nss-3.41/nss/cmd/libpkix/testutil/testutil_nss.c - manifest_repos/nss - Git at Google

 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 /*
  * testutil_nss.c
  *
  * NSS-specific utility functions for handling test errors
  *
  */

 #include <stdio.h>
 #include <string.h>
 #include <stddef.h>

 #include "pkix_pl_generalname.h"
 #include "pkix_pl_cert.h"
 #include "pkix.h"
 #include "testutil.h"
 #include "prlong.h"
 #include "plstr.h"
 #include "prthread.h"
 #include "secutil.h"
 #include "nspr.h"
 #include "prtypes.h"
 #include "prtime.h"
 #include "pk11func.h"
 #include "secasn1.h"
 #include "cert.h"
 #include "cryptohi.h"
 #include "secoid.h"
 #include "certdb.h"
 #include "secitem.h"
 #include "keythi.h"
 #include "nss.h"

 static char *
 catDirName(char *dir, char *name, void *plContext)
 {
     char *pathName = NULL;
     PKIX_UInt32 nameLen;
     PKIX_UInt32 dirLen;

     PKIX_TEST_STD_VARS();

     nameLen = PL_strlen(name);
     dirLen = PL_strlen(dir);

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(dirLen + nameLen + 2,
                                              (void **)&pathName,
                                              plContext));

     PL_strcpy(pathName, dir);
     PL_strcat(pathName, "/");
     PL_strcat(pathName, name);
     printf("pathName = %s\n", pathName);

 cleanup:

     PKIX_TEST_RETURN();

     return (pathName);
 }

 PKIX_PL_Cert *
 createCert(
     char *dirName,
     char *certFileName,
     void *plContext)
 {
     PKIX_PL_ByteArray *byteArray = NULL;
     void *buf = NULL;
     PRFileDesc *certFile = NULL;
     PKIX_UInt32 len;
     SECItem certDER;
     SECStatus rv;
     /* default: NULL cert (failure case) */
     PKIX_PL_Cert *cert = NULL;
     char *pathName = NULL;

     PKIX_TEST_STD_VARS();

     certDER.data = NULL;

     pathName = catDirName(dirName, certFileName, plContext);
     certFile = PR_Open(pathName, PR_RDONLY, 0);

     if (!certFile) {
         pkixTestErrorMsg = "Unable to open cert file";
         goto cleanup;
     } else {
         rv = SECU_ReadDERFromFile(&certDER, certFile, PR_FALSE, PR_FALSE);
         if (!rv) {
             buf = (void *)certDER.data;
             len = certDER.len;

             PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext));

             PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext));

             SECITEM_FreeItem(&certDER, PR_FALSE);
         } else {
             pkixTestErrorMsg = "Unable to read DER from cert file";
             goto cleanup;
         }
     }

 cleanup:

     pkixTestErrorResult = PKIX_PL_Free(pathName, plContext);

     if (certFile) {
         PR_Close(certFile);
     }

     if (PKIX_TEST_ERROR_RECEIVED) {
         SECITEM_FreeItem(&certDER, PR_FALSE);
     }

     PKIX_TEST_DECREF_AC(byteArray);

     PKIX_TEST_RETURN();

     return (cert);
 }

 PKIX_PL_CRL *
 createCRL(
     char *dirName,
     char *crlFileName,
     void *plContext)
 {
     PKIX_PL_ByteArray *byteArray = NULL;
     PKIX_PL_CRL *crl = NULL;
     PKIX_Error *error = NULL;
     PRFileDesc *inFile = NULL;
     SECItem crlDER;
     void *buf = NULL;
     PKIX_UInt32 len;
     SECStatus rv;
     char *pathName = NULL;

     PKIX_TEST_STD_VARS();

     crlDER.data = NULL;

     pathName = catDirName(dirName, crlFileName, plContext);
     inFile = PR_Open(pathName, PR_RDONLY, 0);

     if (!inFile) {
         pkixTestErrorMsg = "Unable to open crl file";
         goto cleanup;
     } else {
         rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE);
         if (!rv) {
             buf = (void *)crlDER.data;
             len = crlDER.len;

             error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext);

             if (error) {
                 pkixTestErrorMsg =
                     "PKIX_PL_ByteArray_Create failed";
                 goto cleanup;
             }

             error = PKIX_PL_CRL_Create(byteArray, &crl, plContext);
             if (error) {
                 pkixTestErrorMsg = "PKIX_PL_Crl_Create failed";
                 goto cleanup;
             }

             SECITEM_FreeItem(&crlDER, PR_FALSE);
         } else {
             pkixTestErrorMsg = "Unable to read DER from crl file";
             goto cleanup;
         }
     }

 cleanup:

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(pathName, plContext));

     if (inFile) {
         PR_Close(inFile);
     }

     if (error) {
         SECITEM_FreeItem(&crlDER, PR_FALSE);
     }

     PKIX_TEST_DECREF_AC(byteArray);

     PKIX_TEST_RETURN();

     return (crl);
 }

 PKIX_TrustAnchor *
 createTrustAnchor(
     char *dirName,
     char *certFileName,
     PKIX_Boolean useCert,
     void *plContext)
 {
     PKIX_TrustAnchor *anchor = NULL;
     PKIX_PL_Cert *cert = NULL;
     PKIX_PL_X500Name *name = NULL;
     PKIX_PL_PublicKey *pubKey = NULL;
     PKIX_PL_CertNameConstraints *nameConstraints = NULL;

     PKIX_TEST_STD_VARS();

     cert = createCert(dirName, certFileName, plContext);

     if (useCert) {
         PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(cert, &anchor, plContext));
     } else {
         PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(cert, &name, plContext));

         if (name == NULL) {
             goto cleanup;
         }

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(cert, &nameConstraints, NULL));

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithNameKeyPair(name, pubKey, nameConstraints, &anchor, plContext));
     }

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(anchor);
     }

     PKIX_TEST_DECREF_AC(cert);
     PKIX_TEST_DECREF_AC(name);
     PKIX_TEST_DECREF_AC(pubKey);
     PKIX_TEST_DECREF_AC(nameConstraints);

     PKIX_TEST_RETURN();

     return (anchor);
 }

 PKIX_List *
 createCertChain(
     char *dirName,
     char *firstCertFileName,
     char *secondCertFileName,
     void *plContext)
 {
     PKIX_PL_Cert *firstCert = NULL;
     PKIX_PL_Cert *secondCert = NULL;
     PKIX_List *certList = NULL;

     PKIX_TEST_STD_VARS();

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));

     firstCert = createCert(dirName, firstCertFileName, plContext);

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)firstCert, plContext));

     if (secondCertFileName) {
         secondCert = createCert(dirName, secondCertFileName, plContext);

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)secondCert, plContext));
     }

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(certList);
     }

     PKIX_TEST_DECREF_AC(firstCert);
     PKIX_TEST_DECREF_AC(secondCert);

     PKIX_TEST_RETURN();

     return (certList);
 }

 PKIX_List *
 createCertChainPlus(
     char *dirName,
     char *certNames[],
     PKIX_PL_Cert *certs[],
     PKIX_UInt32 numCerts,
     void *plContext)
 {
     PKIX_List *certList = NULL;
     PKIX_UInt32 i;

     PKIX_TEST_STD_VARS();

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));

     for (i = 0; i < numCerts; i++) {

         certs[i] = createCert(dirName, certNames[i], plContext);

         /* Create Cert may fail */
         if (certs[i] == NULL) {
             PKIX_TEST_DECREF_BC(certList);
             goto cleanup;
         }

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList,
                                                        (PKIX_PL_Object *)certs[i],
                                                        plContext));
     }

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(certList);
     }

     for (i = 0; i < numCerts; i++) {
         PKIX_TEST_DECREF_AC(certs[i]);
     }

     PKIX_TEST_RETURN();

     return (certList);
 }

 PKIX_PL_Date *
 createDate(
     char *asciiDate,
     void *plContext)
 {
     PKIX_PL_Date *date = NULL;
     PKIX_PL_String *plString = NULL;

     PKIX_TEST_STD_VARS();

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiDate, 0, &plString, plContext));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(plString, &date, plContext));

 cleanup:

     PKIX_TEST_DECREF_AC(plString);

     PKIX_TEST_RETURN();

     return (date);
 }

 PKIX_ProcessingParams *
 createProcessingParams(
     char *dirName,
     char *firstAnchorFileName,
     char *secondAnchorFileName,
     char *dateAscii,
     PKIX_List *initialPolicies, /* List of PKIX_PL_OID */
     PKIX_Boolean isCrlEnabled,
     void *plContext)
 {

     PKIX_TrustAnchor *firstAnchor = NULL;
     PKIX_TrustAnchor *secondAnchor = NULL;
     PKIX_List *anchorsList = NULL;
     PKIX_ProcessingParams *procParams = NULL;
     PKIX_PL_String *dateString = NULL;
     PKIX_PL_Date *testDate = NULL;

     PKIX_TEST_STD_VARS();

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchorsList, plContext));

     firstAnchor = createTrustAnchor(dirName, firstAnchorFileName, PKIX_FALSE, plContext);

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
                                                    (PKIX_PL_Object *)firstAnchor,
                                                    plContext));

     if (secondAnchorFileName) {
         secondAnchor =
             createTrustAnchor(dirName, secondAnchorFileName, PKIX_FALSE, plContext);

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
                                                        (PKIX_PL_Object *)secondAnchor,
                                                        plContext));
     }

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchorsList, &procParams, plContext));

     if (dateAscii) {
         PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
                                                         dateAscii,
                                                         0,
                                                         &dateString,
                                                         plContext));

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(dateString, &testDate, plContext));

         PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetDate(procParams, testDate, plContext));
     }

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, isCrlEnabled, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(procParams);
     }

     PKIX_TEST_DECREF_AC(dateString);
     PKIX_TEST_DECREF_AC(testDate);
     PKIX_TEST_DECREF_AC(anchorsList);
     PKIX_TEST_DECREF_AC(firstAnchor);
     PKIX_TEST_DECREF_AC(secondAnchor);

     PKIX_TEST_RETURN();

     return (procParams);
 }

 PKIX_ValidateParams *
 createValidateParams(
     char *dirName,
     char *firstAnchorFileName,
     char *secondAnchorFileName,
     char *dateAscii,
     PKIX_List *initialPolicies, /* List of PKIX_PL_OID */
     PKIX_Boolean initialPolicyMappingInhibit,
     PKIX_Boolean initialAnyPolicyInhibit,
     PKIX_Boolean initialExplicitPolicy,
     PKIX_Boolean isCrlEnabled,
     PKIX_List *chain,
     void *plContext)
 {

     PKIX_ProcessingParams *procParams = NULL;
     PKIX_ValidateParams *valParams = NULL;

     PKIX_TEST_STD_VARS();

     procParams =
         createProcessingParams(dirName,
                                firstAnchorFileName,
                                secondAnchorFileName,
                                dateAscii,
                                NULL,
                                isCrlEnabled,
                                plContext);

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetPolicyMappingInhibited(procParams, initialPolicyMappingInhibit, NULL));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetAnyPolicyInhibited(procParams, initialAnyPolicyInhibit, NULL));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetExplicitPolicyRequired(procParams, initialExplicitPolicy, NULL));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create(procParams, chain, &valParams, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(valParams);
     }

     PKIX_TEST_DECREF_AC(procParams);

     PKIX_TEST_RETURN();

     return (valParams);
 }

 PKIX_ValidateResult *
 createValidateResult(
     char *dirName,
     char *anchorFileName,
     char *pubKeyCertFileName,
     void *plContext)
 {

     PKIX_TrustAnchor *anchor = NULL;
     PKIX_ValidateResult *valResult = NULL;
     PKIX_PL_Cert *cert = NULL;
     PKIX_PL_PublicKey *pubKey = NULL;

     PKIX_TEST_STD_VARS();

     anchor = createTrustAnchor(dirName, anchorFileName, PKIX_FALSE, plContext);
     cert = createCert(dirName, pubKeyCertFileName, plContext);

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));

     PKIX_TEST_EXPECT_NO_ERROR(pkix_ValidateResult_Create(pubKey, anchor, NULL, &valResult, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(valResult);
     }

     PKIX_TEST_DECREF_AC(anchor);
     PKIX_TEST_DECREF_AC(cert);
     PKIX_TEST_DECREF_AC(pubKey);

     PKIX_TEST_RETURN();

     return (valResult);
 }

 PKIX_PL_GeneralName *
 createGeneralName(
     PKIX_UInt32 nameType,
     char *asciiName,
     void *plContext)
 {

     PKIX_PL_GeneralName *generalName = NULL;
     PKIX_PL_String *plString = NULL;

     PKIX_TEST_STD_VARS();

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiName, 0, &plString, plContext));

     PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_GeneralName_Create(nameType, plString, &generalName, plContext));

 cleanup:

     PKIX_TEST_DECREF_AC(plString);

     PKIX_TEST_RETURN();

     return (generalName);
 }

 PKIX_BuildResult *
 createBuildResult(
     char *dirName,
     char *anchorFileName,
     char *pubKeyCertFileName,
     char *firstChainCertFileName,
     char *secondChainCertFileName,
     void *plContext)
 {
     PKIX_BuildResult *buildResult = NULL;
     PKIX_ValidateResult *valResult = NULL;
     PKIX_List *certChain = NULL;

     PKIX_TEST_STD_VARS();

     valResult = createValidateResult(dirName, anchorFileName, pubKeyCertFileName, plContext);
     certChain = createCertChain(dirName,
                                 firstChainCertFileName,
                                 secondChainCertFileName,
                                 plContext);

     PKIX_TEST_EXPECT_NO_ERROR(pkix_BuildResult_Create(valResult, certChain, &buildResult, plContext));

 cleanup:

     if (PKIX_TEST_ERROR_RECEIVED) {
         PKIX_TEST_DECREF_AC(buildResult);
     }

     PKIX_TEST_DECREF_AC(valResult);
     PKIX_TEST_DECREF_AC(certChain);

     PKIX_TEST_RETURN();

     return (buildResult);
 }
	/* This Source Code Form is subject to the terms of the Mozilla Public
	* License, v. 2.0. If a copy of the MPL was not distributed with this
	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
	/*
	* testutil_nss.c
	*
	* NSS-specific utility functions for handling test errors
	*
	*/

	#include <stdio.h>
	#include <string.h>
	#include <stddef.h>

	#include "pkix_pl_generalname.h"
	#include "pkix_pl_cert.h"
	#include "pkix.h"
	#include "testutil.h"
	#include "prlong.h"
	#include "plstr.h"
	#include "prthread.h"
	#include "secutil.h"
	#include "nspr.h"
	#include "prtypes.h"
	#include "prtime.h"
	#include "pk11func.h"
	#include "secasn1.h"
	#include "cert.h"
	#include "cryptohi.h"
	#include "secoid.h"
	#include "certdb.h"
	#include "secitem.h"
	#include "keythi.h"
	#include "nss.h"

	static char *
	catDirName(char dir, char name, void *plContext)
	{
	char *pathName = NULL;
	PKIX_UInt32 nameLen;
	PKIX_UInt32 dirLen;

	PKIX_TEST_STD_VARS();

	nameLen = PL_strlen(name);
	dirLen = PL_strlen(dir);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(dirLen + nameLen + 2,
	(void **)&pathName,
	plContext));

	PL_strcpy(pathName, dir);
	PL_strcat(pathName, "/");
	PL_strcat(pathName, name);
	printf("pathName = %s\n", pathName);

	cleanup:

	PKIX_TEST_RETURN();

	return (pathName);
	}

	PKIX_PL_Cert *
	createCert(
	char *dirName,
	char *certFileName,
	void *plContext)
	{
	PKIX_PL_ByteArray *byteArray = NULL;
	void *buf = NULL;
	PRFileDesc *certFile = NULL;
	PKIX_UInt32 len;
	SECItem certDER;
	SECStatus rv;
	/* default: NULL cert (failure case) */
	PKIX_PL_Cert *cert = NULL;
	char *pathName = NULL;

	PKIX_TEST_STD_VARS();

	certDER.data = NULL;

	pathName = catDirName(dirName, certFileName, plContext);
	certFile = PR_Open(pathName, PR_RDONLY, 0);

	if (!certFile) {
	pkixTestErrorMsg = "Unable to open cert file";
	goto cleanup;
	} else {
	rv = SECU_ReadDERFromFile(&certDER, certFile, PR_FALSE, PR_FALSE);
	if (!rv) {
	buf = (void *)certDER.data;
	len = certDER.len;

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create(byteArray, &cert, plContext));

	SECITEM_FreeItem(&certDER, PR_FALSE);
	} else {
	pkixTestErrorMsg = "Unable to read DER from cert file";
	goto cleanup;
	}
	}

	cleanup:

	pkixTestErrorResult = PKIX_PL_Free(pathName, plContext);

	if (certFile) {
	PR_Close(certFile);
	}

	if (PKIX_TEST_ERROR_RECEIVED) {
	SECITEM_FreeItem(&certDER, PR_FALSE);
	}

	PKIX_TEST_DECREF_AC(byteArray);

	PKIX_TEST_RETURN();

	return (cert);
	}

	PKIX_PL_CRL *
	createCRL(
	char *dirName,
	char *crlFileName,
	void *plContext)
	{
	PKIX_PL_ByteArray *byteArray = NULL;
	PKIX_PL_CRL *crl = NULL;
	PKIX_Error *error = NULL;
	PRFileDesc *inFile = NULL;
	SECItem crlDER;
	void *buf = NULL;
	PKIX_UInt32 len;
	SECStatus rv;
	char *pathName = NULL;

	PKIX_TEST_STD_VARS();

	crlDER.data = NULL;

	pathName = catDirName(dirName, crlFileName, plContext);
	inFile = PR_Open(pathName, PR_RDONLY, 0);

	if (!inFile) {
	pkixTestErrorMsg = "Unable to open crl file";
	goto cleanup;
	} else {
	rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE, PR_FALSE);
	if (!rv) {
	buf = (void *)crlDER.data;
	len = crlDER.len;

	error = PKIX_PL_ByteArray_Create(buf, len, &byteArray, plContext);

	if (error) {
	pkixTestErrorMsg =
	"PKIX_PL_ByteArray_Create failed";
	goto cleanup;
	}

	error = PKIX_PL_CRL_Create(byteArray, &crl, plContext);
	if (error) {
	pkixTestErrorMsg = "PKIX_PL_Crl_Create failed";
	goto cleanup;
	}

	SECITEM_FreeItem(&crlDER, PR_FALSE);
	} else {
	pkixTestErrorMsg = "Unable to read DER from crl file";
	goto cleanup;
	}
	}

	cleanup:

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(pathName, plContext));

	if (inFile) {
	PR_Close(inFile);
	}

	if (error) {
	SECITEM_FreeItem(&crlDER, PR_FALSE);
	}

	PKIX_TEST_DECREF_AC(byteArray);

	PKIX_TEST_RETURN();

	return (crl);
	}

	PKIX_TrustAnchor *
	createTrustAnchor(
	char *dirName,
	char *certFileName,
	PKIX_Boolean useCert,
	void *plContext)
	{
	PKIX_TrustAnchor *anchor = NULL;
	PKIX_PL_Cert *cert = NULL;
	PKIX_PL_X500Name *name = NULL;
	PKIX_PL_PublicKey *pubKey = NULL;
	PKIX_PL_CertNameConstraints *nameConstraints = NULL;

	PKIX_TEST_STD_VARS();

	cert = createCert(dirName, certFileName, plContext);

	if (useCert) {
	PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(cert, &anchor, plContext));
	} else {
	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(cert, &name, plContext));

	if (name == NULL) {
	goto cleanup;
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints(cert, &nameConstraints, NULL));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithNameKeyPair(name, pubKey, nameConstraints, &anchor, plContext));
	}

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(anchor);
	}

	PKIX_TEST_DECREF_AC(cert);
	PKIX_TEST_DECREF_AC(name);
	PKIX_TEST_DECREF_AC(pubKey);
	PKIX_TEST_DECREF_AC(nameConstraints);

	PKIX_TEST_RETURN();

	return (anchor);
	}

	PKIX_List *
	createCertChain(
	char *dirName,
	char *firstCertFileName,
	char *secondCertFileName,
	void *plContext)
	{
	PKIX_PL_Cert *firstCert = NULL;
	PKIX_PL_Cert *secondCert = NULL;
	PKIX_List *certList = NULL;

	PKIX_TEST_STD_VARS();

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));

	firstCert = createCert(dirName, firstCertFileName, plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)firstCert, plContext));

	if (secondCertFileName) {
	secondCert = createCert(dirName, secondCertFileName, plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList, (PKIX_PL_Object *)secondCert, plContext));
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(certList);
	}

	PKIX_TEST_DECREF_AC(firstCert);
	PKIX_TEST_DECREF_AC(secondCert);

	PKIX_TEST_RETURN();

	return (certList);
	}

	PKIX_List *
	createCertChainPlus(
	char *dirName,
	char *certNames[],
	PKIX_PL_Cert *certs[],
	PKIX_UInt32 numCerts,
	void *plContext)
	{
	PKIX_List *certList = NULL;
	PKIX_UInt32 i;

	PKIX_TEST_STD_VARS();

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certList, plContext));

	for (i = 0; i < numCerts; i++) {

	certs[i] = createCert(dirName, certNames[i], plContext);

	/* Create Cert may fail */
	if (certs[i] == NULL) {
	PKIX_TEST_DECREF_BC(certList);
	goto cleanup;
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certList,
	(PKIX_PL_Object *)certs[i],
	plContext));
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable(certList, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(certList);
	}

	for (i = 0; i < numCerts; i++) {
	PKIX_TEST_DECREF_AC(certs[i]);
	}

	PKIX_TEST_RETURN();

	return (certList);
	}

	PKIX_PL_Date *
	createDate(
	char *asciiDate,
	void *plContext)
	{
	PKIX_PL_Date *date = NULL;
	PKIX_PL_String *plString = NULL;

	PKIX_TEST_STD_VARS();

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiDate, 0, &plString, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(plString, &date, plContext));

	cleanup:

	PKIX_TEST_DECREF_AC(plString);

	PKIX_TEST_RETURN();

	return (date);
	}

	PKIX_ProcessingParams *
	createProcessingParams(
	char *dirName,
	char *firstAnchorFileName,
	char *secondAnchorFileName,
	char *dateAscii,
	PKIX_List initialPolicies, / List of PKIX_PL_OID */
	PKIX_Boolean isCrlEnabled,
	void *plContext)
	{

	PKIX_TrustAnchor *firstAnchor = NULL;
	PKIX_TrustAnchor *secondAnchor = NULL;
	PKIX_List *anchorsList = NULL;
	PKIX_ProcessingParams *procParams = NULL;
	PKIX_PL_String *dateString = NULL;
	PKIX_PL_Date *testDate = NULL;

	PKIX_TEST_STD_VARS();

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchorsList, plContext));

	firstAnchor = createTrustAnchor(dirName, firstAnchorFileName, PKIX_FALSE, plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
	(PKIX_PL_Object *)firstAnchor,
	plContext));

	if (secondAnchorFileName) {
	secondAnchor =
	createTrustAnchor(dirName, secondAnchorFileName, PKIX_FALSE, plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchorsList,
	(PKIX_PL_Object *)secondAnchor,
	plContext));
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchorsList, &procParams, plContext));

	if (dateAscii) {
	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
	dateAscii,
	0,
	&dateString,
	plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(dateString, &testDate, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetDate(procParams, testDate, plContext));
	}

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, isCrlEnabled, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(procParams);
	}

	PKIX_TEST_DECREF_AC(dateString);
	PKIX_TEST_DECREF_AC(testDate);
	PKIX_TEST_DECREF_AC(anchorsList);
	PKIX_TEST_DECREF_AC(firstAnchor);
	PKIX_TEST_DECREF_AC(secondAnchor);

	PKIX_TEST_RETURN();

	return (procParams);
	}

	PKIX_ValidateParams *
	createValidateParams(
	char *dirName,
	char *firstAnchorFileName,
	char *secondAnchorFileName,
	char *dateAscii,
	PKIX_List initialPolicies, / List of PKIX_PL_OID */
	PKIX_Boolean initialPolicyMappingInhibit,
	PKIX_Boolean initialAnyPolicyInhibit,
	PKIX_Boolean initialExplicitPolicy,
	PKIX_Boolean isCrlEnabled,
	PKIX_List *chain,
	void *plContext)
	{

	PKIX_ProcessingParams *procParams = NULL;
	PKIX_ValidateParams *valParams = NULL;

	PKIX_TEST_STD_VARS();

	procParams =
	createProcessingParams(dirName,
	firstAnchorFileName,
	secondAnchorFileName,
	dateAscii,
	NULL,
	isCrlEnabled,
	plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies(procParams, initialPolicies, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetPolicyMappingInhibited(procParams, initialPolicyMappingInhibit, NULL));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetAnyPolicyInhibited(procParams, initialAnyPolicyInhibit, NULL));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetExplicitPolicyRequired(procParams, initialExplicitPolicy, NULL));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create(procParams, chain, &valParams, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(valParams);
	}

	PKIX_TEST_DECREF_AC(procParams);

	PKIX_TEST_RETURN();

	return (valParams);
	}

	PKIX_ValidateResult *
	createValidateResult(
	char *dirName,
	char *anchorFileName,
	char *pubKeyCertFileName,
	void *plContext)
	{

	PKIX_TrustAnchor *anchor = NULL;
	PKIX_ValidateResult *valResult = NULL;
	PKIX_PL_Cert *cert = NULL;
	PKIX_PL_PublicKey *pubKey = NULL;

	PKIX_TEST_STD_VARS();

	anchor = createTrustAnchor(dirName, anchorFileName, PKIX_FALSE, plContext);
	cert = createCert(dirName, pubKeyCertFileName, plContext);

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(cert, &pubKey, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(pkix_ValidateResult_Create(pubKey, anchor, NULL, &valResult, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(valResult);
	}

	PKIX_TEST_DECREF_AC(anchor);
	PKIX_TEST_DECREF_AC(cert);
	PKIX_TEST_DECREF_AC(pubKey);

	PKIX_TEST_RETURN();

	return (valResult);
	}

	PKIX_PL_GeneralName *
	createGeneralName(
	PKIX_UInt32 nameType,
	char *asciiName,
	void *plContext)
	{

	PKIX_PL_GeneralName *generalName = NULL;
	PKIX_PL_String *plString = NULL;

	PKIX_TEST_STD_VARS();

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiName, 0, &plString, plContext));

	PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_GeneralName_Create(nameType, plString, &generalName, plContext));

	cleanup:

	PKIX_TEST_DECREF_AC(plString);

	PKIX_TEST_RETURN();

	return (generalName);
	}

	PKIX_BuildResult *
	createBuildResult(
	char *dirName,
	char *anchorFileName,
	char *pubKeyCertFileName,
	char *firstChainCertFileName,
	char *secondChainCertFileName,
	void *plContext)
	{
	PKIX_BuildResult *buildResult = NULL;
	PKIX_ValidateResult *valResult = NULL;
	PKIX_List *certChain = NULL;

	PKIX_TEST_STD_VARS();

	valResult = createValidateResult(dirName, anchorFileName, pubKeyCertFileName, plContext);
	certChain = createCertChain(dirName,
	firstChainCertFileName,
	secondChainCertFileName,
	plContext);

	PKIX_TEST_EXPECT_NO_ERROR(pkix_BuildResult_Create(valResult, certChain, &buildResult, plContext));

	cleanup:

	if (PKIX_TEST_ERROR_RECEIVED) {
	PKIX_TEST_DECREF_AC(buildResult);
	}

	PKIX_TEST_DECREF_AC(valResult);
	PKIX_TEST_DECREF_AC(certChain);

	PKIX_TEST_RETURN();

	return (buildResult);
	}