[CKM] (ACR-429) Remove removed API related TC 80/49580/1
authorKyungwook Tak <k.tak@samsung.com>
Mon, 5 Oct 2015 07:14:40 +0000 (16:14 +0900)
committerKyungwook Tak <k.tak@samsung.com>
Thu, 15 Oct 2015 07:22:42 +0000 (16:22 +0900)
- ckmc_get_cert_chain_trustedcert_with_alias

Change-Id: I6abe05e1fe729391d0d307d298d2aa158f6d78ff
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
src/ckm/capi-certificate-chains.cpp

index af97c9289061d9c27580467638945248a529f52c..d9d10c73f97ee4973f59e4b2b183ef69889bc55f 100644 (file)
@@ -64,31 +64,6 @@ void save_cert(const ckmc_cert_s* cert, const char* alias) {
     assert_positive(ckmc_save_cert, alias, *cert, policy);
 }
 
-// list gets copies of aliases
-AliasListPtr create_alias_list(const char* alias, ...) {
-    AliasListPtr aliasList(NULL, ckmc_alias_list_all_free);
-
-    va_list ap;
-
-    va_start(ap, alias);
-    ckmc_alias_list_s* last = NULL;
-    for (const char* a = alias; a != NULL; a = va_arg(ap, const char*)) {
-        if (aliasList == NULL) {
-            ckmc_alias_list_s* tmp = NULL;
-            assert_positive(ckmc_alias_list_new, strdup(a), &tmp);
-            aliasList = AliasListPtr(tmp, ckmc_alias_list_all_free);
-            RUNNER_ASSERT_MSG(!!aliasList, "Alias list is NULL");
-            last = aliasList.get();
-        } else {
-            assert_positive(ckmc_alias_list_add, last, strdup(a), &last);
-            RUNNER_ASSERT_MSG(last != NULL, "Last alias on the list is NULL");
-        }
-    }
-    va_end(ap);
-
-    return aliasList;
-}
-
 // list takes ownership of provided certificates
 CertListPtr create_cert_list(ckmc_cert_s* cert, ...) {
     CertListPtr certList(NULL, ckmc_cert_list_all_free);
@@ -114,80 +89,25 @@ CertListPtr create_cert_list(ckmc_cert_s* cert, ...) {
     return certList;
 }
 
-const ckmc_alias_list_s* NULL_ALIASES = NULL;
 const ckmc_cert_s* NULL_CERT = NULL;
 ckmc_cert_list_s** NULL_CHAIN = NULL;
 
-// old api wrapper
-class ChainApiOld {
-public:
-    static int createChain(const ckmc_cert_s *cert,
-                           const ckmc_cert_list_s *untrustedcerts,
-                           const ckmc_cert_list_s* /*trustedcerts*/,
-                           const bool /*use_trustedsystemcerts*/,
-                           ckmc_cert_list_s **ppcert_chain_list)
-    {
-        return ckmc_get_cert_chain(cert, untrustedcerts, ppcert_chain_list);
-    }
-
-    static int createChainWithAlias(const ckmc_cert_s *cert,
-                                    const ckmc_alias_list_s *untrustedcerts,
-                                    const ckmc_alias_list_s* /*trustedcerts*/,
-                                    const bool /*use_trustedsystemcerts*/,
-                                    ckmc_cert_list_s **ppcert_chain_list)
-    {
-        return ckmc_get_cert_chain_with_alias(cert, untrustedcerts, ppcert_chain_list);
-    }
-};
-
-// new api wrapper
-class ChainApiNew {
-public:
-    static int createChain(const ckmc_cert_s *cert,
-                           const ckmc_cert_list_s *untrustedcerts,
-                           const ckmc_cert_list_s *trustedcerts,
-                           const bool use_trustedsystemcerts,
-                           ckmc_cert_list_s **ppcert_chain_list)
-    {
-        return ckmc_get_cert_chain_with_trustedcert(cert,
-                                                    untrustedcerts,
-                                                    trustedcerts,
-                                                    use_trustedsystemcerts,
-                                                    ppcert_chain_list);
-    }
-
-    static int createChainWithAlias(const ckmc_cert_s *cert,
-                                    const ckmc_alias_list_s *untrustedcerts,
-                                    const ckmc_alias_list_s *trustedcerts,
-                                    const bool use_trustedsystemcerts,
-                                    ckmc_cert_list_s **ppcert_chain_list)
-    {
-        return ckmc_get_cert_chain_with_trustedcert_alias(cert,
-                                                          untrustedcerts,
-                                                          trustedcerts,
-                                                          use_trustedsystemcerts,
-                                                          ppcert_chain_list);
-    }
-};
-
 /*
  * Helper class for certificate verification
  */
-template <typename T=ChainApiNew>
-class ChainVerifier
-{
+class ChainVerifierBase {
 public:
-    ChainVerifier();
-    ~ChainVerifier();
+    ChainVerifierBase();
+    virtual ~ChainVerifierBase();
 
     void addTrusted(TestData::certificateID idx);
     void addUntrusted(TestData::certificateID idx);
     void enableSystem(bool enable);
 
-    void verifyPositive(TestData::certificateID idx, size_t expected);
-    void verifyNegative(TestData::certificateID idx, int error = CKMC_ERROR_VERIFICATION_FAILED);
+    virtual void verifyPositive(TestData::certificateID idx, size_t expected) = 0;
+    virtual void verifyNegative(TestData::certificateID idx, int error = CKMC_ERROR_VERIFICATION_FAILED) = 0;
 
-private:
+protected:
     void addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert);
     void addAlias(ckmc_alias_list_s*& list, const char* alias);
 
@@ -200,8 +120,8 @@ private:
     bool m_system;
 };
 
-template <typename T>
-ChainVerifier<T>::ChainVerifier() :
+
+ChainVerifierBase::ChainVerifierBase() :
         m_trustedCerts(NULL),
         m_trustedAliases(NULL),
         m_untrustedCerts(NULL),
@@ -210,8 +130,7 @@ ChainVerifier<T>::ChainVerifier() :
 {
 }
 
-template <typename T>
-ChainVerifier<T>::~ChainVerifier()
+ChainVerifierBase::~ChainVerifierBase()
 {
     ckmc_cert_list_all_free(m_trustedCerts);
     ckmc_cert_list_all_free(m_untrustedCerts);
@@ -219,8 +138,7 @@ ChainVerifier<T>::~ChainVerifier()
     ckmc_alias_list_all_free(m_untrustedAliases);
 }
 
-template <typename T>
-void ChainVerifier<T>::addTrusted(TestData::certificateID idx)
+void ChainVerifierBase::addTrusted(TestData::certificateID idx)
 {
     size_t size = list_size(m_trustedCerts);
     ckmc_cert_s* cert = create_cert(idx);
@@ -232,8 +150,7 @@ void ChainVerifier<T>::addTrusted(TestData::certificateID idx)
     addAlias(m_trustedAliases, ss.str().c_str());
 }
 
-template <typename T>
-void ChainVerifier<T>::addUntrusted(TestData::certificateID idx)
+void ChainVerifierBase::addUntrusted(TestData::certificateID idx)
 {
     size_t size = list_size(m_untrustedCerts);
     ckmc_cert_s* cert = create_cert(idx);
@@ -245,14 +162,12 @@ void ChainVerifier<T>::addUntrusted(TestData::certificateID idx)
     addAlias(m_untrustedAliases, ss.str().c_str());
 }
 
-template <typename T>
-void ChainVerifier<T>::enableSystem(bool enable)
+void ChainVerifierBase::enableSystem(bool enable)
 {
     m_system = enable;
 }
 
-template <typename T>
-void ChainVerifier<T>::addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert)
+void ChainVerifierBase::addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert)
 {
     if (!list) {
         ckmc_cert_list_s* tmp = NULL;
@@ -268,8 +183,7 @@ void ChainVerifier<T>::addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert)
     }
 }
 
-template <typename T>
-void ChainVerifier<T>::addAlias(ckmc_alias_list_s*& list, const char* alias)
+void ChainVerifierBase::addAlias(ckmc_alias_list_s*& list, const char* alias)
 {
     if (!list) {
         ckmc_alias_list_s* tmp = NULL;
@@ -285,18 +199,27 @@ void ChainVerifier<T>::addAlias(ckmc_alias_list_s*& list, const char* alias)
     }
 }
 
-template <typename T>
-void ChainVerifier<T>::verifyPositive(TestData::certificateID idx, size_t expected)
+class ChainVerifierOld : public ChainVerifierBase {
+public:
+    virtual void verifyPositive(TestData::certificateID idx, size_t expected);
+    virtual void verifyNegative(TestData::certificateID idx, int error = CKMC_ERROR_VERIFICATION_FAILED);
+};
+
+class ChainVerifier : public ChainVerifierBase {
+public:
+    virtual void verifyPositive(TestData::certificateID idx, size_t expected);
+    virtual void verifyNegative(TestData::certificateID idx, int error = CKMC_ERROR_VERIFICATION_FAILED);
+};
+
+void ChainVerifierOld::verifyPositive(TestData::certificateID idx, size_t expected)
 {
     ckmc_cert_s* cert = create_cert(idx);
 
     ckmc_cert_list_s* chain = NULL;
 
-    assert_positive(T::createChain,
+    assert_positive(ckmc_get_cert_chain,
                     cert,
                     m_untrustedCerts,
-                    m_trustedCerts,
-                    m_system,
                     &chain);
 
     size_t size = list_size(chain);
@@ -304,45 +227,79 @@ void ChainVerifier<T>::verifyPositive(TestData::certificateID idx, size_t expect
     chain = NULL;
     RUNNER_ASSERT_MSG(size == expected, "Expected chain size: " << expected << " got: " << size);
 
-    assert_positive(T::createChainWithAlias,
+    assert_positive(ckmc_get_cert_chain_with_alias,
                     cert,
                     m_untrustedAliases,
-                    m_trustedAliases,
-                    m_system,
                     &chain);
 
     size = list_size(chain);
     ckmc_cert_list_all_free(chain);
     chain = NULL;
     RUNNER_ASSERT_MSG(size == expected, "Expected chain size: " << expected << " got: " << size);
+
     ckmc_cert_free(cert);
 }
 
-template <typename T>
-void ChainVerifier<T>::verifyNegative(TestData::certificateID idx, int error)
+void ChainVerifier::verifyPositive(TestData::certificateID idx, size_t expected)
+{
+    ckmc_cert_s* cert = create_cert(idx);
+
+    ckmc_cert_list_s* chain = NULL;
+
+    assert_positive(ckmc_get_cert_chain_with_trustedcert,
+                    cert,
+                    m_untrustedCerts,
+                    m_trustedCerts,
+                    m_system,
+                    &chain);
+
+    size_t size = list_size(chain);
+    ckmc_cert_list_all_free(chain);
+    chain = NULL;
+    RUNNER_ASSERT_MSG(size == expected, "Expected chain size: " << expected << " got: " << size);
+
+    ckmc_cert_free(cert);
+}
+
+void ChainVerifierOld::verifyNegative(TestData::certificateID idx, int error)
 {
     ckmc_cert_s* cert = create_cert(idx);
 
     ckmc_cert_list_s* chain = NULL;
 
     assert_result(error,
-                  T::createChain,
+                  ckmc_get_cert_chain,
                   cert,
                   m_untrustedCerts,
-                  m_trustedCerts,
-                  m_system,
                   &chain);
     RUNNER_ASSERT_MSG(chain == NULL, "Chain is not empty");
 
     assert_result(error,
-                  T::createChainWithAlias,
+                  ckmc_get_cert_chain_with_alias,
                   cert,
                   m_untrustedAliases,
-                  m_trustedAliases,
-                  m_system,
                   &chain);
 
     RUNNER_ASSERT_MSG(chain == NULL, "Chain is not empty");
+
+    ckmc_cert_free(cert);
+}
+
+void ChainVerifier::verifyNegative(TestData::certificateID idx, int error)
+{
+    ckmc_cert_s* cert = create_cert(idx);
+
+    ckmc_cert_list_s* chain = NULL;
+
+    assert_result(error,
+                  ckmc_get_cert_chain_with_trustedcert,
+                  cert,
+                  m_untrustedCerts,
+                  m_trustedCerts,
+                  m_system,
+                  &chain);
+    RUNNER_ASSERT_MSG(chain == NULL, "Chain is not empty");
+
     ckmc_cert_free(cert);
 }
 } // namespace anonymous
@@ -359,7 +316,7 @@ RUNNER_TEST(TCCH_0010_get_chain_old_api)
 {
     remove_user_data(0);
 
-    ChainVerifier<ChainApiOld> cv;
+    ChainVerifierOld cv;
     cv.verifyNegative(TestData::GOOGLE_COM);
 
     cv.addUntrusted(TestData::GIAG2);
@@ -372,7 +329,7 @@ RUNNER_TEST(TCCH_0020_get_chain_old_api_system_only)
 {
     remove_user_data(0);
 
-    ChainVerifier<ChainApiOld> cv;
+    ChainVerifierOld cv;
     cv.verifyPositive(TestData::GIAG2, 2); // including system cert
 }
 
@@ -403,52 +360,6 @@ RUNNER_TEST(TCCH_0100_get_certificate_chain_invalid_param)
                          true,
                          NULL_CHAIN);
 
-    // alias
-    ca1 = create_cert(TestData::GEOTRUST);
-    save_cert(ca1, sharedDatabase("GEOTRUST").c_str());
-    AliasListPtr untrusted_a = create_alias_list(sharedDatabase("GEOTRUST").c_str(), NULL);
-
-    assert_invalid_param(ckmc_get_cert_chain_with_trustedcert_alias,
-                         NULL_CERT,
-                         untrusted_a.get(),
-                         untrusted_a.get(),
-                         true,
-                         &chain);
-
-    assert_invalid_param(ckmc_get_cert_chain_with_trustedcert_alias,
-                         ca2,
-                         untrusted_a.get(),
-                         untrusted_a.get(),
-                         true,
-                         NULL_CHAIN);
-
-    ckmc_cert_free(ca2);
-}
-
-// check invalid arguments
-RUNNER_TEST(TCCH_0110_get_certificate_chain_alias_unknown)
-{
-    remove_user_data(0);
-
-    ckmc_cert_s* ca2 = create_cert(TestData::GIAG2);
-    ckmc_cert_list_s* chain = NULL;
-
-    AliasListPtr non_existing = create_alias_list(sharedDatabase("NON_EXISTING_ALIAS").c_str(), NULL);
-    assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
-                  ckmc_get_cert_chain_with_trustedcert_alias,
-                  ca2,
-                  non_existing.get(),
-                  NULL_ALIASES,
-                  true,
-                  &chain);
-
-    assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
-                  ckmc_get_cert_chain_with_trustedcert_alias,
-                  ca2,
-                  NULL_ALIASES,
-                  non_existing.get(),
-                  true,
-                  &chain);
     ckmc_cert_free(ca2);
 }
 
@@ -460,7 +371,7 @@ RUNNER_TEST(TCCH_0120_get_certificate_chain_root_ca_negative)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.enableSystem(false);
     cv.verifyNegative(TestData::EQUIFAX);
 
@@ -476,7 +387,7 @@ RUNNER_TEST(TCCH_0140_get_certificate_chain_trusted_only)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.enableSystem(false);
     cv.addTrusted(TestData::TEST_ROOT_CA);
     cv.verifyPositive(TestData::TEST_IM_CA, 2);
@@ -490,7 +401,7 @@ RUNNER_TEST(TCCH_0150_get_certificate_chain_system_only)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.verifyPositive(TestData::GIAG2, 2); // including system cert
     cv.verifyNegative(TestData::GOOGLE_COM);
 }
@@ -502,7 +413,7 @@ RUNNER_TEST(TCCH_0160_get_certificate_chain_no_untrusted)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.addTrusted(TestData::TEST_ROOT_CA);
     cv.verifyPositive(TestData::TEST_IM_CA, 2);// signed by trusted cert (TEST_ROOT_CA)
     cv.verifyPositive(TestData::GIAG2, 2);    // signed by system cert (GEOTRUST)
@@ -513,7 +424,7 @@ RUNNER_TEST(TCCH_0170_get_certificate_chain_no_trusted)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.addUntrusted(TestData::GIAG2);
     cv.verifyPositive(TestData::GOOGLE_COM,3); // including system cert
     cv.verifyNegative(TestData::TEST_LEAF);
@@ -526,7 +437,7 @@ RUNNER_TEST(TCCH_0180_get_certificate_chain_no_system)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.enableSystem(false);
     cv.addTrusted(TestData::TEST_ROOT_CA);
     cv.addUntrusted(TestData::TEST_IM_CA);
@@ -541,7 +452,7 @@ RUNNER_TEST(TCCH_0190_get_certificate_chain_im_ca_in_trusted)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.enableSystem(false);
     cv.addTrusted(TestData::TEST_ROOT_CA);
     cv.addTrusted(TestData::TEST_IM_CA);
@@ -553,7 +464,7 @@ RUNNER_TEST(TCCH_0200_get_certificate_chain_all)
 {
     remove_user_data(0);
 
-    ChainVerifier<> cv;
+    ChainVerifier cv;
     cv.enableSystem(true);
     cv.addTrusted(TestData::TEST_ROOT_CA);
     cv.addUntrusted(TestData::GEOTRUST);