From 7f71c0fba28c9708d5ecbb175e0e092ca604cbef Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Thu, 15 Dec 2016 17:55:05 +0900 Subject: [PATCH] [ckm] Refactor TestData to replace cert easily Change-Id: Ibe6fcd7f96e4ab933f3e5f7fcb8c96c2626e7ff8 Signed-off-by: Kyungwook Tak --- src/ckm/privileged/main.cpp | 6 +- src/ckm/test-certs.cpp | 100 ++++++++++++++++++----- src/ckm/test-certs.h | 26 +++--- src/ckm/unprivileged/async-api.cpp | 38 ++++----- src/ckm/unprivileged/capi-certificate-chains.cpp | 42 +++++----- src/ckm/unprivileged/capi-testcases.cpp | 14 ++-- src/ckm/unprivileged/main.cpp | 26 +++--- 7 files changed, 158 insertions(+), 94 deletions(-) diff --git a/src/ckm/privileged/main.cpp b/src/ckm/privileged/main.cpp index fb72653..df5d5dd 100644 --- a/src/ckm/privileged/main.cpp +++ b/src/ckm/privileged/main.cpp @@ -67,8 +67,8 @@ RUNNER_TEST(T1510_init_unlock_key) RUNNER_TEST(T1511_insert_data) { - auto certee = TestData::getTestCertificate(TestData::MBANK); - auto certim = TestData::getTestCertificate(TestData::SYMANTEC); + auto certee = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF); + auto certim = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM); CKM::Alias certeeAlias("CertEE"); CKM::Alias certimAlias("CertIM"); { @@ -126,7 +126,7 @@ RUNNER_CHILD_TEST(T1702_insert_data) ScopedAccessProvider ap(TEST_LABEL); ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP); - auto certee = TestData::getTestCertificate(TestData::MBANK); + auto certee = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF); auto manager = CKM::Manager::create(); size_t current_aliases_num = count_aliases(ALIAS_CERT); diff --git a/src/ckm/test-certs.cpp b/src/ckm/test-certs.cpp index a61de76..e1c1815 100644 --- a/src/ckm/test-certs.cpp +++ b/src/ckm/test-certs.cpp @@ -26,8 +26,30 @@ using namespace std; +namespace TestData { namespace { -typedef map> CertMap; + +enum RawCertificateID { + // test certificates + TEST_ROOT_CA = 0, // TEST_ROOT_CA, expires 2035 + TEST_IM_CA, // TEST_IM_CA, signed by TEST_ROOT_CA, expires 2035 + TEST_LEAF, // TEST_LEAF, signed by TEST_IM_CA, expires 2035 + + // third party + EQUIFAX, // EQUIFAX (root CA), expires 22 Aug 2018 + GEOTRUST, // GEOTRUST, signed by EQUIFAX, expires 21 Aug 2018 + GIAG2, // GIAG2, signed by GEOTRUST, expires 31 Dec 2016 + GOOGLE_COM, // GOOGLE_COM, signed by GIAG2, expires 13 Jan 2016 + + // ocsp available chain on third party + SYMANTEC, // SYMANTEC, signed by VERISIGN, expires 30 Oct 2023 + MBANK, // MBANK, signed by SYMANTEC, expires 04 Feb 2016 + + // footer - last element in the set + NO_CERT +}; + +typedef map> CertMap; CKM::CertificateShPtr createCert(const string& cert) { CKM::RawBuffer buffer_cert(cert.begin(), cert.end()); @@ -35,6 +57,26 @@ CKM::CertificateShPtr createCert(const string& cert) { return cptr; } +RawCertificateID toRawCertificateID(certificateID id) +{ + switch (id) { + case certificateID::TEST_ROOT_CA: return RawCertificateID::TEST_ROOT_CA; + case certificateID::TEST_IM_CA: return RawCertificateID::TEST_IM_CA; + case certificateID::TEST_LEAF: return RawCertificateID::TEST_LEAF; + + case certificateID::THIRD_PARTY_ROOT_CA: return RawCertificateID::EQUIFAX; + case certificateID::THIRD_PARTY_IM_CA1: return RawCertificateID::GEOTRUST; + case certificateID::THIRD_PARTY_IM_CA2: return RawCertificateID::GIAG2; + case certificateID::THIRD_PARTY_LEAF: return RawCertificateID::GOOGLE_COM; + + case certificateID::OCSP_AVAILABLE_IM: return RawCertificateID::SYMANTEC; + case certificateID::OCSP_AVAILABLE_LEAF: return RawCertificateID::MBANK; + + case certificateID::NO_CERT: return RawCertificateID::NO_CERT; + default: throw std::invalid_argument("Invalid raw certificat ID!"); + } +} + CertMap initializeTestCerts() { CertMap cm; @@ -64,7 +106,8 @@ CertMap initializeTestCerts() "qMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK\n" "kOg11TpPdNDkhb1J4ZCh2gupDg==\n" "-----END CERTIFICATE-----\n"); - cm[TestData::TEST_ROOT_CA] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::TEST_ROOT_CA] = + std::make_pair(raw_base64, createCert(raw_base64)); } // TEST_IM_CA, signed by TEST_ROOT_CA, expires 2035 @@ -92,7 +135,8 @@ CertMap initializeTestCerts() "SLoHQ9s1i7Zyb7HU6UAaqMOz15LBkyAqtNyJcO2p7Q/p5YK0xfD4xisI5qXucqVm\n" "F2obL5qJSTN/RQ==\n" "-----END CERTIFICATE-----\n"); - cm[TestData::TEST_IM_CA] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::TEST_IM_CA] = + std::make_pair(raw_base64, createCert(raw_base64)); } // TEST_LEAF, signed by TEST_IM_CA, expires 2035 @@ -118,7 +162,8 @@ CertMap initializeTestCerts() "Zj/T1JkYXKkEwZU6nAR2jdZp3EP9xj3o15V/tyFcXHx6l8NTxn4cJb+Xe4VquQJz\n" "6ON7PVe0ABN/AlwVQiFE\n" "-----END CERTIFICATE-----\n"); - cm[TestData::TEST_LEAF] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::TEST_LEAF] = + std::make_pair(raw_base64, createCert(raw_base64)); } // GIAG2, signed by GEOTRUST, expires 31 Dec 2016 @@ -148,7 +193,8 @@ CertMap initializeTestCerts() "WOH7sf6coaPo/ck/9Ndx3L2MpBngISMjVROPpBYCCX65r+7bU2S9cS+5Oc4wt7S8\n" "VOBHBw==\n" "-----END CERTIFICATE-----\n"); - cm[TestData::GIAG2] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::GIAG2] = + std::make_pair(raw_base64, createCert(raw_base64)); } // MBANK, signed by SYMANTEC, expires 04 Feb 2016 @@ -190,7 +236,8 @@ CertMap initializeTestCerts() "aFmUlsB1C6YFMqVPRfHuxyPUb2zjw+ll7UStQxuSSTpwBmW1g/dIhtle9+o8i3z2\n" "WJAT38TP3mPw8SUWLbgGyih6bsB6eBxFEM5awP60XXjZfVAmoVLlj9oWYNQrZLwk\n" "-----END CERTIFICATE-----\n"); - cm[TestData::MBANK] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::MBANK] = + std::make_pair(raw_base64, createCert(raw_base64)); } // SYMANTEC, signed by VERISIGN, expires 30 Oct 2023 @@ -226,7 +273,8 @@ CertMap initializeTestCerts() "LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j\n" "2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q==\n" "-----END CERTIFICATE-----\n"); - cm[TestData::SYMANTEC] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::SYMANTEC] = + std::make_pair(raw_base64, createCert(raw_base64)); } // GEOTRUST, signed by EQUIFAX, expires 21 Aug 2018 @@ -253,7 +301,8 @@ CertMap initializeTestCerts() "NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W\n" "b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S\n" "-----END CERTIFICATE-----\n"); - cm[TestData::GEOTRUST] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::GEOTRUST] = + std::make_pair(raw_base64, createCert(raw_base64)); } // EQUIFAX, (root CA), expires 22 Aug 2018 @@ -278,7 +327,8 @@ CertMap initializeTestCerts() "7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh\n" "1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4\n" "-----END CERTIFICATE-----\n"); - cm[TestData::EQUIFAX] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::EQUIFAX] = + std::make_pair(raw_base64, createCert(raw_base64)); } // GOOGLE_COM, *.google.com - signed by GIAG2, expires 13 Jan 2016 @@ -323,28 +373,40 @@ CertMap initializeTestCerts() "SpLyfbO8eRQkgXPZxau0BMof5tyetyzBe2QQ/OcvAkDUVhwZi2wIBf9rbhWnl2LE\n" "urbTa3K72M5I58jgb740XezcOQ==\n" "-----END CERTIFICATE-----\n"); - cm[TestData::GOOGLE_COM] = std::make_pair(raw_base64, createCert(raw_base64)); + cm[RawCertificateID::GOOGLE_COM] = + std::make_pair(raw_base64, createCert(raw_base64)); } return cm; } CertMap TEST_CERTS = initializeTestCerts(); -} +} // namespace TestData::anonymous -std::string TestData::getTestCertificateBase64(TestData::certificateID id) + +std::string getTestCertificateBase64(certificateID id) { - RUNNER_ASSERT_MSG(TEST_CERTS.find(id) != TEST_CERTS.end(), "Unknown certificate index!"); - RUNNER_ASSERT_MSG(TEST_CERTS[id].first.size()>0, "Certificate is empty (should never ever happen)!"); + auto cert = TEST_CERTS.find(toRawCertificateID(id)); + + RUNNER_ASSERT_MSG(cert != TEST_CERTS.end(), "Unknown certificate index!"); - return TEST_CERTS[id].first; + auto &certPair = cert->second; + RUNNER_ASSERT_MSG(certPair.first.size() > 0, "Certificate is empty!"); + + return certPair.first; } -CKM::CertificateShPtr TestData::getTestCertificate(certificateID id) +CKM::CertificateShPtr getTestCertificate(certificateID id) { - RUNNER_ASSERT_MSG(TEST_CERTS.find(id) != TEST_CERTS.end(), "Unknown certificate index!"); - RUNNER_ASSERT_MSG(TEST_CERTS[id].second, "Certificate is empty (should never ever happen)!"); + auto cert = TEST_CERTS.find(toRawCertificateID(id)); + + RUNNER_ASSERT_MSG(cert != TEST_CERTS.end(), "Unknown certificate index!"); - return TEST_CERTS[id].second; + auto &certPair = cert->second; + RUNNER_ASSERT_MSG(certPair.second != nullptr, "Certificate is empty!"); + + return certPair.second; } + +} // namespace TestData diff --git a/src/ckm/test-certs.h b/src/ckm/test-certs.h index 6f55c34..d84fc77 100644 --- a/src/ckm/test-certs.h +++ b/src/ckm/test-certs.h @@ -28,20 +28,22 @@ namespace TestData { enum certificateID { - // test certificates - TEST_ROOT_CA = 0, // TEST_ROOT_CA, expires 2035 - TEST_IM_CA, // TEST_IM_CA, signed by TEST_ROOT_CA, expires 2035 - TEST_LEAF, // TEST_LEAF, signed by TEST_IM_CA, expires 2035 + // test certificates which made by us + TEST_ROOT_CA = 0, + TEST_IM_CA, + TEST_LEAF, // third party - GIAG2, // GIAG2, signed by GEOTRUST, expires 31 Dec 2016 - MBANK, // MBANK, signed by SYMANTEC, expires 04 Feb 2016 - SYMANTEC, // SYMANTEC, signed by VERISIGN, expires 30 Oct 2023 - GEOTRUST, // GEOTRUST, GeoTrust Global CA - signed by EQUIFAX, expires 21 Aug 2018 - EQUIFAX, // EQUIFAX (root CA), expires 22 Aug 2018 - GOOGLE_COM, // GOOGLE_COM, *.google.com - signed by GIAG2, expires 13 Jan 2016 - - // footer - last element in the set + THIRD_PARTY_ROOT_CA, + THIRD_PARTY_IM_CA1, + THIRD_PARTY_IM_CA2, + THIRD_PARTY_LEAF, + + // ocsp available certificate chain, thirt party + OCSP_AVAILABLE_IM, + OCSP_AVAILABLE_LEAF, + + // footer NO_CERT }; diff --git a/src/ckm/unprivileged/async-api.cpp b/src/ckm/unprivileged/async-api.cpp index 75d6815..38b73a5 100644 --- a/src/ckm/unprivileged/async-api.cpp +++ b/src/ckm/unprivileged/async-api.cpp @@ -468,17 +468,17 @@ RUNNER_TEST(TA0110_save_cert_invalid_param, UserEnv) RUNNER_TEST(TA0120_save_cert_already_exists, UserEnv) { - test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy()); + test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); test_negative(&ManagerAsync::saveCertificate, CKM_API_ERROR_DB_ALIAS_EXISTS, "alias", - getTestCertificate(MBANK), + getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); } RUNNER_TEST(TA0150_save_cert_positive, UserEnv) { - test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy()); + test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); } @@ -532,7 +532,7 @@ RUNNER_TEST(TA0350_remove_key_positive, UserEnv) RUNNER_TEST(TA0450_remove_cert_positive, UserEnv) { - test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy()); + test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); test_positive(&ManagerAsync::removeAlias, "alias"); } @@ -605,7 +605,7 @@ RUNNER_TEST(TA0740_get_cert_wrong_password, UserEnv) { test_positive(&ManagerAsync::saveCertificate, "alias", - getTestCertificate(MBANK), + getTestCertificate(OCSP_AVAILABLE_LEAF), Policy("password")); test_negative(&ManagerAsync::getCertificate, CKM_API_ERROR_AUTHENTICATION_FAILED, @@ -615,7 +615,7 @@ RUNNER_TEST(TA0740_get_cert_wrong_password, UserEnv) RUNNER_TEST(TA0750_get_cert_positive, UserEnv) { - test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy("password")); + test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy("password")); test_positive(&ManagerAsync::getCertificate, "alias", "password"); } @@ -683,10 +683,10 @@ RUNNER_TEST(TA1010_get_cert_alias_vector_invalid_param, UserEnv) RUNNER_TEST(TA1050_get_cert_alias_vector_positive, UserEnv) { - test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(MBANK), Policy()); + test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1") }); - test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(SYMANTEC), Policy()); + test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(OCSP_AVAILABLE_IM), Policy()); test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1"), aliasWithLabelFromSelf("alias2") }); @@ -855,8 +855,8 @@ RUNNER_TEST(TA1380_create_key_AES_positive, UserEnv) // getCertificateChain RUNNER_TEST(TA1410_get_certificate_chain_invalid_param, UserEnv) { - CertificateShPtr cert = getTestCertificate(MBANK); - CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) }; + CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF); + CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) }; test_no_observer(&ManagerAsync::getCertificateChain, cert, certv, @@ -884,8 +884,8 @@ RUNNER_TEST(TA1410_get_certificate_chain_invalid_param, UserEnv) RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv) { - CertificateShPtr cert = getTestCertificate(MBANK); - CertificateShPtrVector certv = { getTestCertificate(MBANK) }; + CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF); + CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF) }; test_negative(&ManagerAsync::getCertificateChain, CKM_API_ERROR_VERIFICATION_FAILED, cert, @@ -899,7 +899,7 @@ RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv) EMPTY_CERT_VECTOR, true); AliasVector aliasv = { "alias" }; - test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy()); + test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_LEAF), Policy()); test_negative(&ManagerAsync::getCertificateChain, CKM_API_ERROR_VERIFICATION_FAILED, cert, @@ -916,8 +916,8 @@ RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv) RUNNER_TEST(TA1450_get_certificate_chain_positive, UserEnv) { - CertificateShPtr cert = getTestCertificate(MBANK); - CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) }; + CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF); + CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) }; test_check_cert_chain(&ManagerAsync::getCertificateChain, 3, cert, @@ -926,7 +926,7 @@ RUNNER_TEST(TA1450_get_certificate_chain_positive, UserEnv) true); AliasVector aliasv = { "alias" }; - test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy()); + test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_IM), Policy()); test_check_cert_chain(&ManagerAsync::getCertificateChain, 3, cert, @@ -1138,7 +1138,7 @@ RUNNER_TEST(TA1710_ocsp_check_invalid_param, UserEnv) RUNNER_TEST(TA1720_ocsp_check_negative, UserEnv) { - CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) }; + CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF), getTestCertificate(OCSP_AVAILABLE_LEAF) }; auto obs = test_positive(&ManagerAsync::ocspCheck, certv); RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD, @@ -1147,8 +1147,8 @@ RUNNER_TEST(TA1720_ocsp_check_negative, UserEnv) RUNNER_TEST(TA1750_ocsp_check_positive, UserEnv) { - CertificateShPtr cert = getTestCertificate(MBANK); - CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) }; + CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF); + CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) }; auto obs = test_positive(&ManagerAsync::getCertificateChain, cert, certv, diff --git a/src/ckm/unprivileged/capi-certificate-chains.cpp b/src/ckm/unprivileged/capi-certificate-chains.cpp index 9d0a6fc..0c6dd75 100644 --- a/src/ckm/unprivileged/capi-certificate-chains.cpp +++ b/src/ckm/unprivileged/capi-certificate-chains.cpp @@ -317,10 +317,10 @@ RUNNER_TEST(TCCH_0010_get_chain_old_api) remove_user_data(APP_UID); ChainVerifierOld cv; - cv.verifyNegative(TestData::GOOGLE_COM); + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); - cv.addUntrusted(TestData::GIAG2); - cv.verifyPositive(TestData::GOOGLE_COM, 3); // including system cert + cv.addUntrusted(TestData::THIRD_PARTY_IM_CA2); + cv.verifyPositive(TestData::THIRD_PARTY_LEAF, 3); // including system cert cv.verifyNegative(TestData::TEST_LEAF); } @@ -330,7 +330,7 @@ RUNNER_TEST(TCCH_0020_get_chain_old_api_system_only) remove_user_data(APP_UID); ChainVerifierOld cv; - cv.verifyPositive(TestData::GIAG2, 2); // including system cert + cv.verifyPositive(TestData::THIRD_PARTY_IM_CA2, 2); // including system cert } // check invalid arguments @@ -338,8 +338,8 @@ RUNNER_TEST(TCCH_0100_get_certificate_chain_invalid_param) { remove_user_data(APP_UID); - ckmc_cert_s* ca2 = create_cert(TestData::GIAG2); - ckmc_cert_s* ca1 = create_cert(TestData::GEOTRUST); + ckmc_cert_s* ca2 = create_cert(TestData::THIRD_PARTY_IM_CA2); + ckmc_cert_s* ca1 = create_cert(TestData::THIRD_PARTY_IM_CA1); ckmc_cert_list_s* chain = NULL; // cert @@ -373,10 +373,10 @@ RUNNER_TEST(TCCH_0120_get_certificate_chain_root_ca_negative) ChainVerifier cv; cv.enableSystem(false); - cv.verifyNegative(TestData::EQUIFAX); + cv.verifyNegative(TestData::THIRD_PARTY_ROOT_CA); - cv.addUntrusted(TestData::GIAG2); - cv.verifyNegative(TestData::GOOGLE_COM); + cv.addUntrusted(TestData::THIRD_PARTY_IM_CA2); + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); } /* @@ -402,8 +402,8 @@ RUNNER_TEST(TCCH_0150_get_certificate_chain_system_only) remove_user_data(APP_UID); ChainVerifier cv; - cv.verifyPositive(TestData::GIAG2, 2); // including system cert - cv.verifyNegative(TestData::GOOGLE_COM); + cv.verifyPositive(TestData::THIRD_PARTY_IM_CA2, 2); // including system cert + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); } /* @@ -415,9 +415,9 @@ RUNNER_TEST(TCCH_0160_get_certificate_chain_no_untrusted) ChainVerifier cv; cv.addTrusted(TestData::TEST_ROOT_CA); - cv.verifyPositive(TestData::TEST_IM_CA, 2);// signed by trusted cert (TEST_ROOT_CA) - cv.verifyPositive(TestData::GIAG2, 2); // signed by system cert (GEOTRUST) - cv.verifyNegative(TestData::GOOGLE_COM); + cv.verifyPositive(TestData::TEST_IM_CA, 2); // signed by trusted cert (TEST_ROOT_CA) + cv.verifyPositive(TestData::THIRD_PARTY_IM_CA2, 2); // signed by system cert (THIRD_PARTY_ROOT_CA) + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); } RUNNER_TEST(TCCH_0170_get_certificate_chain_no_trusted) @@ -425,8 +425,8 @@ RUNNER_TEST(TCCH_0170_get_certificate_chain_no_trusted) remove_user_data(APP_UID); ChainVerifier cv; - cv.addUntrusted(TestData::GIAG2); - cv.verifyPositive(TestData::GOOGLE_COM,3); // including system cert + cv.addUntrusted(TestData::THIRD_PARTY_IM_CA2); + cv.verifyPositive(TestData::THIRD_PARTY_LEAF, 3); // including system cert cv.verifyNegative(TestData::TEST_LEAF); } @@ -442,7 +442,7 @@ RUNNER_TEST(TCCH_0180_get_certificate_chain_no_system) cv.addTrusted(TestData::TEST_ROOT_CA); cv.addUntrusted(TestData::TEST_IM_CA); cv.verifyPositive(TestData::TEST_LEAF, 3); - cv.verifyNegative(TestData::GOOGLE_COM); + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); } /* @@ -457,7 +457,7 @@ RUNNER_TEST(TCCH_0190_get_certificate_chain_im_ca_in_trusted) cv.addTrusted(TestData::TEST_ROOT_CA); cv.addTrusted(TestData::TEST_IM_CA); cv.verifyPositive(TestData::TEST_LEAF, 3); - cv.verifyNegative(TestData::GOOGLE_COM); + cv.verifyNegative(TestData::THIRD_PARTY_LEAF); } RUNNER_TEST(TCCH_0200_get_certificate_chain_all) @@ -467,14 +467,14 @@ RUNNER_TEST(TCCH_0200_get_certificate_chain_all) ChainVerifier cv; cv.enableSystem(true); cv.addTrusted(TestData::TEST_ROOT_CA); - cv.addUntrusted(TestData::GEOTRUST); - cv.addUntrusted(TestData::GIAG2); + cv.addUntrusted(TestData::THIRD_PARTY_IM_CA1); + cv.addUntrusted(TestData::THIRD_PARTY_IM_CA2); /* * In combat conditions this may as well be 3. Because of 2 existing GeoTrust certificates with * same Subject and Public key one being root ca and the other not there are 2 possible chains * of trust for this certificate. */ - cv.verifyPositive(TestData::GOOGLE_COM,4); + cv.verifyPositive(TestData::THIRD_PARTY_LEAF, 4); cv.verifyNegative(TestData::TEST_LEAF); } diff --git a/src/ckm/unprivileged/capi-testcases.cpp b/src/ckm/unprivileged/capi-testcases.cpp index 99a8085..0d8056b 100644 --- a/src/ckm/unprivileged/capi-testcases.cpp +++ b/src/ckm/unprivileged/capi-testcases.cpp @@ -227,7 +227,7 @@ RUNNER_TEST(T30204_certificate_C_API) { int temp; - std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2); + std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF); char* password = NULL; ckmc_cert_s *cert2; @@ -282,7 +282,7 @@ RUNNER_TEST(T30206_certificate_list_C_API) { int temp; - std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2); + std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF); char* password = NULL; ckmc_cert_s cert; @@ -400,7 +400,7 @@ RUNNER_TEST(T30210_certificate_with_DSA_key_C_API) { int temp; - std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2); + std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF); char* password = NULL; ckmc_cert_s *cert2 = NULL; @@ -1122,8 +1122,8 @@ RUNNER_TEST(T3071_CAPI_init) RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check) { - std::string ee = TestData::getTestCertificateBase64(TestData::MBANK); - std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC); + std::string ee = TestData::getTestCertificateBase64(TestData::OCSP_AVAILABLE_LEAF); + std::string im = TestData::getTestCertificateBase64(TestData::OCSP_AVAILABLE_IM); ckmc_cert_s c_cert; c_cert.raw_cert = reinterpret_cast(const_cast(ee.c_str())); @@ -1912,7 +1912,7 @@ RUNNER_TEST(T3093_CAPI_TYPE_BUFFER) RUNNER_TEST(T3094_CAPI_TYPE_CERT) { - std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2); + std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF); unsigned char *raw_cert = const_cast(reinterpret_cast(certPem.c_str())); unsigned int size = certPem.size(); @@ -1943,7 +1943,7 @@ RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file) { int ret; - std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK); + std::string certStr = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF); const char *file_name = "/tmp/ckmc_test_cert.pem"; remove(file_name); diff --git a/src/ckm/unprivileged/main.cpp b/src/ckm/unprivileged/main.cpp index 9f273a2..bdc625a 100644 --- a/src/ckm/unprivileged/main.cpp +++ b/src/ckm/unprivileged/main.cpp @@ -190,7 +190,7 @@ RUNNER_TEST(T1012_certificate) int temp; auto manager = CKM::Manager::create(); - auto cert = TestData::getTestCertificate(TestData::GIAG2); + auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF); CKM::CertificateShPtr cert2; CKM::Alias alias = "myCert"; @@ -738,7 +738,7 @@ RUNNER_TEST(T12105_saveCertificate_empty_alias) { ScopedDBUnlock unlock(USER_APP, APP_PASS); - auto cert = TestData::getTestCertificate(TestData::GIAG2); + auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF); CKM::Alias alias; //alias is not initialized int temp; @@ -752,7 +752,7 @@ RUNNER_TEST(T12106_saveCertificate_foreign_label) { ScopedDBUnlock unlock(USER_APP, APP_PASS); - auto cert = TestData::getTestCertificate(TestData::GIAG2); + auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF); CKM::Alias alias = "iamsomebodyelse alias"; int temp; @@ -1113,8 +1113,8 @@ RUNNER_TEST(T13122_get_chain_empty_cert) RUNNER_TEST(T13129_get_chain) { - auto cert = TestData::getTestCertificate(TestData::MBANK); - auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC); + auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF); + auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM); CKM::CertificateShPtrVector certVector = {cert1}; CKM::CertificateShPtrVector certChain; @@ -1147,8 +1147,8 @@ RUNNER_TEST(T13129_get_chain) RUNNER_TEST(T1313_get_chain_with_alias) { - auto cert = TestData::getTestCertificate(TestData::MBANK); - auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC); + auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF); + auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM); CKM::CertificateShPtrVector certChain; CKM::AliasVector aliasVector; @@ -1184,8 +1184,8 @@ RUNNER_TEST(T1313_get_chain_with_alias) RUNNER_TEST(T13141_ocsp_check_valid_chain) { - auto cert = TestData::getTestCertificate(TestData::MBANK); - auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC); + auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF); + auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM); CKM::CertificateShPtrVector certVector = {cert1}; CKM::CertificateShPtrVector certChain; @@ -1249,7 +1249,7 @@ RUNNER_TEST(T13143_ocsp_check_empty_ptrs) RUNNER_TEST(T13144_ocsp_check_root) { - auto root = TestData::getTestCertificate(TestData::EQUIFAX); + auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA); CKM::CertificateShPtrVector certVector = {root}; auto manager = CKM::Manager::create(); @@ -1265,9 +1265,9 @@ RUNNER_TEST(T13144_ocsp_check_root) RUNNER_TEST(T13145_ocsp_check_no_ocsp) { - auto root = TestData::getTestCertificate(TestData::EQUIFAX); - auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST); - auto ca1 = TestData::getTestCertificate(TestData::GIAG2); + auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA); + auto ca2 = TestData::getTestCertificate(TestData::THIRD_PARTY_IM_CA1); + auto ca1 = TestData::getTestCertificate(TestData::THIRD_PARTY_IM_CA2); CKM::CertificateShPtrVector certVector = {ca1, ca2, root}; -- 2.7.4