlReS; - _ -> - io:format("###### ERROR ERROR ######~nRESULT: ~p~n", - [AcTuAlReS]), - exit(AcTuAlReS) - end - end()). - --define(REQUEST_ID, 0). - --define(REPLY_FRAG_1, <<71,73,79,80,1,2,2,1,0,0,0,41,0,0,0,?REQUEST_ID,0,0,0,0,0,0,0,1,78,69,79,0,0,0,0,2,0,10,0,0,0,0,0,0,0,0,0,18,0,0,0,0,0,0,0,4,49>>). -%% The fragments are identical for requests and replies. --define(FRAG_2, <<71,73,79,80,1,2,2,7,0,0,0,5,0,0,0,?REQUEST_ID,50>>). --define(FRAG_3, <<71,73,79,80,1,2,2,7,0,0,0,5,0,0,0,?REQUEST_ID,51>>). --define(FRAG_4, <<71,73,79,80,1,2,0,7,0,0,0,5,0,0,0,?REQUEST_ID,0>>). - -%% Should X509 DER generated by, for example, OpenSSL --define(X509DER, - <<42>>). - -%% Should X509 PEM generated by, for example, OpenSSL --define(X509PEM, - <<42>>). - -%% IOR exported by VB (CSIv2 activated). --define(VB_IOR, - #'IOP_IOR' - {type_id = "IDL:omg.org/CosNotifyComm/SequencePushConsumer:1.0", - profiles = - [#'IOP_TaggedProfile' - {tag = ?TAG_INTERNET_IOP, - profile_data = - #'IIOP_ProfileBody_1_1'{ - iiop_version = #'IIOP_Version'{major = 1, - minor = 2}, - host = "127.0.0.1", - port = 0, - object_key = [0,86,66,1,0,0,0,24,47,70,77,65,95,67,73,82,80,77,65,78,95,80,79,65,95,83,69,67,85,82,69,0,0,0,0,4,0,0,4,186,0,0,2,10,81,218,65,185], - components = - [#'IOP_TaggedComponent'{tag = ?TAG_SSL_SEC_TRANS, - component_data = #'SSLIOP_SSL'{ - target_supports = 102, - target_requires = 66, - port = 49934}}, - #'IOP_TaggedComponent'{tag = ?TAG_CSI_SEC_MECH_LIST, - component_data = - #'CSIIOP_CompoundSecMechList'{stateful = true, - mechanism_list = - [#'CSIIOP_CompoundSecMech' - {target_requires = 66, - transport_mech = #'IOP_TaggedComponent'{ - tag = ?TAG_TLS_SEC_TRANS, - component_data = - #'CSIIOP_TLS_SEC_TRANS'{ - target_supports = 102, - target_requires = 66, - addresses = - [#'CSIIOP_TransportAddress' - {host_name = "127.0.0.1", - port = 49934}]}}, - as_context_mech = - #'CSIIOP_AS_ContextSec'{ - target_supports = 0, - target_requires = 0, - client_authentication_mech = [], - target_name = []}, - sas_context_mech = - #'CSIIOP_SAS_ContextSec'{ - target_supports = 1024, - target_requires = 0, - privilege_authorities = - [#'CSIIOP_ServiceConfiguration' - {syntax = 1447174401, - name = "Borland"}], - supported_naming_mechanisms = [[6, - 6, - 103, - 129, - 2, - 1, - 1, - 1]], - supported_identity_types = 15}}]}}, - #'IOP_TaggedComponent' - {tag = ?TAG_CODE_SETS, - component_data = - #'CONV_FRAME_CodeSetComponentInfo'{'ForCharData' = - #'CONV_FRAME_CodeSetComponent'{ - native_code_set = 65537, - conversion_code_sets = [83951617]}, - 'ForWcharData' = - #'CONV_FRAME_CodeSetComponent'{ - native_code_set = 65801, - conversion_code_sets = []}}}, - #'IOP_TaggedComponent'{tag = ?TAG_ORB_TYPE, - component_data = 1447645952}, - #'IOP_TaggedComponent'{tag = 1447645955, - component_data = [0,5,7,1,127]}]}}]}). - -%% Common basic types --define(OID, {2,23,130,1,1,1}). - --define(OCTET_STR, [1,2,3,4]). - --define(BIT_STR, [0,1,0,1,1]). - --define(BOOLEAN, false). - --define(ANY, [19,5,111,116,112,67,65]). - --ifdef(false). -%% PKIX1Explicit88 --define(AlgorithmIdentifier, - #'AlgorithmIdentifier'{algorithm = ?OID, - parameters = ?ANY}). - --define(Validity, #'Validity'{notBefore = {utcTime, "19820102070533.8"}, - notAfter = {generalTime, "19820102070533.8"}}). - --define(SubjectPublicKeyInfo, - #'SubjectPublicKeyInfo'{algorithm = ?AlgorithmIdentifier, - subjectPublicKey = ?BIT_STR}). - --define(AttributeTypeAndValue, - #'AttributeTypeAndValue'{type = ?OID, - value = <<19,11,69,114,105,99,115,115,111,110,32,65,66>>}). - --define(RelativeDistinguishedName, [?AttributeTypeAndValue]). - --define(RDNSequence, [?RelativeDistinguishedName]). - --define(Name, {rdnSequence, ?RDNSequence}). - --define(Version, v3). - --define(CertificateSerialNumber, 1). - --define(UniqueIdentifier, ?BIT_STR). - --define(Extension, #'Extension'{extnID = ?OID, - critical = ?BOOLEAN, - extnValue = ?OCTET_STR}). - --define(Extensions, [?Extension]). - --define(TBSCertificate, - #'TBSCertificate'{version = ?Version, - serialNumber = ?CertificateSerialNumber, - signature = ?AlgorithmIdentifier, - issuer = ?Name, - validity = ?Validity, - subject = ?Name, - subjectPublicKeyInfo = ?SubjectPublicKeyInfo, - issuerUniqueID = ?UniqueIdentifier, - subjectUniqueID = ?UniqueIdentifier, - extensions = ?Extensions}). - --define(Certificate, #'Certificate'{tbsCertificate = ?TBSCertificate, - signatureAlgorithm = ?AlgorithmIdentifier, - signature = ?BIT_STR}). - -%% PKIX1Implicit88 - --define(GeneralName, {registeredID, ?OID}). - --define(GeneralNames, [?GeneralName]). - -%% PKIXAttributeCertificate --define(AttCertValidityPeriod, - #'AttCertValidityPeriod'{notBeforeTime = "19820102070533.8", - notAfterTime = "19820102070533.8"}). - - --define(Attribute, #'Attribute'{type = ?OID, - values = []}). - --define(Attributes, [?Attribute]). - --define(IssuerSerial, #'IssuerSerial'{issuer = ?GeneralNames, - serial = ?CertificateSerialNumber, - issuerUID = ?UniqueIdentifier}). - --define(DigestedObjectType, publicKey). %% Enum - --define(ObjectDigestInfo, - #'ObjectDigestInfo'{digestedObjectType = ?DigestedObjectType, - otherObjectTypeID = ?OID, - digestAlgorithm = ?AlgorithmIdentifier, - objectDigest = ?BIT_STR}). - --define(V2Form, #'V2Form'{issuerName = ?GeneralNames, - baseCertificateID = ?IssuerSerial, - objectDigestInfo = ?ObjectDigestInfo}). - --define(AttCertVersion, v2). - --define(Holder, #'Holder'{baseCertificateID = ?IssuerSerial, - entityName = ?GeneralNames, - objectDigestInfo = ?ObjectDigestInfo}). - --define(AttCertIssuer, {v2Form, ?V2Form}). - --define(AttributeCertificateInfo, - #'AttributeCertificateInfo'{version = ?AttCertVersion, - holder = ?Holder, - issuer = ?AttCertIssuer, - signature = ?AlgorithmIdentifier, - serialNumber = ?CertificateSerialNumber, - attrCertValidityPeriod = ?AttCertValidityPeriod, - attributes = ?Attributes, - issuerUniqueID = ?UniqueIdentifier, - extensions = ?Extensions}). - --define(AttributeCertificate, - #'AttributeCertificate'{acinfo = ?AttributeCertificateInfo, - signatureAlgorithm = ?AlgorithmIdentifier, - signatureValue = ?BIT_STR}). - - -%% OrberCSIv2 --define(AttributeCertChain, - #'AttributeCertChain'{attributeCert = ?AttributeCertificate, - certificateChain = ?CertificateChain}). - --define(CertificateChain, [?Certificate]). - --define(VerifyingCertChain, [?Certificate]). - --endif. - -%%----------------------------------------------------------------- -%% External exports -%%----------------------------------------------------------------- --export([all/0, suite/0,groups/0,init_per_group/2,end_per_group/2, cases/0, - init_per_suite/1, end_per_suite/1, - init_per_testcase/2, end_per_testcase/2, -% code_CertificateChain_api/1, -% code_AttributeCertChain_api/1, -% code_VerifyingCertChain_api/1, -% code_AttributeCertificate_api/1, -% code_Certificate_api/1, -% code_TBSCertificate_api/1, -% code_CertificateSerialNumber_api/1, -% code_Version_api/1, -% code_AlgorithmIdentifier_api/1, -% code_Name_api/1, -% code_RDNSequence_api/1, -% code_RelativeDistinguishedName_api/1, -% code_AttributeTypeAndValue_api/1, -% code_Attribute_api/1, -% code_Validity_api/1, -% code_SubjectPublicKeyInfo_api/1, -% code_UniqueIdentifier_api/1, -% code_Extensions_api/1, -% code_Extension_api/1, -% code_AttributeCertificateInfo_api/1, -% code_AttCertVersion_api/1, -% code_Holder_api/1, -% code_AttCertIssuer_api/1, -% code_AttCertValidityPeriod_api/1, -% code_V2Form_api/1, -% code_IssuerSerial_api/1, -% code_ObjectDigestInfo_api/1, -% code_OpenSSL509_api/1, - ssl_server_peercert_api/1, - ssl_client_peercert_api/1]). - - -%%----------------------------------------------------------------- -%% Internal exports -%%----------------------------------------------------------------- --export([fake_server_ORB/5]). - -%%----------------------------------------------------------------- -%% Func: all/1 -%% Args: -%% Returns: -%%----------------------------------------------------------------- -suite() -> [{ct_hooks,[ts_install_cth]}]. - -all() -> - cases(). - -groups() -> - []. - -init_per_group(_GroupName, Config) -> - Config. - -end_per_group(_GroupName, Config) -> - Config. - - -%% NOTE - the fragment test cases must bu first since we explicitly set a request -%% id. Otherwise, the request-id counter would be increased and we cannot know -%% what it is. -cases() -> - [ssl_server_peercert_api, ssl_client_peercert_api]. - -%%----------------------------------------------------------------- -%% Init and cleanup functions. -%%----------------------------------------------------------------- - -init_per_testcase(_Case, Config) -> - Path = code:which(?MODULE), - code:add_pathz(filename:join(filename:dirname(Path), "idl_output")), - Dog=test_server:timetrap(?default_timeout), - orber:jump_start(0), - oe_orber_test_server:oe_register(), - [{watchdog, Dog}|Config]. - - -end_per_testcase(_Case, Config) -> - oe_orber_test_server:oe_unregister(), - orber:jump_stop(), - Path = code:which(?MODULE), - code:del_path(filename:join(filename:dirname(Path), "idl_output")), - Dog = proplists:get_value(watchdog, Config), - test_server:timetrap_cancel(Dog), - ok. - -init_per_suite(Config) -> - try crypto:start() of - ok -> - case orber_test_lib:ssl_version() of - no_ssl -> - {skip, "SSL is not installed!"}; - _ -> - Config - end - catch _:_ -> - {skip, "Crypto did not start"} - end. - -end_per_suite(Config) -> - application:stop(crypto), - Config. - -%%----------------------------------------------------------------- -%% API tests for ORB to ORB, no security -%%----------------------------------------------------------------- - - -%%----------------------------------------------------------------- -%% Encode and decode ASN.1 X509 -%%----------------------------------------------------------------- - --ifdef(false). -%% OrberCSIv2 -%%----------------------------------------------------------------- -%% Code CertificateChain -code_CertificateChain_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('CertificateChain', ?CertificateChain)), - ?match({ok, [#'Certificate'{}]}, - 'OrberCSIv2':decode('CertificateChain', list_to_binary(Enc))), - ok. - -%% Code AttributeCertChain -code_AttributeCertChain_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('AttributeCertChain', ?AttributeCertChain)), - ?match({ok, #'AttributeCertChain'{}}, - 'OrberCSIv2':decode('AttributeCertChain', list_to_binary(Enc))), - ok. - -%% Code VerifyingCertChain -code_VerifyingCertChain_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('VerifyingCertChain', ?VerifyingCertChain)), - ?match({ok, [#'Certificate'{}]}, - 'OrberCSIv2':decode('VerifyingCertChain', list_to_binary(Enc))), - ok. - -%% PKIXAttributeCertificate -%%----------------------------------------------------------------- -%% Code AttributeCertificate -code_AttributeCertificate_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('AttributeCertificate', ?AttributeCertificate)), - ?match({ok, #'AttributeCertificate'{}}, - 'OrberCSIv2':decode('AttributeCertificate', list_to_binary(Enc))), - ok. - -%% Code AttributeCertificateInfo -code_AttributeCertificateInfo_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('AttributeCertificateInfo', ?AttributeCertificateInfo)), - ?match({ok, #'AttributeCertificateInfo'{}}, - 'OrberCSIv2':decode('AttributeCertificateInfo', list_to_binary(Enc))), - ok. - -%% Code AttCertVersion -code_AttCertVersion_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('AttCertVersion', ?AttCertVersion)), - ?match({ok, ?AttCertVersion}, - 'OrberCSIv2':decode('AttCertVersion', list_to_binary(Enc))), - ok. - -%% Code Holder -code_Holder_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('Holder', ?Holder)), - ?match({ok, #'Holder'{}}, - 'OrberCSIv2':decode('Holder', list_to_binary(Enc))), - ok. - -%% Code AttCertIssuer -code_AttCertIssuer_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('AttCertIssuer', ?AttCertIssuer)), - ?match({ok, {v2Form, _}}, - 'OrberCSIv2':decode('AttCertIssuer', list_to_binary(Enc))), - ok. - -%% Code AttCertValidityPeriod -code_AttCertValidityPeriod_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('AttCertValidityPeriod', ?AttCertValidityPeriod)), - ?match({ok, #'AttCertValidityPeriod'{}}, - 'OrberCSIv2':decode('AttCertValidityPeriod', list_to_binary(Enc))), - ok. - -%% Code V2Form -code_V2Form_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('V2Form', ?V2Form)), - ?match({ok, #'V2Form'{}}, - 'OrberCSIv2':decode('V2Form', list_to_binary(Enc))), - ok. - -%% Code IssuerSerial -code_IssuerSerial_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('IssuerSerial', ?IssuerSerial)), - ?match({ok, #'IssuerSerial'{}}, - 'OrberCSIv2':decode('IssuerSerial', list_to_binary(Enc))), - ok. - -%% Code ObjectDigestInfo -code_ObjectDigestInfo_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('ObjectDigestInfo', ?ObjectDigestInfo)), - ?match({ok, #'ObjectDigestInfo'{}}, - 'OrberCSIv2':decode('ObjectDigestInfo', list_to_binary(Enc))), - ok. - -%% PKIX1Explicit88 -%%----------------------------------------------------------------- -%% Code Certificate -code_Certificate_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('Certificate', ?Certificate)), - ?match({ok, #'Certificate'{}}, - 'OrberCSIv2':decode('Certificate', list_to_binary(Enc))), - ok. - -%% Code TBSCertificate -code_TBSCertificate_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('TBSCertificate', ?TBSCertificate)), - ?match({ok, #'TBSCertificate'{}}, - 'OrberCSIv2':decode('TBSCertificate', list_to_binary(Enc))), - ok. - -%% Code CertificateSerialNumber"]; -code_CertificateSerialNumber_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, - 'OrberCSIv2':encode('CertificateSerialNumber', ?CertificateSerialNumber)), - ?match({ok, ?CertificateSerialNumber}, - 'OrberCSIv2':decode('CertificateSerialNumber', list_to_binary(Enc))), - ok. - -%% Code Version -code_Version_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Version', ?Version)), - ?match({ok, ?Version}, 'OrberCSIv2':decode('Version', list_to_binary(Enc))), - ok. - -%% Code AlgorithmIdentifier -code_AlgorithmIdentifier_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('AlgorithmIdentifier', ?AlgorithmIdentifier)), - ?match({ok, #'AlgorithmIdentifier'{}}, - 'OrberCSIv2':decode('AlgorithmIdentifier', list_to_binary(Enc))), - ok. - -%% Code Name -code_Name_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Name', ?Name)), - ?match({ok, {rdnSequence,_}}, - 'OrberCSIv2':decode('Name', list_to_binary(Enc))), - ok. - -%% Code RDNSequence -code_RDNSequence_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('RDNSequence', ?RDNSequence)), - ?match({ok, [[#'AttributeTypeAndValue'{}]]}, - 'OrberCSIv2':decode('RDNSequence', list_to_binary(Enc))), - ok. - -%% Code RelativeDistinguishedName -code_RelativeDistinguishedName_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('RelativeDistinguishedName', ?RelativeDistinguishedName)), - ?match({ok, [#'AttributeTypeAndValue'{}]}, - 'OrberCSIv2':decode('RelativeDistinguishedName', list_to_binary(Enc))), - ok. - -%% Code AttributeTypeAndValue -code_AttributeTypeAndValue_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('AttributeTypeAndValue', ?AttributeTypeAndValue)), - ?match({ok, #'AttributeTypeAndValue'{}}, - 'OrberCSIv2':decode('AttributeTypeAndValue', list_to_binary(Enc))), - ok. - -%% Code Attribute"]; -code_Attribute_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Attribute', ?Attribute)), - ?match({ok, #'Attribute'{}}, - 'OrberCSIv2':decode('Attribute', list_to_binary(Enc))), - ok. - -%% Code Validity -code_Validity_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Validity', ?Validity)), - ?match({ok, #'Validity'{}}, - 'OrberCSIv2':decode('Validity', list_to_binary(Enc))), - ok. - -%% Code SubjectPublicKeyInfo -code_SubjectPublicKeyInfo_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('SubjectPublicKeyInfo', ?SubjectPublicKeyInfo)), - ?match({ok, #'SubjectPublicKeyInfo'{}}, - 'OrberCSIv2':decode('SubjectPublicKeyInfo', list_to_binary(Enc))), - ok. - -%% Code UniqueIdentifier -code_UniqueIdentifier_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('UniqueIdentifier', ?UniqueIdentifier)), - ?match({ok, _}, 'OrberCSIv2':decode('UniqueIdentifier', list_to_binary(Enc))), - ok. - -%% Code Extensions -code_Extensions_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Extensions', ?Extensions)), - ?match({ok, [#'Extension'{}]}, - 'OrberCSIv2':decode('Extensions', list_to_binary(Enc))), - ok. - -%% Code Extension -code_Extension_api(_Config) -> - {ok, Enc} = - ?match({ok, _}, 'OrberCSIv2':encode('Extension', ?Extension)), - ?match({ok, #'Extension'{}}, - 'OrberCSIv2':decode('Extension', list_to_binary(Enc))), - ok. - -%% OpenSSL generated x509 Certificate -%%----------------------------------------------------------------- -%% Code OpenSSL generated x509 Certificate -code_OpenSSL509_api(_Config) -> - {ok, Cert} = - ?match({ok, #'Certificate'{}}, - 'OrberCSIv2':decode('Certificate', ?X509DER)), - AttrCertChain = #'AttributeCertChain'{attributeCert = ?AttributeCertificate, - certificateChain = [Cert]}, - {ok, EAttrCertChain} = - ?match({ok, _}, 'OrberCSIv2':encode('AttributeCertChain', AttrCertChain)), - ?match({ok, #'AttributeCertChain'{}}, - 'OrberCSIv2':decode('AttributeCertChain', list_to_binary(EAttrCertChain))), - ok. - --endif. - -%%----------------------------------------------------------------- -%% Test ssl:peercert -%%----------------------------------------------------------------- -%% Test ssl:peercert (server side) -ssl_server_peercert_api(_Config) -> - Options = orber_test_lib:get_options(iiop_ssl, server, - 2, [{iiop_ssl_port, 0}]), - {ok, ServerNode, ServerHost} = - ?match({ok,_,_}, orber_test_lib:js_node(Options)), - ServerPort = orber_test_lib:remote_apply(ServerNode, orber, iiop_ssl_port, []), - SSLOptions = orber_test_lib:get_options(ssl, client), - {ok, Socket} = - ?match({ok, _}, fake_client_ORB(ssl, ServerHost, ServerPort, SSLOptions)), - {ok, _PeerCert} = ?match({ok, _}, orber_socket:peercert(ssl, Socket)), - %% ?match({ok, {rdnSequence, _}}, orber_socket:peercert(ssl, Socket, [pkix, subject])), - %% ?match({ok, {rdnSequence, _}}, orber_socket:peercert(ssl, Socket, [ssl, subject])), - % ?match({ok, #'Certificate'{}}, - % 'OrberCSIv2':decode('Certificate', PeerCert)), - destroy_fake_ORB(ssl, Socket), - ok. - -%% Test ssl:peercert (client side) -ssl_client_peercert_api(_Config) -> - Options = orber_test_lib:get_options(iiop_ssl, client, - 2, [{iiop_ssl_port, 0}]), - {ok, ClientNode, _ClientHost} = - ?match({ok,_,_}, orber_test_lib:js_node(Options)), - crypto:start(), - ssl:start(), - SSLOptions = orber_test_lib:get_options(ssl, server), - {ok, LSock} = ?match({ok, _}, ssl:listen(0, SSLOptions)), - {ok, {_Address, LPort}} = ?match({ok, {_, _}}, ssl:sockname(LSock)), - IOR = ?match({'IOP_IOR',_,_}, - iop_ior:create_external({1, 2}, "IDL:FAKE:1.0", - "localhost", 6004, "FAKE", - [#'IOP_TaggedComponent' - {tag=?TAG_SSL_SEC_TRANS, - component_data=#'SSLIOP_SSL' - {target_supports = 2, - target_requires = 2, - port = LPort}}])), - spawn(orber_test_lib, remote_apply, - [ClientNode, corba_object, non_existent, [IOR]]), - {ok, Socket} = ?match({ok, _}, ssl:transport_accept(LSock)), - ?match(ok, ssl:ssl_accept(Socket)), - - {ok, _PeerCert} = ?match({ok, _}, orber_socket:peercert(ssl, Socket)), - %% ?match({ok, {rdnSequence, _}}, orber_socket:peercert(ssl, Socket, [pkix, subject])), - %% ?match({ok, {rdnSequence, _}}, orber_socket:peercert(ssl, Socket, [ssl, subject])), - % ?match({ok, #'Certificate'{}}, - % 'OrberCSIv2':decode('Certificate', PeerCert)), - ssl:close(Socket), - ssl:close(LSock), - ssl:stop(), - ok. - -%%----------------------------------------------------------------- -%% Local functions. -%%----------------------------------------------------------------- --ifdef(false). -%% Not used yet. -context_test(Obj) -> - IDToken1 = #'CSI_IdentityToken'{label = ?CSI_IdentityTokenType_ITTAbsent, - value = true}, - IDToken2 = #'CSI_IdentityToken'{label = ?CSI_IdentityTokenType_ITTAnonymous, - value = false}, - IDToken3 = #'CSI_IdentityToken'{label = ?CSI_IdentityTokenType_ITTPrincipalName, - value = [0,255]}, - IDToken4 = #'CSI_IdentityToken'{label = ?CSI_IdentityTokenType_ITTX509CertChain, - value = [1,255]}, - IDToken5 = #'CSI_IdentityToken'{label = ?CSI_IdentityTokenType_ITTDistinguishedName, - value = [2,255]}, - IDToken6 = #'CSI_IdentityToken'{label = ?ULONGMAX, - value = [3,255]}, - - MTEstablishContext1 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken1, - client_authentication_token = [1, 255]}}, - MTEstablishContext2 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken2, - client_authentication_token = [1, 255]}}, - MTEstablishContext3 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken3, - client_authentication_token = [1, 255]}}, - MTEstablishContext4 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken4, - client_authentication_token = [1, 255]}}, - MTEstablishContext5 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken5, - client_authentication_token = [1, 255]}}, - MTEstablishContext6 = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTEstablishContext, - value = #'CSI_EstablishContext'{client_context_id = ?ULONGLONGMAX, - authorization_token = - [#'CSI_AuthorizationElement' - {the_type = ?ULONGMAX, - the_element = [0,255]}], - identity_token = IDToken6, - client_authentication_token = [1, 255]}}, - MTCompleteEstablishContext = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTCompleteEstablishContext, - value = #'CSI_CompleteEstablishContext'{client_context_id = ?ULONGLONGMAX, - context_stateful = false, - final_context_token = [1, 255]}}, - MTContextError = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTContextError, - value = #'CSI_ContextError'{client_context_id = ?ULONGLONGMAX, - major_status = 1, - minor_status = 2, - error_token = [2,255]}}, - MTMessageInContext = #'CSI_SASContextBody' - {label = ?CSI_MsgType_MTMessageInContext, - value = #'CSI_MessageInContext'{client_context_id = ?ULONGLONGMAX, - discard_context = true}}, - Ctx = [#'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext1}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext2}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext3}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext4}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext5}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTEstablishContext6}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTCompleteEstablishContext}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTContextError}, - #'IOP_ServiceContext'{context_id=?IOP_SecurityAttributeService, - context_data = MTMessageInContext}], - ?match(ok, orber_test_server:testing_iiop_context(Obj, [{context, Ctx}])). - - -fake_server_ORB(Type, Port, Options) -> - start_ssl(Type), - {ok, ListenSocket, NewPort} = - orber_socket:listen(Type, Port, - [{active, false}|Options]), - Socket = orber_socket:accept(Type, ListenSocket), - orber_socket:post_accept(Type, Socket), - {ok, Socket, NewPort}. - --endif. - -fake_server_ORB(Type, Port, Options, Action, Data) -> - start_ssl(Type), - {ok, ListenSocket, _NewPort} = - orber_socket:listen(Type, Port, [{active, false}|Options]), - Socket = orber_socket:accept(Type, ListenSocket), - orber_socket:post_accept(Type, Socket), - do_server_action(Type, Socket, Action, Data), - orber_socket:close(Type, Socket), - ok. - -start_ssl(ssl) -> - crypto:start(), - ssl:start(); -start_ssl(_) -> - ok. - - -destroy_fake_ORB(ssl, Socket) -> - orber_socket:close(ssl, Socket), - ssl:stop(); -destroy_fake_ORB(Type, Socket) -> - orber_socket:close(Type, Socket). - -fake_client_ORB(Type, Host, Port, Options) -> - start_ssl(Type), - Socket = orber_socket:connect(Type, Host, Port, [{active, false}|Options]), - {ok, Socket}. - --ifdef(false). -%% Not used yet. - -fake_client_ORB(Type, Host, Port, Options, Action, Data) -> - start_ssl(Type), - Socket = orber_socket:connect(Type, Host, Port, [{active, false}|Options]), - Result = do_client_action(Type, Socket, Action, Data), - orber_socket:close(Type, Socket), - Result. - -do_client_action(Type, Socket, fragments, FragList) -> - ok = send_data(Type, Socket, FragList), - {ok, Bytes} = gen_tcp:recv(Socket, 0), - {#reply_header{request_id = ?REQUEST_ID, reply_status = no_exception}, ok, [Par]} = - cdr_decode:dec_message({tk_void,[tk_any],[tk_any]}, Bytes), - Par; -do_client_action(Type, Socket, fragments_max, FragList) -> - ok = send_data(Type, Socket, FragList), - {ok, Bytes} = gen_tcp:recv(Socket, 0), - {#reply_header{request_id = ?REQUEST_ID, reply_status = system_exception}, Exc, []} = - cdr_decode:dec_message({tk_void,[tk_any],[tk_any]}, Bytes), - Exc; -do_client_action(Type, Socket, message_error, Data) -> - ok = send_data(Type, Socket, Data), - {ok,Bytes} = gen_tcp:recv(Socket, 0), - 'message_error' = cdr_decode:dec_message({tk_void,[tk_any],[tk_any]}, Bytes), - ok; -do_client_action(_Type, _Socket, _Action, _Data) -> - ok. - --endif. - -do_server_action(Type, Socket, fragments, FragList) -> - {ok, _B} = gen_tcp:recv(Socket, 0), - ok = send_data(Type, Socket, FragList); -do_server_action(_Type, _Socket, _Action, _Data) -> - ok. - - -send_data(_Type, _Socket, []) -> - ok; -send_data(Type, Socket, [H|T]) -> - orber_socket:write(Type, Socket, H), - send_data(Type, Socket, T). - |