Changeset 51716 in vbox for trunk/src/VBox/Runtime/testcase
- Timestamp:
- Jun 24, 2014 4:33:45 PM (11 years ago)
- File:
-
- 1 edited
-
trunk/src/VBox/Runtime/testcase/tstRTHttp.cpp (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Runtime/testcase/tstRTHttp.cpp
r51635 r51716 35 35 #include <iprt/string.h> 36 36 #include <iprt/initterm.h> 37 #include <iprt/vfslowlevel.h> 38 #include <iprt/zip.h> 37 39 38 40 #define CAFILE_NAME "tstHttp-tempcafile.crt" 41 42 static int extractPCA3G5(RTHTTP hHttp, PRTSTREAM CAFile, uint8_t *pu8Buf, size_t cbBuf) 43 { 44 uint8_t *abSha1; 45 size_t cbSha1; 46 uint8_t *abSha512; 47 size_t cbSha512; 48 char *pszBuf = (char*)pu8Buf; 49 50 const uint8_t abSha1PCA3G5[] = 51 { 52 0x4e, 0xb6, 0xd5, 0x78, 0x49, 0x9b, 0x1c, 0xcf, 0x5f, 0x58, 53 0x1e, 0xad, 0x56, 0xbe, 0x3d, 0x9b, 0x67, 0x44, 0xa5, 0xe5 54 }; 55 const uint8_t abSha512PCA3G5[] = 56 { 57 0xd4, 0xf8, 0x10, 0x54, 0x72, 0x77, 0x0a, 0x2d, 58 0xe3, 0x17, 0xb3, 0xcf, 0xed, 0x61, 0xae, 0x5c, 59 0x5d, 0x3e, 0xde, 0xa1, 0x41, 0x35, 0xb2, 0xdf, 60 0x60, 0xe2, 0x61, 0xfe, 0x3a, 0xc1, 0x66, 0xa3, 61 0x3c, 0x88, 0x54, 0x04, 0x4f, 0x1d, 0x13, 0x46, 62 0xe3, 0x8c, 0x06, 0x92, 0x9d, 0x70, 0x54, 0xc3, 63 0x44, 0xeb, 0x2c, 0x74, 0x25, 0x9e, 0x5d, 0xfb, 64 0xd2, 0x6b, 0xa8, 0x9a, 0xf0, 0xb3, 0x6a, 0x01 65 }; 66 int rc = RTHttpCertDigest(hHttp, pszBuf, cbBuf, 67 &abSha1, &cbSha1, &abSha512, &cbSha512); 68 if (RT_SUCCESS(rc)) 69 { 70 if (cbSha1 != sizeof(abSha1PCA3G5)) 71 { 72 RTPrintf("Wrong SHA1 digest size of PCA-3G5\n"); 73 rc = VERR_INTERNAL_ERROR; 74 } 75 else if (memcmp(abSha1PCA3G5, abSha1, cbSha1)) 76 { 77 RTPrintf("Wrong SHA1 digest for PCA-3G5:\n" 78 "Got: %.*Rhxs\n" 79 "Expected: %.*Rhxs\n", 80 cbSha1, abSha1, sizeof(abSha1PCA3G5), abSha1PCA3G5); 81 rc = VERR_INTERNAL_ERROR; 82 } 83 if (cbSha512 != sizeof(abSha512PCA3G5)) 84 { 85 RTPrintf("Wrong SHA512 digest size of PCA-3G5\n"); 86 rc = VERR_INTERNAL_ERROR; 87 } 88 else if (memcmp(abSha512PCA3G5, abSha512, cbSha512)) 89 { 90 RTPrintf("Wrong SHA512 digest for PCA-3G5:\n" 91 "Got: %.*Rhxs\n" 92 "Expected: %.*Rhxs\n", 93 cbSha512, abSha512, sizeof(abSha512PCA3G5), abSha512PCA3G5); 94 rc = VERR_INTERNAL_ERROR; 95 } 96 RTMemFree(abSha1); 97 RTMemFree(abSha512); 98 if (RT_SUCCESS(rc)) 99 rc = RTStrmWrite(CAFile, pszBuf, cbBuf); 100 if (RT_SUCCESS(rc)) 101 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED)); 102 } 103 return rc; 104 } 105 106 static int extractPCA3(RTHTTP hHttp, PRTSTREAM CAFile, uint8_t *pu8Buf, size_t cbBuf) 107 { 108 uint8_t *abSha1; 109 size_t cbSha1; 110 uint8_t *abSha512; 111 size_t cbSha512; 112 char *pszBuf = (char*)pu8Buf; 113 114 const uint8_t abSha1PCA3[] = 115 { 116 0xa1, 0xdb, 0x63, 0x93, 0x91, 0x6f, 0x17, 0xe4, 0x18, 0x55, 117 0x09, 0x40, 0x04, 0x15, 0xc7, 0x02, 0x40, 0xb0, 0xae, 0x6b 118 }; 119 const uint8_t abSha512PCA3[] = 120 { 121 0xbb, 0xf7, 0x8a, 0x19, 0x9f, 0x37, 0xee, 0xa2, 122 0xce, 0xc8, 0xaf, 0xe3, 0xd6, 0x22, 0x54, 0x20, 123 0x74, 0x67, 0x6e, 0xa5, 0x19, 0xb7, 0x62, 0x1e, 124 0xc1, 0x2f, 0xd5, 0x08, 0xf4, 0x64, 0xc4, 0xc6, 125 0xbb, 0xc2, 0xf2, 0x35, 0xe7, 0xbe, 0x32, 0x0b, 126 0xde, 0xb2, 0xfc, 0x44, 0x92, 0x5b, 0x8b, 0x9b, 127 0x77, 0xa5, 0x40, 0x22, 0x18, 0x12, 0xcb, 0x3d, 128 0x0a, 0x67, 0x83, 0x87, 0xc5, 0x45, 0xc4, 0x99 129 }; 130 int rc = RTHttpCertDigest(hHttp, pszBuf, cbBuf, 131 &abSha1, &cbSha1, &abSha512, &cbSha512); 132 if (RT_SUCCESS(rc)) 133 { 134 if (cbSha1 != sizeof(abSha1PCA3)) 135 { 136 RTPrintf("Wrong SHA1 digest size of PCA-3\n"); 137 rc = VERR_INTERNAL_ERROR; 138 } 139 else if (memcmp(abSha1PCA3, abSha1, cbSha1)) 140 { 141 RTPrintf("Wrong SHA1 digest for PCA-3:\n" 142 "Got: %.*Rhxs\n" 143 "Expected: %.*Rhxs\n", 144 cbSha1, abSha1, sizeof(abSha1PCA3), abSha1PCA3); 145 rc = VERR_INTERNAL_ERROR; 146 } 147 if (cbSha512 != sizeof(abSha512PCA3)) 148 { 149 RTPrintf("Wrong SHA512 digest size of PCA-3\n"); 150 rc = VERR_INTERNAL_ERROR; 151 } 152 else if (memcmp(abSha512PCA3, abSha512, cbSha512)) 153 { 154 RTPrintf("Wrong SHA512 digest for PCA-3:\n" 155 "Got: %.*Rhxs\n" 156 "Expected: %.*Rhxs\n", 157 cbSha512, abSha512, sizeof(abSha512PCA3), abSha512PCA3); 158 rc = VERR_INTERNAL_ERROR; 159 } 160 RTMemFree(abSha1); 161 RTMemFree(abSha512); 162 if (RT_SUCCESS(rc)) 163 rc = RTStrmWrite(CAFile, pszBuf, cbBuf); 164 if (RT_SUCCESS(rc)) 165 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED)); 166 } 167 168 return rc; 169 } 170 171 /* 172 * Check for HTTP errors, in particular properly display redirections. 173 */ 174 static void checkError(RTHTTP hHttp, int rc, const char *pszFile) 175 { 176 if (rc == VERR_HTTP_REDIRECTED) 177 { 178 char *pszRedirLocation; 179 int rc2 = RTHttpGetRedirLocation(hHttp, &pszRedirLocation); 180 if (RT_SUCCESS(rc2)) 181 RTPrintf("Redirected to '%s' trying to fetch '%s'\n", pszRedirLocation, pszFile); 182 else 183 RTPrintf("Redirected trying to fetch '%s'\n", pszFile); 184 RTStrFree(pszRedirLocation); 185 } 186 else 187 RTPrintf("Error %Rrc trying to fetch '%s'\n", rc, pszFile); 188 } 39 189 40 190 int main(int argc, char **argv) … … 67 217 int rc = RTHttpCreate(&hHttp); 68 218 69 // create certificate file 219 /* 220 * Create the certificate file 221 */ 70 222 if (RT_SUCCESS(rc)) 71 223 rc = RTStrmOpen(CAFILE_NAME, "w+b", &CAFile); 72 224 73 // fetch root CA certificate (new one, often avoided in cert chains by 74 // using an intermediate cert which is signed by old root) 75 if (RT_SUCCESS(rc)) 76 rc = RTHttpGetText(hHttp, 77 "http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem", 78 &pszBuf); 79 if (RT_SUCCESS(rc) && pszBuf) 80 { 81 uint8_t *abSha1; 82 size_t cbSha1; 83 uint8_t *abSha512; 84 size_t cbSha512; 85 size_t cbBuf = strlen(pszBuf); 86 const uint8_t abSha1PCA3G5[] = 87 { 88 0x4e, 0xb6, 0xd5, 0x78, 0x49, 0x9b, 0x1c, 0xcf, 0x5f, 0x58, 89 0x1e, 0xad, 0x56, 0xbe, 0x3d, 0x9b, 0x67, 0x44, 0xa5, 0xe5 90 }; 91 const uint8_t abSha512PCA3G5[] = 92 { 93 0xd4, 0xf8, 0x10, 0x54, 0x72, 0x77, 0x0a, 0x2d, 94 0xe3, 0x17, 0xb3, 0xcf, 0xed, 0x61, 0xae, 0x5c, 95 0x5d, 0x3e, 0xde, 0xa1, 0x41, 0x35, 0xb2, 0xdf, 96 0x60, 0xe2, 0x61, 0xfe, 0x3a, 0xc1, 0x66, 0xa3, 97 0x3c, 0x88, 0x54, 0x04, 0x4f, 0x1d, 0x13, 0x46, 98 0xe3, 0x8c, 0x06, 0x92, 0x9d, 0x70, 0x54, 0xc3, 99 0x44, 0xeb, 0x2c, 0x74, 0x25, 0x9e, 0x5d, 0xfb, 100 0xd2, 0x6b, 0xa8, 0x9a, 0xf0, 0xb3, 0x6a, 0x01 101 }; 102 rc = RTHttpCertDigest(hHttp, pszBuf, cbBuf, 103 &abSha1, &cbSha1, &abSha512, &cbSha512); 104 if (RT_SUCCESS(rc)) 105 { 106 if (cbSha1 != sizeof(abSha1PCA3G5)) 225 if (RT_SUCCESS(rc)) 226 { 227 /* 228 * The old way: 229 */ 230 231 /* 232 * Fetch the root CA certificate (new one, often avoided in cert chains by 233 * using an intermediate cert which is signed by old root) 234 */ 235 if (RT_SUCCESS(rc)) 236 rc = RTHttpGetText(hHttp, 237 "http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem", 238 &pszBuf); 239 if (RT_SUCCESS(rc) && pszBuf) 240 rc = extractPCA3G5(hHttp, CAFile, (uint8_t*)pszBuf, strlen(pszBuf)); 241 else 242 checkError(hHttp, rc, "PCA-3G5.pem"); 243 if (pszBuf) 244 { 245 RTMemFree(pszBuf); 246 pszBuf = NULL; 247 } 248 249 /* 250 * Fetch the root CA certificate (old one, but still very widely used) 251 */ 252 if (RT_SUCCESS(rc)) 253 rc = RTHttpGetText(hHttp, 254 "http://www.verisign.com/repository/roots/root-certificates/PCA-3.pem", 255 &pszBuf); 256 if (RT_SUCCESS(rc) && pszBuf) 257 rc = extractPCA3(hHttp, CAFile, (uint8_t*)pszBuf, strlen(pszBuf)); 258 else 259 checkError(hHttp, rc, "PCA-3.pem"); 260 if (pszBuf) 261 { 262 RTMemFree(pszBuf); 263 pszBuf = NULL; 264 } 265 266 /* 267 * The new way: 268 */ 269 void *pu8Buf; 270 size_t cb; 271 rc = RTHttpGetBinary(hHttp, 272 "http://www.verisign.com/support/roots.zip", 273 &pu8Buf, &cb); 274 if (RT_SUCCESS(rc) && pu8Buf) 275 { 276 void *pvDecomp; 277 size_t cbDecomp; 278 rc = RTZipPkzipMemDecompress(&pvDecomp, &cbDecomp, pu8Buf, cb, 279 "VeriSign Root Certificates/Generation 5 (G5) PCA/VeriSign Class 3 Public Primary Certification Authority - G5.pem"); 280 if (RT_SUCCESS(rc)) 107 281 { 108 RTPrintf("Wrong SHA1 digest size of PCA-3G5\n"); 109 rc = VERR_INTERNAL_ERROR; 282 rc = extractPCA3G5(hHttp, CAFile, (uint8_t*)pvDecomp, cbDecomp); 283 RTMemFree(pvDecomp); 284 rc = RTZipPkzipMemDecompress(&pvDecomp, &cbDecomp, pu8Buf, cb, 285 "VeriSign Root Certificates/Generation 1 (G1) PCAs/Class 3 Public Primary Certification Authority.pem"); 286 if (RT_SUCCESS(rc)) 287 { 288 rc = extractPCA3(hHttp, CAFile, (uint8_t*)pvDecomp, cbDecomp); 289 RTMemFree(pvDecomp); 290 } 110 291 } 111 else if (memcmp(abSha1PCA3G5, abSha1, cbSha1)) 112 { 113 RTPrintf("Wrong SHA1 digest for PCA-3G5:\n" 114 "Got: %.*Rhxs\n" 115 "Expected: %.*Rhxs\n", 116 cbSha1, abSha1, sizeof(abSha1PCA3G5), abSha1PCA3G5); 117 rc = VERR_INTERNAL_ERROR; 118 } 119 if (cbSha512 != sizeof(abSha512PCA3G5)) 120 { 121 RTPrintf("Wrong SHA512 digest size of PCA-3G5\n"); 122 rc = VERR_INTERNAL_ERROR; 123 } 124 else if (memcmp(abSha512PCA3G5, abSha512, cbSha512)) 125 { 126 RTPrintf("Wrong SHA512 digest for PCA-3G5:\n" 127 "Got: %.*Rhxs\n" 128 "Expected: %.*Rhxs\n", 129 cbSha512, abSha512, sizeof(abSha512PCA3G5), abSha512PCA3G5); 130 rc = VERR_INTERNAL_ERROR; 131 } 132 RTMemFree(abSha1); 133 RTMemFree(abSha512); 134 if (RT_SUCCESS(rc)) 135 rc = RTStrmWrite(CAFile, pszBuf, cbBuf); 136 if (RT_SUCCESS(rc)) 137 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED)); 138 } 139 } 140 if (pszBuf) 141 { 142 RTMemFree(pszBuf); 143 pszBuf = NULL; 144 } 145 146 // fetch root CA certificate (old one, but still very widely used) 147 if (RT_SUCCESS(rc)) 148 rc = RTHttpGetText(hHttp, 149 "http://www.verisign.com/repository/roots/root-certificates/PCA-3.pem", 150 &pszBuf); 151 if (RT_SUCCESS(rc) && pszBuf) 152 { 153 uint8_t *abSha1; 154 size_t cbSha1; 155 uint8_t *abSha512; 156 size_t cbSha512; 157 size_t cbBuf = strlen(pszBuf); 158 const uint8_t abSha1PCA3[] = 159 { 160 0xa1, 0xdb, 0x63, 0x93, 0x91, 0x6f, 0x17, 0xe4, 0x18, 0x55, 161 0x09, 0x40, 0x04, 0x15, 0xc7, 0x02, 0x40, 0xb0, 0xae, 0x6b 162 }; 163 const uint8_t abSha512PCA3[] = 164 { 165 0xbb, 0xf7, 0x8a, 0x19, 0x9f, 0x37, 0xee, 0xa2, 166 0xce, 0xc8, 0xaf, 0xe3, 0xd6, 0x22, 0x54, 0x20, 167 0x74, 0x67, 0x6e, 0xa5, 0x19, 0xb7, 0x62, 0x1e, 168 0xc1, 0x2f, 0xd5, 0x08, 0xf4, 0x64, 0xc4, 0xc6, 169 0xbb, 0xc2, 0xf2, 0x35, 0xe7, 0xbe, 0x32, 0x0b, 170 0xde, 0xb2, 0xfc, 0x44, 0x92, 0x5b, 0x8b, 0x9b, 171 0x77, 0xa5, 0x40, 0x22, 0x18, 0x12, 0xcb, 0x3d, 172 0x0a, 0x67, 0x83, 0x87, 0xc5, 0x45, 0xc4, 0x99 173 }; 174 rc = RTHttpCertDigest(hHttp, pszBuf, cbBuf, 175 &abSha1, &cbSha1, &abSha512, &cbSha512); 176 if (RT_SUCCESS(rc)) 177 { 178 if (cbSha1 != sizeof(abSha1PCA3)) 179 { 180 RTPrintf("Wrong SHA1 digest size of PCA-3\n"); 181 rc = VERR_INTERNAL_ERROR; 182 } 183 else if (memcmp(abSha1PCA3, abSha1, cbSha1)) 184 { 185 RTPrintf("Wrong SHA1 digest for PCA-3:\n" 186 "Got: %.*Rhxs\n" 187 "Expected: %.*Rhxs\n", 188 cbSha1, abSha1, sizeof(abSha1PCA3), abSha1PCA3); 189 rc = VERR_INTERNAL_ERROR; 190 } 191 if (cbSha512 != sizeof(abSha512PCA3)) 192 { 193 RTPrintf("Wrong SHA512 digest size of PCA-3\n"); 194 rc = VERR_INTERNAL_ERROR; 195 } 196 else if (memcmp(abSha512PCA3, abSha512, cbSha512)) 197 { 198 RTPrintf("Wrong SHA512 digest for PCA-3:\n" 199 "Got: %.*Rhxs\n" 200 "Expected: %.*Rhxs\n", 201 cbSha512, abSha512, sizeof(abSha512PCA3), abSha512PCA3); 202 rc = VERR_INTERNAL_ERROR; 203 } 204 RTMemFree(abSha1); 205 RTMemFree(abSha512); 206 if (RT_SUCCESS(rc)) 207 rc = RTStrmWrite(CAFile, pszBuf, cbBuf); 208 if (RT_SUCCESS(rc)) 209 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED)); 210 } 211 } 212 if (pszBuf) 213 { 214 RTMemFree(pszBuf); 215 pszBuf = NULL; 216 } 217 218 // close certificate file 292 } 293 else 294 checkError(hHttp, rc, "roots.zip"); 295 } 296 297 /* 298 * Close the certificate file 299 */ 219 300 if (CAFile) 220 301 { … … 223 304 } 224 305 306 /* 307 * Use it 308 */ 225 309 if (RT_SUCCESS(rc)) 226 310 rc = RTHttpSetCAFile(hHttp, CAFILE_NAME); 227 311 312 /* 313 * Now try to do the actual HTTPS request 314 */ 228 315 if (RT_SUCCESS(rc)) 229 316 rc = RTHttpGetText(hHttp, … … 238 325 RTPrintf("Error code: %Rrc\n", rc); 239 326 else 327 { 240 328 RTPrintf("Success!\n"); 241 RTPrintf("Got: %s\n", pszBuf); 329 RTPrintf("Got: %s\n", pszBuf); 330 } 242 331 if (pszBuf) 243 332 { … … 246 335 } 247 336 248 void *u8Buf;249 size_t cb;250 rc = RTHttpGetBinary(hHttp,251 "http://www.verisign.com/support/roots.zip",252 &u8Buf, &cb);253 if (RT_SUCCESS(rc) && u8Buf)254 {255 RTPrintf("Got file length %zd\n", cb);256 }257 else258 RTPrintf("Error code %Rrc\n", rc);259 260 337 RTHttpDestroy(hHttp); 261 338
Note:
See TracChangeset
for help on using the changeset viewer.
