From 463fa78333200c369b05956040407f17665b76ad Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Mon, 6 Dec 2010 21:38:47 +0000 Subject: [PATCH] [gcr] Add gcr_certificate_is_issuer() and finish up testing. Add a function to test if a certificate is the issuer of another, and finish up testing, fix some bugs. --- gcr/gcr-certificate.c | 58 ++++++++++++++++++--- gcr/gcr-certificate.h | 3 ++ gcr/tests/Makefile.am | 2 +- ...{unit-test-certificate.c => test-certificate.c} | 28 +++++++++- gcr/tests/test-data/der-certificate-dsa.cer | Bin 0 -> 1639 bytes 5 files changed, 80 insertions(+), 11 deletions(-) rename gcr/tests/{unit-test-certificate.c => test-certificate.c} (82%) create mode 100755 gcr/tests/test-data/der-certificate-dsa.cer diff --git a/gcr/gcr-certificate.c b/gcr/gcr-certificate.c index bdff787..e922da5 100644 --- a/gcr/gcr-certificate.c +++ b/gcr/gcr-certificate.c @@ -61,6 +61,11 @@ typedef struct _GcrCertificateInfo { guint key_size; } GcrCertificateInfo; +/* Forward declarations */ + +static gconstpointer _gcr_certificate_get_subject_const (GcrCertificate *self, gsize *n_data); +static gconstpointer _gcr_certificate_get_issuer_const (GcrCertificate *self, gsize *n_data); + /* ----------------------------------------------------------------------------- * INTERNAL */ @@ -158,7 +163,7 @@ calculate_key_size (GcrCertificateInfo *info) const guchar *data, *params; gsize n_data, n_params; guint key_size = 0, n_bits; - guchar *key; + guchar *key = NULL; GQuark oid; data = egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "subjectPublicKeyInfo", NULL), &n_data); @@ -178,6 +183,7 @@ calculate_key_size (GcrCertificateInfo *info) key = egg_asn1x_get_bits_as_raw (egg_asn1x_node (asn, "subjectPublicKey", NULL), NULL, &n_bits); g_return_val_if_fail (key, 0); key_size = calculate_rsa_key_size (key, n_bits / 8); + g_free (key); /* The DSA key size is discovered by the prime in params */ } else if (oid == OID_DSA_KEY) { @@ -189,7 +195,6 @@ calculate_key_size (GcrCertificateInfo *info) } egg_asn1x_destroy (asn); - g_free (key); return key_size; } @@ -324,22 +329,48 @@ gcr_certificate_get_issuer_part (GcrCertificate *self, const char *part) return egg_dn_read_part (egg_asn1x_node (info->asn1, "tbsCertificate", "issuer", "rdnSequence", NULL), part); } +static gconstpointer +_gcr_certificate_get_issuer_const (GcrCertificate *self, gsize *n_data) +{ + GcrCertificateInfo *info; + + info = certificate_info_load (self); + g_return_val_if_fail (info, NULL); + + return egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "issuer", NULL), n_data); +} + gpointer gcr_certificate_get_issuer_raw (GcrCertificate *self, gsize *n_data) { - GcrCertificateInfo *info; gconstpointer data; g_return_val_if_fail (GCR_IS_CERTIFICATE (self), NULL); g_return_val_if_fail (n_data, NULL); - info = certificate_info_load (self); - g_return_val_if_fail (info, NULL); - - data = egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "issuer", NULL), n_data); + data = _gcr_certificate_get_issuer_const (self, n_data); return g_memdup (data, data ? *n_data : 0); } +gboolean +gcr_certificate_is_issuer (GcrCertificate *self, GcrCertificate *issuer) +{ + gconstpointer subject_dn, issuer_dn; + gsize n_subject_dn, n_issuer_dn; + + g_return_val_if_fail (GCR_IS_CERTIFICATE (self), FALSE); + g_return_val_if_fail (GCR_IS_CERTIFICATE (issuer), FALSE); + + subject_dn = _gcr_certificate_get_subject_const (issuer, &n_subject_dn); + g_return_val_if_fail (subject_dn, FALSE); + + issuer_dn = _gcr_certificate_get_issuer_const (self, &n_issuer_dn); + g_return_val_if_fail (issuer_dn, FALSE); + + return (n_issuer_dn == n_subject_dn && + memcmp (issuer_dn, subject_dn, n_issuer_dn) == 0); +} + /** * gcr_certificate_get_issuer_dn: * @self: a #GcrCertificate @@ -436,6 +467,17 @@ gcr_certificate_get_subject_dn (GcrCertificate *self) return egg_dn_read (egg_asn1x_node (info->asn1, "tbsCertificate", "issuer", "rdnSequence", NULL)); } +static gconstpointer +_gcr_certificate_get_subject_const (GcrCertificate *self, gsize *n_data) +{ + GcrCertificateInfo *info; + + info = certificate_info_load (self); + g_return_val_if_fail (info, NULL); + + return egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "subject", NULL), n_data); +} + gpointer gcr_certificate_get_subject_raw (GcrCertificate *self, gsize *n_data) { @@ -448,7 +490,7 @@ gcr_certificate_get_subject_raw (GcrCertificate *self, gsize *n_data) info = certificate_info_load (self); g_return_val_if_fail (info, NULL); - data = egg_asn1x_get_raw_element (egg_asn1x_node (info->asn1, "tbsCertificate", "subject", NULL), n_data); + data = _gcr_certificate_get_subject_const (self, n_data); return g_memdup (data, data ? *n_data : 0); } diff --git a/gcr/gcr-certificate.h b/gcr/gcr-certificate.h index b6d529e..cf3ac86 100644 --- a/gcr/gcr-certificate.h +++ b/gcr/gcr-certificate.h @@ -65,6 +65,9 @@ gchar* gcr_certificate_get_issuer_part (GcrCertificate *self gpointer gcr_certificate_get_issuer_raw (GcrCertificate *self, gsize *n_data); +gboolean gcr_certificate_is_issuer (GcrCertificate *self, + GcrCertificate *issuer); + gchar* gcr_certificate_get_subject_cn (GcrCertificate *self); gchar* gcr_certificate_get_subject_dn (GcrCertificate *self); diff --git a/gcr/tests/Makefile.am b/gcr/tests/Makefile.am index e55c99d..daee53f 100644 --- a/gcr/tests/Makefile.am +++ b/gcr/tests/Makefile.am @@ -1,7 +1,7 @@ # Test files should be listed in order they need to run TESTING_FILES = \ - unit-test-certificate.c \ + test-certificate.c \ test-simple-certificate.c \ test-trust.c \ unit-test-parser.c diff --git a/gcr/tests/unit-test-certificate.c b/gcr/tests/test-certificate.c similarity index 82% rename from gcr/tests/unit-test-certificate.c rename to gcr/tests/test-certificate.c index 6461e35..96ae550 100644 --- a/gcr/tests/unit-test-certificate.c +++ b/gcr/tests/test-certificate.c @@ -10,6 +10,7 @@ #include static GcrCertificate *certificate = NULL; +static GcrCertificate *certificate2 = NULL; TESTING_SETUP(certificate) { @@ -20,13 +21,19 @@ TESTING_SETUP(certificate) certificate = gcr_simple_certificate_new (contents, n_contents); g_assert (certificate); g_free (contents); + + contents = testing_data_read ("der-certificate-dsa.cer", &n_contents); + certificate2 = gcr_simple_certificate_new (contents, n_contents); + g_assert (certificate2); + g_free (contents); } TESTING_TEARDOWN(certificate) { - if (certificate) - g_object_unref (certificate); + g_object_unref (certificate); certificate = NULL; + g_object_unref (certificate2); + certificate2 = NULL; } TESTING_TEST(issuer_cn) @@ -155,3 +162,20 @@ TESTING_TEST(fingerprint_hex) g_free (print); } +TESTING_TEST (certificate_key_size) +{ + guint key_size = gcr_certificate_get_key_size (certificate); + g_assert_cmpuint (key_size, ==, 1024); + + key_size = gcr_certificate_get_key_size (certificate2); + g_assert_cmpuint (key_size, ==, 1024); +} + +TESTING_TEST (certificate_is_issuer) +{ + gboolean ret = gcr_certificate_is_issuer (certificate, certificate); + g_assert (ret == TRUE); + + ret = gcr_certificate_is_issuer (certificate, certificate2); + g_assert (ret == FALSE); +} diff --git a/gcr/tests/test-data/der-certificate-dsa.cer b/gcr/tests/test-data/der-certificate-dsa.cer new file mode 100755 index 0000000000000000000000000000000000000000..024f3c1bcd53332ea09a162de8e3381e6c89a9a0 GIT binary patch literal 1639 zcmXqLVoNq?V)b6Y%*4pV#AP8F*u?+@OcM-v**LY@JlekVGBUEVG8kAJiW&&BadA#k z>zw>aCxuZ`j5Q}eIWfmj$Up!^n5n$jkk5dJjX9KsS(r6EIKbP}Ku(<3z}(Qtz|hdd z*uc;t3dprIGz2msTmw5y!+rdn9epqj4-YmJG~kCA&QX$DT%wy&oM_O*xDAN4+1P!q99|D0RTggDO5+Pr6%uXf9u@>Ivm^5&2Her!B=ZkD3+ z=9@3(CAKm!UA@MBwRfgEZ>7`UXMB$sIA_g@nilWq|D4(2_?y;$ru9ss42vd3$NUWU z{+Iei{+g9A%X*fm)$L4;4Yqsz+NaHzC@H*D|>b=vYzmI;>1JK*y9s< z-!IkAGcY-yc_jPg;uPss4%>XCc-I|WpA_)LrE+*IX%60{dxMV*2TJM-0d0JO6 zE$}p})=jCnTaUEjk^|-Toy+rR*=roMyukPH0+SgV)u%3uyimi}_jJDeR+om!%#AG! zKxY`f%KXzfGdA39_4h3{`=4KqteIrs>nFEqWl_%}wo5=9KS;asuhTL*5PV%e zO`qME>BHsaFSqh{G zYX7ji`8_IbXBtZPY&WgsU&q&CAPkglUZD1pOjdfYM-B!m6}}QoRe5wY?~b9;{uc@%1kN+DGJEX z%qwZr$|xxTITY+Rz4Br`u(A5iKx19=it=-E^uf;8OD@VWX#CB_q0I)&mh6m-ERF9B z8ebbUE`$jgFts&K!RBj6Pe-bG))C|`sCTh=5H1Pyo?~fAMt)IdNu_}+k`pZndKWby z;$glo0T(T@!iOy0CUa4C7JUOK-+ z7AXS>11`8EBNCelt>k2GVq|34vR*0Zrb5H*A`*QU-8rGX^lARR76nN%E{M)x@ zl_qem*O_%gep8%fcp+=DbE{!es$+rd%_4ce^SdYRx7yLel>CKHRq>MTj6CPAvTq`P zZCmkl1wj*lAo4AXKy zPWYk0Q|s|9?q7s+ZY+mQhuI+?%gT1SsJB14^IqQR{yI;wMzC_J2qc(006J>Rj~j7 literal 0 HcmV?d00001 -- 2.7.4