From 858b68c7b2d71558c6d04960df4f4766ae41d3ce Mon Sep 17 00:00:00 2001 From: Andrii Shtompel Date: Mon, 28 Dec 2015 13:17:50 +0200 Subject: [PATCH] Fix CKM's unit test issue Details: 1. Fix SetNumberOfRevoked() API to use value instead of pointer 2. Fix SetCRLSerialNumber() API to use value instead of pointer 3. Fix SetNextSerialNumber() API to use value instead of pointer 4. Fix all places where those functions were called Change-Id: I35000d84391399c1fd915678bc3bbed31761bcc5 Signed-off-by: Andrii Shtompel Reviewed-on: https://gerrit.iotivity.org/gerrit/4731 Tested-by: jenkins-iotivity Reviewed-by: Chul Lee Reviewed-by: sangsu choi Reviewed-by: Ivan Pazderskyy Reviewed-by: Dmitriy Zhuravlev --- .../provisioning/ck_manager/include/ckm_info.h | 18 ++++++------- .../provisioning/ck_manager/src/cert_generator.c | 2 +- .../provisioning/ck_manager/src/ck_manager.c | 6 ++--- .../provisioning/ck_manager/src/ckm_info.c | 30 ++++++++++------------ .../provisioning/ck_manager/src/crl_generator.c | 10 ++++---- 5 files changed, 32 insertions(+), 34 deletions(-) diff --git a/resource/csdk/security/provisioning/ck_manager/include/ckm_info.h b/resource/csdk/security/provisioning/ck_manager/include/ckm_info.h index c3ce9d3..c5b1f80 100644 --- a/resource/csdk/security/provisioning/ck_manager/include/ckm_info.h +++ b/resource/csdk/security/provisioning/ck_manager/include/ckm_info.h @@ -96,9 +96,9 @@ PKIError CloseCKMInfo(void); /** * Sets CKM Info. * - * @param[in] nextSN pointer to the next serial number to set + * @param[in] nextSN next serial number to set * or 0 to skip this parameter - * @param[in] CRLSerialNumber pointer to the next CRL serial number to set + * @param[in] CRLSerialNumber next CRL serial number to set * or 0 to skip this parameter * @param[in] CAPrivateKey pointer to the CA's private key to set * or 0 to skip this parameter @@ -108,7 +108,7 @@ PKIError CloseCKMInfo(void); * or 0 to skip this parameter * @return PKI_SUCCESS if success, error code otherwise */ -PKIError SetCKMInfo (const long *nextSN, const long *CRLSerialNumber, +PKIError SetCKMInfo (long nextSN, long CRLSerialNumber, const ByteArray *CAPrivateKey, const ByteArray *CAPublicKey, const ByteArray *CAName); @@ -206,10 +206,10 @@ PKIError SaveCRT(void); /** * Sets next serial number for certificate issuer. * - * @param[in] nextSN pointer to the next serial number to set + * @param[in] nextSN next serial number to set * @return PKI_SUCCESS if success, error code otherwise */ -PKIError SetNextSerialNumber (const long *nextSN); +PKIError SetNextSerialNumber (const long nextSN); /** * Gets next serial number for certificate issuer. @@ -273,10 +273,10 @@ PKIError SaveCRL(void); /** * Sets next CRL serial number for certificate issuer. * - * @param[in] CRLSerialNumber pointer to the next CRL serial number to set + * @param[in] CRLSerialNumber next CRL serial number to set * @return PKI_SUCCESS if success, error code otherwise */ -PKIError SetCRLSerialNumber (const long *CRLSerialNumber); +PKIError SetCRLSerialNumber (const long CRLSerialNumber); /** * Gets next CRL serial number for certificate issuer. @@ -307,10 +307,10 @@ PKIError GetCertificateRevocationList (ByteArray *certificateRevocationList); /** * Sets number of revoked certificates. * - * @param[in] numberOfRevoked pointer to number of revoked certificates to set + * @param[in] numberOfRevoked number of revoked certificates to set * @return PKI_SUCCESS if success, error code otherwise */ -PKIError SetNumberOfRevoked (const long *numberOfRevoked); +PKIError SetNumberOfRevoked (const long numberOfRevoked); /** * Gets number of revoked certificates. diff --git a/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c b/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c index ec9bf74..e66385e 100644 --- a/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c +++ b/resource/csdk/security/provisioning/ck_manager/src/cert_generator.c @@ -111,7 +111,7 @@ PKIError GenerateCertificate (const UTF8String_t *subjectName, const UTF8String_ CHECK_CALL(GetNextSerialNumber, &serialNumber); certificate->tbsCertificate.serialNumber = serialNumber; serialNumber++; - CHECK_CALL(SetNextSerialNumber, &serialNumber); + CHECK_CALL(SetNextSerialNumber, serialNumber); CHECK_CALL(SaveCKMInfo); //set signature algorithm in TBS diff --git a/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c b/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c index df79fd5..30f07a0 100644 --- a/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c +++ b/resource/csdk/security/provisioning/ck_manager/src/ck_manager.c @@ -339,7 +339,7 @@ PKIError SetSerialNumber (const long serNum) CHECK_LESS_EQUAL(0, serNum, ISSUER_WRONG_SERIAL_NUMBER); CHECK_CALL(InitCKMInfo); - CHECK_CALL(SetNextSerialNumber, &serNum); + CHECK_CALL(SetNextSerialNumber, serNum); CHECK_CALL(SaveCKMInfo); FUNCTION_CLEAR(); @@ -643,9 +643,9 @@ PKIError CKMRevocateCertificate (const uint8_t *uint8ThisUpdateTime, const long CHECK_CALL(InitCKMInfo); CHECK_CALL(GetCRLSerialNumber, &serialNumber); serialNumber++; - CHECK_CALL(SetCRLSerialNumber, &serialNumber); + CHECK_CALL(SetCRLSerialNumber, serialNumber); numberOfRevoked++; - CHECK_CALL(SetNumberOfRevoked, &numberOfRevoked); + CHECK_CALL(SetNumberOfRevoked, numberOfRevoked); CHECK_CALL(SetCertificateRevocationList, encodedCRL); CHECK_CALL(SaveCKMInfo); diff --git a/resource/csdk/security/provisioning/ck_manager/src/ckm_info.c b/resource/csdk/security/provisioning/ck_manager/src/ckm_info.c index cd4bf15..3820aeb 100644 --- a/resource/csdk/security/provisioning/ck_manager/src/ckm_info.c +++ b/resource/csdk/security/provisioning/ck_manager/src/ckm_info.c @@ -146,7 +146,7 @@ PKIError CloseCKMInfo(void) FUNCTION_CLEAR(); } -PKIError SetCKMInfo (const long *nextSN, const long *CRLSerialNumber, +PKIError SetCKMInfo (const long nextSN, const long CRLSerialNumber, const ByteArray *CAPrivateKey, const ByteArray *CAPublicKey, const ByteArray *CAName) { @@ -351,12 +351,11 @@ PKIError SaveCRT(void) } /*Serial Number*/ -PKIError SetNextSerialNumber (const long *nextSN) +PKIError SetNextSerialNumber (const long nextSN) { FUNCTION_INIT(); - CHECK_NULL(nextSN, ISSUER_CA_STORAGE_NULL_PASSED); - CHECK_LESS_EQUAL(0, *nextSN, ISSUER_CA_STORAGE_WRONG_SERIAL_NUMBER); - g_ckmInfo.nextSerialNumber = *nextSN; + CHECK_LESS_EQUAL(0, nextSN, ISSUER_CA_STORAGE_WRONG_SERIAL_NUMBER); + g_ckmInfo.nextSerialNumber = nextSN; FUNCTION_CLEAR(); } @@ -457,12 +456,11 @@ PKIError SaveCRL(void) } /*CRL Serial Number*/ -PKIError SetCRLSerialNumber (const long *CRLSerialNumber) +PKIError SetCRLSerialNumber (const long CRLSerialNumber) { FUNCTION_INIT(); - CHECK_NULL(CRLSerialNumber, ISSUER_CA_STORAGE_NULL_PASSED); - CHECK_LESS_EQUAL(0, *CRLSerialNumber, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER); - g_ckmInfo.CRLSerialNumber = *CRLSerialNumber; + CHECK_LESS_EQUAL(0, CRLSerialNumber, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER); + g_ckmInfo.CRLSerialNumber = CRLSerialNumber; FUNCTION_CLEAR(); } @@ -498,10 +496,11 @@ PKIError SetCertificateRevocationList (const ByteArray *certificateRevocationLis PKIError GetCertificateRevocationList (ByteArray *certificateRevocationList) { - FUNCTION_INIT(); + FUNCTION_INIT( + OicSecCrl_t *tmpCRL = NULL; + ); CHECK_COND(g_crlInfo.CrlData.data, ISSUER_CA_STORAGE_CRL_UNDEFINED); CHECK_NULL_BYTE_ARRAY_PTR(certificateRevocationList, ISSUER_CA_STORAGE_NULL_PASSED); - OicSecCrl_t *tmpCRL; tmpCRL = (OicSecCrl_t *)GetCRLResource(); g_crlInfo.CrlId = tmpCRL->CrlId; g_crlInfo.CrlData = tmpCRL->CrlData; @@ -513,16 +512,15 @@ PKIError GetCertificateRevocationList (ByteArray *certificateRevocationList) certificateRevocationList->len = g_crlInfo.CrlData.len; FUNCTION_CLEAR( - OICFree(tmpCRL); + OICFree(tmpCRL); ); } -PKIError SetNumberOfRevoked (const long *numberOfRevoked) +PKIError SetNumberOfRevoked (const long numberOfRevoked) { FUNCTION_INIT(); - CHECK_NULL(numberOfRevoked, ISSUER_CA_STORAGE_NULL_PASSED); - CHECK_LESS_EQUAL(0, *numberOfRevoked, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER); - g_ckmInfo.numberOfRevoked = *numberOfRevoked; + CHECK_LESS_EQUAL(0, numberOfRevoked, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER); + g_ckmInfo.numberOfRevoked = numberOfRevoked; FUNCTION_CLEAR(); } diff --git a/resource/csdk/security/provisioning/ck_manager/src/crl_generator.c b/resource/csdk/security/provisioning/ck_manager/src/crl_generator.c index 1c48dea..710f8db 100644 --- a/resource/csdk/security/provisioning/ck_manager/src/crl_generator.c +++ b/resource/csdk/security/provisioning/ck_manager/src/crl_generator.c @@ -31,7 +31,7 @@ static const uint8_t g_ECDSA_WITH_SHA256_OID[] = {0x2A, 0x86, 0x48, 0xCE, 0x3D, static const uint8_t g_COMMON_NAME_OID[] = {0x55, 0x04, 0x03}; PKIError GenerateCRL (const UTF8String_t *issuerName, - const UTCTime_t *thisUpdateTime, const uint32_t nuberOfRevoked, + const UTCTime_t *thisUpdateTime, const uint32_t numberOfRevoked, const CertificateRevocationInfo_t *certificateRevocationInfo, const BIT_STRING_t *issuerPrivateKey, ByteArray *encodedCRL) { @@ -43,7 +43,7 @@ PKIError GenerateCRL (const UTF8String_t *issuerName, CertificateRevocationInfo_t *cri = NULL; uint32_t crlMaxSize = (CRL_MIN_SIZE + - nuberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4)); + numberOfRevoked * (sizeof(CertificateRevocationInfo_t) + 4)); uint32_t i; long serialNumber = 0; @@ -95,7 +95,7 @@ PKIError GenerateCRL (const UTF8String_t *issuerName, certificateRevocationList->tbsCertList.thisUpdate = *thisUpdateTime; //add revoked info - for ( i = 0; i < nuberOfRevoked; i++) + for ( i = 0; i < numberOfRevoked; i++) { cri = OICCalloc(1, sizeof(CertificateRevocationInfo_t)); CHECK_NULL(cri, ISSUER_CRL_ENCODER_MEMORY_ALLOC_FAILED); @@ -116,8 +116,8 @@ PKIError GenerateCRL (const UTF8String_t *issuerName, CHECK_CALL(InitCKMInfo); CHECK_CALL(GetCRLSerialNumber, &serialNumber); serialNumber++; - CHECK_CALL(SetCRLSerialNumber, &serialNumber); - CHECK_CALL(SetNumberOfRevoked, (const long *)&nuberOfRevoked); + CHECK_CALL(SetCRLSerialNumber, serialNumber); + CHECK_CALL(SetNumberOfRevoked, numberOfRevoked); CHECK_CALL(SaveCKMInfo); FUNCTION_CLEAR( -- 2.7.4