namespace {
const char* TEST_LABEL = "test_label";
+const CertificateShPtrVector EMPTY_CERT_VECTOR;
+const AliasVector EMPTY_ALIAS_VECTOR;
class MyObserver: public ManagerAsync::Observer
{
typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
const CertificateShPtr&,
- const CertificateShPtrVector&);
+ const CertificateShPtrVector&,
+ const CertificateShPtrVector&,
+ bool);
typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
const CertificateShPtr&,
- const AliasVector&);
+ const AliasVector&,
+ const AliasVector&,
+ bool);
} // namespace anonymous
CertificateShPtr cert = certs[0];
CertificateShPtrVector certv = { certs[1] };
- test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
+ test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
CertificateShPtr(),
- certv);
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
Alias alias = "alias";
AliasVector aliasv = { alias };
- test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain, cert, aliasv);
+ test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
CertificateShPtr(),
- aliasv);
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative)
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- CertificateShPtrVector());
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true);
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- certv);
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
AliasVector aliasv = { dbc.alias("alias") };
test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- AliasVector());
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true);
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- aliasv);
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive)
DBCleanup dbc;
CertificateShPtr cert = certs[0];
CertificateShPtrVector certv = { certs[1] };
- test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain, 3, cert, certv);
+ test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
AliasVector aliasv = { dbc.alias("alias") };
test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
- test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain, 3, cert, aliasv);
+ test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
// ocspCheck
RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param)
{
- test_no_observer(&ManagerAsync::ocspCheck, CertificateShPtrVector());
- test_invalid_param(&ManagerAsync::ocspCheck, CertificateShPtrVector());
+ test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
+ test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
}
RUNNER_CHILD_TEST(TA1720_ocsp_check_negative)
DBCleanup dbc;
CertificateShPtr cert = certs[0];
CertificateShPtrVector certv = { certs[1] };
- auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
+ auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
#include <dpl/log/log.h>
-static const int USER_APP = 5000;
-static const int GROUP_APP = 5000;
-static const int USER_TEST = 5001;
+namespace {
+const int USER_APP = 5000;
+const int GROUP_APP = 5000;
+const int USER_TEST = 5001;
+
+const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
+const CKM::AliasVector EMPTY_ALIAS_VECTOR;
+} // namespace anonymous
/*
* How to numerate tests:
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
"Wrong size of certificate chain.");
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
3 == certChain.size(),
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
aliasVector.push_back(full_address);
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
+ RUNNER_ASSERT_MSG_BT(
3 == certChain.size(),
"Wrong size of certificate chain.");
}
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
"Wrong size of certificate chain.");
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
+ RUNNER_ASSERT_MSG_BT(
3 == certChain.size(),
"Wrong size of certificate chain.");
"Error=" << CKM::ErrorToString(temp));
}
-// MJK TODO: to be uncommented once custom CA root can be provided to the CKM
-/*
RUNNER_TEST(T1810_verify_get_certificate_chain)
{
// this certificate has been signed using PKCS chain
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
aliasVector.push_back(alias_PKCS_exportable);
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
+ RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- 3 == certChain.size(),
- "Wrong size of certificate chain.");
-}*/
+ // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
+ RUNNER_ASSERT_MSG_BT(
+ 4 == certChain.size(),
+ "Wrong size of certificate chain: " << certChain.size());
+}
RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
{
projects / platform / core / test / security-tests.git / commitdiff