From: Krzysztof Jackiewicz Date: Tue, 9 Aug 2022 11:09:54 +0000 (+0200) Subject: [UTC/ITC][key-manager][Non-ACR] Use certificates with longer validity X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6fbdf1860c00f6bd21a4ab024bfbd449f1729c65;p=test%2Ftct%2Fnative%2Fapi.git [UTC/ITC][key-manager][Non-ACR] Use certificates with longer validity Use only CA certificate for OCSP verification. CA certificates have longer validity than end entity ones. This is to avoid regular certificate updates in tests. Also fix OCSP ITC test to use certificates with OCSP extension and check the returned OCSP status. Change-Id: I85d4028f4419edb82fef89b6ecba0e1999f9e58a --- diff --git a/src/itc/key-manager/ITs-key-manager-common.c b/src/itc/key-manager/ITs-key-manager-common.c index 557381e7a..a1daa76f7 100755 --- a/src/itc/key-manager/ITs-key-manager-common.c +++ b/src/itc/key-manager/ITs-key-manager-common.c @@ -120,6 +120,33 @@ char* KeyMngrGetError(int nRet) return szErrorVal; } +/** + * @function KeyMngrGetOcspStatus + * @description Maps OCSP statuses to string values + * @parameter status : OCSP status returned + * @return error string + */ +char* KeyMngrGetOcspStatus(ckmc_ocsp_status_e status) +{ + char *szStatusVal = NULL; + + switch ( status ) + { + case CKMC_OCSP_STATUS_GOOD: szStatusVal = "CKMC_OCSP_STATUS_GOOD"; break; + case CKMC_OCSP_STATUS_REVOKED: szStatusVal = "CKMC_OCSP_STATUS_REVOKED"; break; + case CKMC_OCSP_STATUS_UNKNOWN: szStatusVal = "CKMC_OCSP_STATUS_UNKNOWN"; break; + case CKMC_OCSP_ERROR_UNSUPPORTED: szStatusVal = "CKMC_OCSP_ERROR_UNSUPPORTED"; break; + case CKMC_OCSP_ERROR_INVALID_URL: szStatusVal = "CKMC_OCSP_ERROR_INVALID_URL"; break; + case CKMC_OCSP_ERROR_INVALID_RESPONSE: szStatusVal = "CKMC_OCSP_ERROR_INVALID_RESPONSE"; break; + case CKMC_OCSP_ERROR_REMOTE: szStatusVal = "CKMC_OCSP_ERROR_REMOTE_ERROR"; break; + case CKMC_OCSP_ERROR_NET: szStatusVal = "CKMC_OCSP_ERROR_NET_ERROR"; break; + case CKMC_OCSP_ERROR_INTERNAL: szStatusVal = "CKMC_OCSP_ERROR_INTERNAL_ERROR"; break; + default: szStatusVal = "Unknown Error"; break; + } + + return szStatusVal; +} + /** * @function LoadPkcs12 * @description Creates a new ckmc_key_s(private key), ckmc_cert_s(certificate), and ckmc_cert_list_s(CA certificates) handle from a given PKCS#12 file and returns them. @@ -460,4 +487,43 @@ char *RSA_PUBKEY = "zQIDAQAB\n" "-----END PUBLIC KEY-----"; -/** @} */ \ No newline at end of file +/* + * Not Before: Jun 19 00:00:42 2020 GMT + * Not After : Jan 28 00:00:42 2028 GMT + * Subject: C = US, O = Google Trust Services LLC, CN = GTS Root R1 + */ +char* OCSP_CERT_IM = + "-----BEGIN CERTIFICATE-----\n" + "MIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\n" + "MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\n" + "CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\n" + "OTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\n" + "GUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\n" + "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\n" + "ladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\n" + "iV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\n" + "KSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\n" + "DrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\n" + "j5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\n" + "cuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\n" + "CruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\n" + "iYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\n" + "Eua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\n" + "sZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n" + "9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\n" + "BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\n" + "BgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\n" + "JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\n" + "MAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\n" + "oCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\n" + "MAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\n" + "AwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\n" + "NR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\n" + "WprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n" + "9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n" + "+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\n" + "d0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n" + "-----END CERTIFICATE-----\n"; + + +/** @} */ diff --git a/src/itc/key-manager/ITs-key-manager-common.h b/src/itc/key-manager/ITs-key-manager-common.h index 276f28ec5..2b4099676 100755 --- a/src/itc/key-manager/ITs-key-manager-common.h +++ b/src/itc/key-manager/ITs-key-manager-common.h @@ -83,7 +83,10 @@ char *TEST_LEAF_CERT; char *RSA_PUBKEY; +char *OCSP_CERT_IM; + char* KeyMngrGetError(int nRet); +char* KeyMngrGetOcspStatus(ckmc_ocsp_status_e status); void LoadPkcs12(ckmc_pkcs12_s **pkcs12_bundle, int *nRetVal); void SaveKey(char* alias, int *nRetVal); void SaveCertificate(char* alias, int *nRetVal); diff --git a/src/itc/key-manager/ITs-key-manager.c b/src/itc/key-manager/ITs-key-manager.c index 948d548e3..c495f37a7 100755 --- a/src/itc/key-manager/ITs-key-manager.c +++ b/src/itc/key-manager/ITs-key-manager.c @@ -990,34 +990,25 @@ int ITc_ckmc_ocsp_check_p(void) START_TEST; ckmc_cert_s c_cert; - ckmc_cert_s c_cert1; - ckmc_cert_list_s untrustedcerts; - c_cert.raw_cert = (unsigned char *) CERT_CHAIN1; - c_cert.cert_size = strlen(CERT_CHAIN1); + c_cert.raw_cert = (unsigned char *) OCSP_CERT_IM; + c_cert.cert_size = strlen(OCSP_CERT_IM); c_cert.data_format = CKMC_FORM_PEM; - c_cert1.raw_cert = (unsigned char *) CERT_CHAIN2; - c_cert1.cert_size = strlen(CERT_CHAIN2); - c_cert1.data_format = CKMC_FORM_PEM; - - untrustedcerts.cert = &c_cert1; - untrustedcerts.next = NULL; - ckmc_cert_list_s* cert_chain_list; - int nRet = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list); + int nRet = ckmc_get_cert_chain(&c_cert, NULL, &cert_chain_list); PRINT_RESULT(CKMC_ERROR_NONE, nRet, "ckmc_get_cert_chain", KeyMngrGetError(nRet)); if ( cert_chain_list == NULL ) { FPRINTF("[Line : %d][%s] ckmc_get_cert_chain failed, returned ckmc_cert_list_s is NULL\\n", __LINE__, API_NAMESPACE); } - ckmc_ocsp_status_e oscp_ststus; - nRet = ckmc_ocsp_check(cert_chain_list, &oscp_ststus); //Target API - PRINT_RESULT_CLEANUP(CKMC_ERROR_NONE, nRet, "ckmc_ocsp_check", KeyMngrGetError(nRet), ckmc_cert_list_all_free(cert_chain_list)); - + ckmc_ocsp_status_e ocsp_status; + nRet = ckmc_ocsp_check(cert_chain_list, &ocsp_status); //Target API ckmc_cert_list_all_free(cert_chain_list); + PRINT_RESULT(CKMC_ERROR_NONE, nRet, "ckmc_ocsp_check", KeyMngrGetError(nRet)); + PRINT_RESULT(CKMC_OCSP_STATUS_GOOD, ocsp_status, "ckmc_ocsp_check", KeyMngrGetOcspStatus(ocsp_status)); return 0; } diff --git a/src/utc/key-manager/utc-key-manager-crypto.c b/src/utc/key-manager/utc-key-manager-crypto.c index 5ae88daf1..eba1d1e60 100755 --- a/src/utc/key-manager/utc-key-manager-crypto.c +++ b/src/utc/key-manager/utc-key-manager-crypto.c @@ -129,123 +129,41 @@ static const char* CERT_CHAIN2 = "-----END CERTIFICATE-----\n"; /* - * Not Before: Jul 21 23:00:00 2020 GMT - * Not After : Oct 8 07:00:00 2024 GMT - * Subject: C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 01 + * Not Before: Jun 19 00:00:42 2020 GMT + * Not After : Jan 28 00:00:42 2028 GMT + * Subject: C = US, O = Google Trust Services LLC, CN = GTS Root R1 */ static const char* OCSP_CERT_IM = "-----BEGIN CERTIFICATE-----\n" - "MIIFWjCCBEKgAwIBAgIQDxSWXyAgaZlP1ceseIlB4jANBgkqhkiG9w0BAQsFADBa\n" - "MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl\n" - "clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIw\n" - "MDcyMTIzMDAwMFoXDTI0MTAwODA3MDAwMFowTzELMAkGA1UEBhMCVVMxHjAcBgNV\n" - "BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEgMB4GA1UEAxMXTWljcm9zb2Z0IFJT\n" - "QSBUTFMgQ0EgMDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqYnfP\n" - "mmOyBoTzkDb0mfMUUavqlQo7Rgb9EUEf/lsGWMk4bgj8T0RIzTqk970eouKVuL5R\n" - "IMW/snBjXXgMQ8ApzWRJCZbar879BV8rKpHoAW4uGJssnNABf2n17j9TiFy6BWy+\n" - "IhVnFILyLNK+W2M3zK9gheiWa2uACKhuvgCca5Vw/OQYErEdG7LBEzFnMzTmJcli\n" - "W1iCdXby/vI/OxbfqkKD4zJtm45DJvC9Dh+hpzqvLMiK5uo/+aXSJY+SqhoIEpz+\n" - "rErHw+uAlKuHFtEjSeeku8eR3+Z5ND9BSqc6JtLqb0bjOHPm5dSRrgt4nnil75bj\n" - "c9j3lWXpBb9PXP9Sp/nPCK+nTQmZwHGjUnqlO9ebAVQD47ZisFonnDAmjrZNVqEX\n" - "F3p7laEHrFMxttYuD81BdOzxAbL9Rb/8MeFGQjE2Qx65qgVfhH+RsYuuD9dUw/3w\n" - "ZAhq05yO6nk07AM9c+AbNtRoEcdZcLCHfMDcbkXKNs5DJncCqXAN6LhXVERCw/us\n" - "G2MmCMLSIx9/kwt8bwhUmitOXc6fpT7SmFvRAtvxg84wUkg4Y/Gx++0j0z6StSeN\n" - "0EJz150jaHG6WV4HUqaWTb98Tm90IgXAU4AW2GBOlzFPiU5IY9jt+eXC2Q6yC/Zp\n" - "TL1LAcnL3Qa/OgLrHN0wiw1KFGD51WRPQ0Sh7QIDAQABo4IBJTCCASEwHQYDVR0O\n" - "BBYEFLV2DDARzseSQk1Mx1wsyKkM6AtkMB8GA1UdIwQYMBaAFOWdWTCCR1jMrPoI\n" - "VDaGezq1BE3wMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\n" - "KwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYI\n" - "KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA6BgNVHR8EMzAxMC+g\n" - "LaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT21uaXJvb3QyMDI1LmNybDAq\n" - "BgNVHSAEIzAhMAgGBmeBDAECATAIBgZngQwBAgIwCwYJKwYBBAGCNyoBMA0GCSqG\n" - "SIb3DQEBCwUAA4IBAQCfK76SZ1vae4qt6P+dTQUO7bYNFUHR5hXcA2D59CJWnEj5\n" - "na7aKzyowKvQupW4yMH9fGNxtsh6iJswRqOOfZYC4/giBO/gNsBvwr8uDW7t1nYo\n" - "DYGHPpvnpxCM2mYfQFHq576/TmeYu1RZY29C4w8xYBlkAA8mDJfRhMCmehk7cN5F\n" - "JtyWRj2cZj/hOoI45TYDBChXpOlLZKIYiG1giY16vhCRi6zmPzEwv+tk156N6cGS\n" - "Vm44jTQ/rs1sa0JSYjzUaYngoFdZC4OfxnIkQvUIA4TOFmPzNPEFdjcZsgbeEz4T\n" - "cGHTBPK4R28F44qIMCtHRV55VMX53ev6P3hRddJb\n" - "-----END CERTIFICATE-----\n"; - -/* - * Not Before: Jun 10 01:15:41 2022 GMT - * Not After : Dec 10 01:15:41 2022 GMT - * Subject: CN = www.bing.com - * Issuer: C = US, O = Microsoft Corporation, CN = Microsoft RSA TLS CA 01 - */ -static const char* OCSP_CERT = - "-----BEGIN CERTIFICATE-----\n" - "MIINWDCCC0CgAwIBAgITEgAtFJyg3q6Puh27sQAAAC0UnDANBgkqhkiG9w0BAQsF\n" - "ADBPMQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9u\n" - "MSAwHgYDVQQDExdNaWNyb3NvZnQgUlNBIFRMUyBDQSAwMTAeFw0yMjA2MTAwMTE1\n" - "NDFaFw0yMjEyMTAwMTE1NDFaMBcxFTATBgNVBAMTDHd3dy5iaW5nLmNvbTCCASIw\n" - "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8sdZYQ+f3lROucTlyDAVTlH2C8\n" - "na0X+Q9IJhKA/J1HmC7WhYbreG54dJvDC5J8dlXs7VcJw4+2zHePozofwQ1MuVz7\n" - "hzCztVoCWAsMkXNQcGzvEFUpI08xTPgkgEQQQrLWd9AoJ8kbkKV2GOQ6fbujj/Bx\n" - "80PKC1wLYLn7QHPZiYN/ID/TdE6qaTxOfBCMG2g6b6xep5DTw7/8YwOKb3HK0Hij\n" - "/RD0iTaxNQrq4xanBqZvjIpbOM1QaTnGLETMmmsu/HBEYpk24R1X/LvFSbNc3zHy\n" - "f5kCfK/zA0kPkqlggmbOW9ZPzQs8CZ9SbJv5fxEpi3UzWUlc286mtGLrZNECAwEA\n" - "AaOCCWMwgglfMIIBfAYKKwYBBAHWeQIEAgSCAWwEggFoAWYAdgBGpVXrdfqRIDC1\n" - "oolp9PN9ESxBdL79SbiFq/L8cP5tRwAAAYFLN69wAAAEAwBHMEUCIGTND7bl7y2c\n" - "PUBTR4qse7n1J3y3QVHtwxxInN8017dvAiEAzAY98uWMgzsXToG22QuFfgZITqUP\n" - "mUDyDR6wjLLxTYYAdQBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAA\n" - "AYFLN7B6AAAEAwBGMEQCIGvArKHV/doC367M/K3k+QzrdJkdSzuDF0pXftPau9RP\n" - "AiAdGw4rMcThB+ateVyBx1ePL+f6x3fZVi4utU59u+zY2wB1AEHIyrHfIkZKEMah\n" - "OglCh15OMYsbA+vrS8do8JBilgb2AAABgUs3r/sAAAQDAEYwRAIgD2JGU3HOI1ub\n" - "MmsaOi5wV82K04NdYLrPhbuALtgnsnkCIF2G0Rq8qsABzAlnO6zXbNP4qPXztlF9\n" - "c1kcPGbUn07cMCcGCSsGAQQBgjcVCgQaMBgwCgYIKwYBBQUHAwEwCgYIKwYBBQUH\n" - "AwIwPgYJKwYBBAGCNxUHBDEwLwYnKwYBBAGCNxUIh9qGdYPu2QGCyYUbgbWeYYX0\n" - "62CBXYWGjkGHwphQAgFkAgEnMIGHBggrBgEFBQcBAQR7MHkwUwYIKwYBBQUHMAKG\n" - "R2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUy\n" - "MFJTQSUyMFRMUyUyMENBJTIwMDEuY3J0MCIGCCsGAQUFBzABhhZodHRwOi8vb2Nz\n" - "cC5tc29jc3AuY29tMB0GA1UdDgQWBBTPhtbKWKRl7m/t8mbyPQQwi99VOzAOBgNV\n" - "HQ8BAf8EBAMCBLAwggVtBgNVHREEggVkMIIFYIIMd3d3LmJpbmcuY29tghBkaWN0\n" - "LmJpbmcuY29tLmNughMqLnBsYXRmb3JtLmJpbmcuY29tggoqLmJpbmcuY29tgghi\n" - "aW5nLmNvbYIWaWVvbmxpbmUubWljcm9zb2Z0LmNvbYITKi53aW5kb3dzc2VhcmNo\n" - "LmNvbYIZY24uaWVvbmxpbmUubWljcm9zb2Z0LmNvbYIRKi5vcmlnaW4uYmluZy5j\n" - "b22CDSoubW0uYmluZy5uZXSCDiouYXBpLmJpbmcuY29tghhlY24uZGV2LnZpcnR1\n" - "YWxlYXJ0aC5uZXSCDSouY24uYmluZy5uZXSCDSouY24uYmluZy5jb22CEHNzbC1h\n" - "cGkuYmluZy5jb22CEHNzbC1hcGkuYmluZy5uZXSCDiouYXBpLmJpbmcubmV0gg4q\n" - "LmJpbmdhcGlzLmNvbYIPYmluZ3NhbmRib3guY29tghZmZWVkYmFjay5taWNyb3Nv\n" - "ZnQuY29tghtpbnNlcnRtZWRpYS5iaW5nLm9mZmljZS5uZXSCDnIuYmF0LmJpbmcu\n" - "Y29tghAqLnIuYmF0LmJpbmcuY29tghIqLmRpY3QuYmluZy5jb20uY26CDyouZGlj\n" - "dC5iaW5nLmNvbYIOKi5zc2wuYmluZy5jb22CECouYXBwZXguYmluZy5jb22CFiou\n" - "cGxhdGZvcm0uY24uYmluZy5jb22CDXdwLm0uYmluZy5jb22CDCoubS5iaW5nLmNv\n" - "bYIPZ2xvYmFsLmJpbmcuY29tghF3aW5kb3dzc2VhcmNoLmNvbYIOc2VhcmNoLm1z\n" - "bi5jb22CESouYmluZ3NhbmRib3guY29tghkqLmFwaS50aWxlcy5kaXR1LmxpdmUu\n" - "Y29tgg8qLmRpdHUubGl2ZS5jb22CGCoudDAudGlsZXMuZGl0dS5saXZlLmNvbYIY\n" - "Ki50MS50aWxlcy5kaXR1LmxpdmUuY29tghgqLnQyLnRpbGVzLmRpdHUubGl2ZS5j\n" - "b22CGCoudDMudGlsZXMuZGl0dS5saXZlLmNvbYIVKi50aWxlcy5kaXR1LmxpdmUu\n" - "Y29tggszZC5saXZlLmNvbYITYXBpLnNlYXJjaC5saXZlLmNvbYIUYmV0YS5zZWFy\n" - "Y2gubGl2ZS5jb22CFWNud2ViLnNlYXJjaC5saXZlLmNvbYIMZGV2LmxpdmUuY29t\n" - "gg1kaXR1LmxpdmUuY29tghFmYXJlY2FzdC5saXZlLmNvbYIOaW1hZ2UubGl2ZS5j\n" - "b22CD2ltYWdlcy5saXZlLmNvbYIRbG9jYWwubGl2ZS5jb20uYXWCFGxvY2Fsc2Vh\n" - "cmNoLmxpdmUuY29tghRsczRkLnNlYXJjaC5saXZlLmNvbYINbWFpbC5saXZlLmNv\n" - "bYIRbWFwaW5kaWEubGl2ZS5jb22CDmxvY2FsLmxpdmUuY29tgg1tYXBzLmxpdmUu\n" - "Y29tghBtYXBzLmxpdmUuY29tLmF1gg9taW5kaWEubGl2ZS5jb22CDW5ld3MubGl2\n" - "ZS5jb22CHG9yaWdpbi5jbndlYi5zZWFyY2gubGl2ZS5jb22CFnByZXZpZXcubG9j\n" - "YWwubGl2ZS5jb22CD3NlYXJjaC5saXZlLmNvbYISdGVzdC5tYXBzLmxpdmUuY29t\n" - "gg52aWRlby5saXZlLmNvbYIPdmlkZW9zLmxpdmUuY29tghV2aXJ0dWFsZWFydGgu\n" - "bGl2ZS5jb22CDHdhcC5saXZlLmNvbYISd2VibWFzdGVyLmxpdmUuY29tghN3ZWJt\n" - "YXN0ZXJzLmxpdmUuY29tghV3d3cubG9jYWwubGl2ZS5jb20uYXWCFHd3dy5tYXBz\n" - "LmxpdmUuY29tLmF1MIGwBgNVHR8EgagwgaUwgaKggZ+ggZyGTWh0dHA6Ly9tc2Ny\n" - "bC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFJTQSUy\n" - "MFRMUyUyMENBJTIwMDEuY3JshktodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtp\n" - "L21zY29ycC9jcmwvTWljcm9zb2Z0JTIwUlNBJTIwVExTJTIwQ0ElMjAwMS5jcmww\n" - "VwYDVR0gBFAwTjBCBgkrBgEEAYI3KgEwNTAzBggrBgEFBQcCARYnaHR0cDovL3d3\n" - "dy5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3BzMAgGBmeBDAECATAfBgNVHSME\n" - "GDAWgBS1dgwwEc7HkkJNTMdcLMipDOgLZDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI\n" - "KwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggIBAB26QQoY9CP1wxr34qQBIURTkqNv\n" - "FPnC9cIWilX/mHoF1Br1UoZMMmiCqueSeqfWRzCJvgmX3LI0mwwuHK6v1+aCLtNA\n" - "ZTmMBDta0bHECngcv3OYsCsLq721HMx41jghii4MU6AbAa/lfp4HTYwa+3/F5S9c\n" - "nV2iRDU5b5dAa4sVCagzAqYrZ6lqRA4ZqBtf0dbjdHAY39qeC7qFsZXm45IsDcwL\n" - "1TvCfDaUMwT0QxVNSfqRyX1YtygcfEqhQ6Ixe9uEO8I0PrULK/Nv1/ljV7B//YpJ\n" - "1Y/8LUKLVZf5/hUWniF1dk5ieCudGaMJrMKEb+phBpGi4/rIiLmtcu5vhXs0Surb\n" - "+5BaCdDv6DCPbs54MzAqDbPtvq4QhdxZJqF9GSgppdkeG71jduoWGf6//myU0FL8\n" - "mQo7e0AQRXpI73bgm22ltnv1hv5dVxCcow4dwsyO1y+wTm54slnUIbnz5Q/ersm+\n" - "A46ArbcRRvmp86hwZlflq7Ck4c53RXAncWUW7bkAMmdYFpDBRkMh/VsCt9pV6LcZ\n" - "CwibBdeCW4u530hJSeQ7IUkru7cqInzPgJaWA4Rd5Z8ZmKySR9LFi3E+wGL7d9bC\n" - "ck1o2m9gskB4yaxNivRn6XAo8dF2bsHxVmqwpzbdQ2BXECzJ9WwxrThRJXZo9BOR\n" - "WneHWxrOCzK3NWzJ\n" + "MIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX\n" + "MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE\n" + "CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx\n" + "OTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT\n" + "GUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx\n" + "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63\n" + "ladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS\n" + "iV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k\n" + "KSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ\n" + "DrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk\n" + "j5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5\n" + "cuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW\n" + "CruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499\n" + "iYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei\n" + "Eua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap\n" + "sZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b\n" + "9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP\n" + "BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf\n" + "BgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw\n" + "JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH\n" + "MAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al\n" + "oCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy\n" + "MAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF\n" + "AwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9\n" + "NR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9\n" + "WprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw\n" + "9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy\n" + "+qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi\n" + "d0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=\n" "-----END CERTIFICATE-----\n"; void utc_key_manager_crypto_startup(void) @@ -989,21 +907,12 @@ int utc_ckmc_ocsp_check_p(void) int temp; ckmc_cert_s c_cert; - c_cert.raw_cert = (unsigned char *) OCSP_CERT; - c_cert.cert_size = strlen(OCSP_CERT); + c_cert.raw_cert = (unsigned char *) OCSP_CERT_IM; + c_cert.cert_size = strlen(OCSP_CERT_IM); c_cert.data_format = CKMC_FORM_PEM; - ckmc_cert_s c_cert_im; - c_cert_im.raw_cert = (unsigned char *) OCSP_CERT_IM; - c_cert_im.cert_size = strlen(OCSP_CERT_IM); - c_cert_im.data_format = CKMC_FORM_PEM; - - ckmc_cert_list_s untrustedcerts; - untrustedcerts.cert = &c_cert_im; - untrustedcerts.next = NULL; - ckmc_cert_list_s *cert_chain_list; - temp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list); + temp = ckmc_get_cert_chain(&c_cert, NULL, &cert_chain_list); assert_eq(temp, CKMC_ERROR_NONE); assert_neq(cert_chain_list, NULL);