diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-10-12 09:22:44 +0900 |
---|---|---|
committer | sangwan kwon <sangwan.kwon@samsung.com> | 2016-10-12 21:28:46 -0700 |
commit | a4580bb02ee7c13a575be81e990711144cd305df (patch) | |
tree | d2369d56f0986b25213c37746cd3bb60faba5ac6 | |
parent | a7a25a3ca727ae324dfec12d8b32656044809227 (diff) | |
download | cert-svc-a4580bb02ee7c13a575be81e990711144cd305df.tar.gz cert-svc-a4580bb02ee7c13a575be81e990711144cd305df.tar.bz2 cert-svc-a4580bb02ee7c13a575be81e990711144cd305df.zip |
Unify get visibility logic
[AS-IS]
* Get CA certificates's visibility logic is implemented
* on ValidatorFactories.cpp and api.cpp seperatly.
[TO-BE]
* Unify get visibility logic to ValidatorFactories.cpp
Change-Id: Ie36940060ba1a38e9d484a7e86c05a1f4105afa1
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | src/CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/vcore/CertStoreType.h | 10 | ||||
-rw-r--r-- | src/vcore/SignatureValidator.cpp | 2 | ||||
-rw-r--r-- | src/vcore/api.cpp | 117 | ||||
-rw-r--r-- | tests/capi/common-res.cpp | 74 | ||||
-rw-r--r-- | tests/capi/common-res.h | 5 | ||||
-rw-r--r-- | tests/capi/test-certificate.cpp | 87 |
7 files changed, 154 insertions, 142 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 227ba74..68ae230 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -77,6 +77,7 @@ SET(VCORE_SOURCES SET(VCORE_INCLUDES ./ + cert-svc/ dpl/core/include dpl/log/include ) diff --git a/src/vcore/CertStoreType.h b/src/vcore/CertStoreType.h index d2a7ee4..630b478 100644 --- a/src/vcore/CertStoreType.h +++ b/src/vcore/CertStoreType.h @@ -26,23 +26,25 @@ #include <string> +#include <cert-svc/ccert.h> + namespace ValidationCore { namespace CertStoreId { typedef unsigned int Type; // RootCA certificates for developer mode. -const Type TIZEN_DEVELOPER = 1; +const Type TIZEN_DEVELOPER = CERTSVC_VISIBILITY_DEVELOPER; // RootCA certificates for author signatures. const Type TIZEN_TEST = 1 << 1; const Type TIZEN_VERIFY = 1 << 2; const Type TIZEN_STORE = 1 << 3; const Type TIZEN_REVOKED = 1 << 4; // RootCA's visibility level : public -const Type VIS_PUBLIC = 1 << 6; +const Type VIS_PUBLIC = CERTSVC_VISIBILITY_PUBLIC; // RootCA's visibility level : partner -const Type VIS_PARTNER = 1 << 7; +const Type VIS_PARTNER = CERTSVC_VISIBILITY_PARTNER; // RootCA's visibility level : platform -const Type VIS_PLATFORM = 1 << 10; +const Type VIS_PLATFORM = CERTSVC_VISIBILITY_PLATFORM; class Set { public: diff --git a/src/vcore/SignatureValidator.cpp b/src/vcore/SignatureValidator.cpp index 9247924..a130bee 100644 --- a/src/vcore/SignatureValidator.cpp +++ b/src/vcore/SignatureValidator.cpp @@ -295,9 +295,9 @@ VCerr SignatureValidator::Impl::preStep(void) LogDebug("Start to check certificate domain."); auto certificatePtr = m_data.getCertList().back(); auto storeIdSet = createCertificateIdentifier().find(certificatePtr); + // Check root CA certificate has proper domain. LogDebug("root certificate from " << storeIdSet.typeToString() << " domain"); - if (m_data.isAuthorSignature()) { if (!storeIdSet.contains(TIZEN_DEVELOPER)) { LogError("author-signature.xml's root certificate " diff --git a/src/vcore/api.cpp b/src/vcore/api.cpp index c2c8f12..1059c72 100644 --- a/src/vcore/api.cpp +++ b/src/vcore/api.cpp @@ -53,6 +53,7 @@ #include "vcore/CertificateCollection.h" #include "vcore/pkcs12.h" #include "vcore/Client.h" +#include "vcore/ValidatorFactories.h" #include "cert-svc/cinstance.h" #include "cert-svc/ccert.h" @@ -822,99 +823,36 @@ err: return CERTSVC_SUCCESS; } - // TODO : sangan.kwon, modify method by using CertificateIdentifier - int getVisibility(CertSvcCertificate certificate, CertSvcVisibility *visibility, - const char *fingerprintListPath) + int getVisibility(CertSvcCertificate certificate, CertSvcVisibility *visibility) { - int ret = CERTSVC_FAIL; - //xmlChar *xmlPathCertificateSet = (xmlChar*) "CertificateSet"; /*unused variable*/ - //xmlChar *xmlPathCertificateDomain = (xmlChar*) "CertificateDomain";// name=\"tizen-platform\""; /*unused variable*/ - xmlChar *xmlPathDomainPlatform = (xmlChar *) "tizen-platform"; - xmlChar *xmlPathDomainPublic = (xmlChar *) "tizen-public"; - xmlChar *xmlPathDomainPartner = (xmlChar *) "tizen-partner"; - xmlChar *xmlPathDomainDeveloper = (xmlChar *) "tizen-developer"; - //xmlChar *xmlPathFingerPrintSHA1 = (xmlChar*) "FingerprintSHA1"; /*unused variable*/ - auto iter = m_certificateMap.find(certificate.privateHandler); + if (visibility == NULL) + return CERTSVC_WRONG_ARGUMENT; + auto iter = m_certificateMap.find(certificate.privateHandler); if (iter == m_certificateMap.end()) { + LogError("Failed to find certificate."); return CERTSVC_FAIL; } - CertificatePtr certPtr = iter->second; - std::string fingerprint = Certificate::FingerprintToColonHex(certPtr->getFingerprint( - Certificate::FINGERPRINT_SHA1)); - /* load file */ - xmlDocPtr doc = xmlParseFile(fingerprintListPath); - - if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)) { - LogError("Failed to prase fingerprint_list.xml"); - return CERTSVC_IO_ERROR; - } - - xmlNodePtr curPtr = xmlFirstElementChild(xmlDocGetRootElement(doc)); - - if (curPtr == NULL) { - LogError("Can not find root"); - ret = CERTSVC_IO_ERROR; - goto out; - } - - while (curPtr != NULL) { - xmlAttr *attr = curPtr->properties; - - if (!attr->children || !attr->children->content) { - LogError("Failed to get fingerprints from list"); - ret = CERTSVC_FAIL; - goto out; - } - - xmlChar *strLevel = attr->children->content; - xmlNodePtr FpPtr = xmlFirstElementChild(curPtr); - - if (FpPtr == NULL) { - LogError("Could not find fingerprint"); - ret = CERTSVC_FAIL; - goto out; - } - - LogDebug("Retrieve level : " << strLevel); - - while (FpPtr) { - xmlChar *content = xmlNodeGetContent(FpPtr); - - if (xmlStrcmp(content, (xmlChar *)fingerprint.c_str()) == 0) { - LogDebug("fingerprint : " << content << " are " << strLevel); - - if (!xmlStrcmp(strLevel, xmlPathDomainPlatform)) { - *visibility = CERTSVC_VISIBILITY_PLATFORM; - ret = CERTSVC_SUCCESS; - goto out; - } else if (!xmlStrcmp(strLevel, xmlPathDomainPublic)) { - *visibility = CERTSVC_VISIBILITY_PUBLIC; - ret = CERTSVC_SUCCESS; - goto out; - } else if (!xmlStrcmp(strLevel, xmlPathDomainPartner)) { - *visibility = CERTSVC_VISIBILITY_PARTNER; - ret = CERTSVC_SUCCESS; - goto out; - } else if (!xmlStrcmp(strLevel, xmlPathDomainDeveloper)) { - *visibility = CERTSVC_VISIBILITY_DEVELOPER; - ret = CERTSVC_SUCCESS; - goto out; - } - } + auto certPtr = iter->second; + auto storeIdSet = createCertificateIdentifier().find(certPtr); + if (storeIdSet.contains(CERTSVC_VISIBILITY_PUBLIC)) + *visibility = CERTSVC_VISIBILITY_PUBLIC; + else if (storeIdSet.contains(CERTSVC_VISIBILITY_PLATFORM)) + *visibility = CERTSVC_VISIBILITY_PLATFORM; + else if (storeIdSet.contains(CERTSVC_VISIBILITY_PARTNER)) + *visibility = CERTSVC_VISIBILITY_PARTNER; + else if (storeIdSet.contains(CERTSVC_VISIBILITY_DEVELOPER)) + *visibility = CERTSVC_VISIBILITY_DEVELOPER; + else + return CERTSVC_FAIL; - FpPtr = xmlNextElementSibling(FpPtr); - } + LogInfo("Certificate's finger print : " << + Certificate::FingerprintToColonHex(certPtr->getFingerprint( + Certificate::FINGERPRINT_SHA1)) << + ", visibility : " << *visibility); - curPtr = xmlNextElementSibling(curPtr); - } - - xmlFreeDoc(doc); - return CERTSVC_FAIL; -out: - xmlFreeDoc(doc); - return ret; + return CERTSVC_SUCCESS; } inline int pkcsNameIsUniqueInStore( @@ -1537,16 +1475,9 @@ int certsvc_certificate_get_visibility(CertSvcCertificate certificate, CertSvcVisibility *visibility) { try { - int result = impl(certificate.privateInstance)->getVisibility(certificate, visibility, - FINGERPRINT_LIST_PATH); - if (result != CERTSVC_SUCCESS) { - LogDebug("Cannot find store id in FINGERPRINT_LIST_PATH. Find it in extention continue."); - result = impl(certificate.privateInstance)->getVisibility(certificate, visibility, - FINGERPRINT_LIST_EXT_PATH); - } + return impl(certificate.privateInstance)->getVisibility(certificate, visibility); - return result; } catch (...) { LogError("exception occur"); } diff --git a/tests/capi/common-res.cpp b/tests/capi/common-res.cpp index 7d3cb16..6a4d86e 100644 --- a/tests/capi/common-res.cpp +++ b/tests/capi/common-res.cpp @@ -253,3 +253,77 @@ std::string certChainSelfSignedArr[2] = { }; std::vector<std::string> TestData::certChainSelfSigned(certChainSelfSignedArr, certChainSelfSignedArr + 2); + +const std::string TestData::certCAAuthor = + "MIICnzCCAggCCQCn+GGT4zh+BjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC" + "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6" + "ZW4gVGVzdCBDQTElMCMGA1UECwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBD" + "QTElMCMGA1UEAwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBDQTAeFw0xMjEw" + "MjYwOTUwMTNaFw0yMjEwMjQwOTUwMTNaMIGTMQswCQYDVQQGEwJLUjEOMAwGA1UE" + "CAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENB" + "MSUwIwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQD" + "DBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUA" + "A4GNADCBiQKBgQDWT6ZH5JyGadTUK1QmNwU8j+py4WtuElJE+4/wPFP8/KBmvvmI" + "rGVjhUbKXToKIo8N6C/0SLxGEWuRAIoZHhg5JVbw1Ay7smgJJHizDUAqMTmV6LI9" + "yTFbBV+OlO2Dir4LVdQ/XDBiqqslr7pqXgsg1V2g7x+tOI/f3dn2kWoVZQIDAQAB" + "MA0GCSqGSIb3DQEBBQUAA4GBADGJYMtzUBDK+KKLZQ6zYmrKb+OWLlmEr/t/c2af" + "KjTKUtommcz8VeTPqrDBOwxlVPdxlbhisCYzzvwnWeZk1aeptxxU3kdW9N3/wocN" + "5nBzgqkkHJnj/ptqjrH2v/m0Z3hBuI4/akHIIfCBF8mUHwqcxYsRdcCIrkgp2Aiv" + "bSaM"; + +const std::string TestData::certCAPublic = + "MIIDOzCCAiOgAwIBAgIJAIghU0nmmUUlMA0GCSqGSIb3DQEBCwUAMFQxGjAYBgNV" + "BAoMEVRpemVuIEFzc29jaWF0aW9uMTYwNAYDVQQDDC1UaXplbiBBc3NvY2lhdGlv" + "biBERVZFTE9QRVIgUHVibGljIFJvb3QgQ2xhc3MwHhcNMTMxMjMwMTUwNTM5WhcN" + "MzMxMjI1MTUwNTM5WjBUMRowGAYDVQQKDBFUaXplbiBBc3NvY2lhdGlvbjE2MDQG" + "A1UEAwwtVGl6ZW4gQXNzb2NpYXRpb24gREVWRUxPUEVSIFB1YmxpYyBSb290IENs" + "YXNzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Z1tVsO0gVYdAxyz" + "+1mHNgHkdiLz8Drer9LXItILHOaJC21kBh3FByWL2fOxIAm7WGp/wCqqjY9GJRpz" + "tj/3uYEIJKDLLfwgwQJF1WoV3XzwTtY/ZO/N9lH51PhW/qQy+1qP8E0H1meKgVM3" + "m1IUuXLkpjzf1jfhcCM6gEQB9R4DBYd6ua0L/lGvkRQOjNMeAnEcmxCDXptRfu7v" + "/fOx3ttIV81Lf18VdQIi3yzRbP68z/MTfPNwhm/QG+C+v+JCv4A/mchEhAuPuuSu" + "1Op9QsiKZNY2wvJ0zOr44zM2smD3kbi4JgfYWUljFifDXsW1b6Lbzr42MsT+abpF" + "ciJZCQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAi" + "nOTRl3o20ww/M6UJCnGaGUU1fx+E/u+JUybz/DZWQtwZDh2dyVCoTaiVXcY71OXq" + "e4z+ZwarErdRnd6qfn6tNQBFJPj/quDULTVUHJwU72G/8Eh0zz0fQbCc7yD8vhMu" + "y1ceP45exApLzqupc4bFq3N+/lJiDzVNU/fVWjsr1ut5lHsXzXmeYUEGh+iwoFgD" + "z4zOJQ/0xwxcatkKBFZRnckUI46YyV9rlbeb9myTDqzRo/BXaor3lNbWJTvlKXrT" + "rGGUot1OUwUY0ZqRInUlWE45uOdIO1FE0VvJiBr2nTfS/APbg475t4D4gq3hvOkg" + "WdojCrFoNvutFOrtyxBz"; + +const std::string TestData::certCAPlatform = + "MIIDPzCCAiegAwIBAgIJAMHhUV/SBOJTMA0GCSqGSIb3DQEBCwUAMFYxGjAYBgNV" + "BAoMEVRpemVuIEFzc29jaWF0aW9uMTgwNgYDVQQDDC9UaXplbiBBc3NvY2lhdGlv" + "biBERVZFTE9QRVIgUGxhdGZvcm0gUm9vdCBDbGFzczAeFw0xMzEyMzAxNTA1Mzla" + "Fw0zMzEyMjUxNTA1MzlaMFYxGjAYBgNVBAoMEVRpemVuIEFzc29jaWF0aW9uMTgw" + "NgYDVQQDDC9UaXplbiBBc3NvY2lhdGlvbiBERVZFTE9QRVIgUGxhdGZvcm0gUm9v" + "dCBDbGFzczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOSPcakP+RAY" + "7zQ5CF/m+GgB6op0Bdn1Z90F72PRXZpBplyUqXhkx3Ug+x1EBAmOjo3BUh1f0u4u" + "BXrxkI4H1wtgG3kMoprzMERLdIfCMDp+MCGslIAbApWbTZ7akv8FOcZyL3apQda+" + "nLInd67uLOJ2YJ99CkeTZHKeoKy3P62gAZxw6j3UY+IBgdP8c+K3vII/KZj9Tl/G" + "afliSibhK48yJ9TEEdYobnaTKG9dtk5aj+dr4I4LW33MVuOaW+l1lZfaUdFRPbq4" + "eHw1tB/HOeV46yEoxmHKLNffsLuR2vhsXdyd/240JqnyEG1JoymPdRAM3uFSZYE1" + "/jM69Hg/5uECAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOC" + "AQEADsv3CXY79VtNchvONSTU13OibFwcTZFaq3O3DB6ClZVRFChyad+ZwmhGEY1p" + "rOwSFJZpPWOACuFdiSKg08FdJEUQMgQdQklUJY2kKAtSj40+4pIlvAd4MxGxj9JP" + "6r0cdnp6/rWfPPVOSpPps6Vx3ML4lxYWcybSwcqdRtdXvQFlA6w7Syjs8KmbIuBf" + "GmuFerjGJAawy3Uvlb7fuvtOXiPqLAOpNX/Qanj8yKxHPi4FcYdxD/n0yW+8SzeL" + "y8B5VVJlUX0u1VYe07Q3mNwrto+xw/Un5GAd6nupz3MGduWODK1rC65+sz8Q5SwI" + "Dbn/OGS3G5OJuLp3YnMLYpDkXA=="; + +const std::string TestData::certCAPartner = + "MIICozCCAgwCCQD9IBoOxzq2hjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC" + "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6" + "ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEq" + "MCgGA1UEAwwhVGl6ZW4gUGFydG5lciBEaXN0cmlidXRvciBSb290IENBMB4XDTEy" + "MTAyNjA4MTIzMVoXDTIyMTAyNDA4MTIzMVowgZUxCzAJBgNVBAYTAktSMQ4wDAYD" + "VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg" + "Q0ExIjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKjAoBgNVBAMM" + "IVRpemVuIFBhcnRuZXIgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B" + "AQEFAAOBjQAwgYkCgYEAnIBA2qQEaMzGalP0kzvwUxdCC6ybSC/fb+M9iGvt8QXp" + "ic2yARQB+bIhfbEu1XHwE1jCAGxKd6uT91b4FWr04YwnBPoRX4rBGIYlqo/dg+pS" + "rGyFjy7vfr0BOdWp2+WPlTe7SOS6bVauncrSoHxX0spiLaU5LU686BKr7YaABV0C" + "AwEAATANBgkqhkiG9w0BAQUFAAOBgQAX0Tcfmxcs1TUPBdr1U1dx/W/6Y4PcAF7n" + "DnMrR0ZNRPgeSCiVLax1bkHxcvW74WchdKIb24ZtAsFwyrsmUCRV842YHdfddjo6" + "xgUu7B8n7hQeV3EADh6ft/lE8nalzAl9tALTxAmLtYvEYA7thvDoKi1k7bN48izL" + "gS9G4WEAUg=="; diff --git a/tests/capi/common-res.h b/tests/capi/common-res.h index 117802f..a3a49e6 100644 --- a/tests/capi/common-res.h +++ b/tests/capi/common-res.h @@ -111,4 +111,9 @@ extern std::vector<std::string> certChain; */ extern std::vector<std::string> certChainSelfSigned; +extern const std::string certCAAuthor; +extern const std::string certCAPublic; +extern const std::string certCAPlatform; +extern const std::string certCAPartner; + } diff --git a/tests/capi/test-certificate.cpp b/tests/capi/test-certificate.cpp index 0bc483a..3f8199c 100644 --- a/tests/capi/test-certificate.cpp +++ b/tests/capi/test-certificate.cpp @@ -15,10 +15,12 @@ */ #include <iostream> - #include <string> #include <cstring> +#include <map> + #include <openssl/x509.h> + #include <dpl/test/test_runner.h> #include <cert-svc/ccert.h> @@ -495,47 +497,44 @@ RUNNER_TEST(T0205_certificate_verify_with_caflag_selfsign_root) RUNNER_TEST(T0206_certificate_get_visibility) { - /* - * format : DER_BASE64 FORM - * which is identical to pem format without header and tail - */ - const char *tizen_distributor_root_ca_partner_der_base64 = - "MIICozCCAgwCCQD9IBoOxzq2hjANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMC\n" - "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6\n" - "ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEq\n" - "MCgGA1UEAwwhVGl6ZW4gUGFydG5lciBEaXN0cmlidXRvciBSb290IENBMB4XDTEy\n" - "MTAyNjA4MTIzMVoXDTIyMTAyNDA4MTIzMVowgZUxCzAJBgNVBAYTAktSMQ4wDAYD\n" - "VQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3Qg\n" - "Q0ExIjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKjAoBgNVBAMM\n" - "IVRpemVuIFBhcnRuZXIgRGlzdHJpYnV0b3IgUm9vdCBDQTCBnzANBgkqhkiG9w0B\n" - "AQEFAAOBjQAwgYkCgYEAnIBA2qQEaMzGalP0kzvwUxdCC6ybSC/fb+M9iGvt8QXp\n" - "ic2yARQB+bIhfbEu1XHwE1jCAGxKd6uT91b4FWr04YwnBPoRX4rBGIYlqo/dg+pS\n" - "rGyFjy7vfr0BOdWp2+WPlTe7SOS6bVauncrSoHxX0spiLaU5LU686BKr7YaABV0C\n" - "AwEAATANBgkqhkiG9w0BAQUFAAOBgQAX0Tcfmxcs1TUPBdr1U1dx/W/6Y4PcAF7n\n" - "DnMrR0ZNRPgeSCiVLax1bkHxcvW74WchdKIb24ZtAsFwyrsmUCRV842YHdfddjo6\n" - "xgUu7B8n7hQeV3EADh6ft/lE8nalzAl9tALTxAmLtYvEYA7thvDoKi1k7bN48izL\n" - "gS9G4WEAUg=="; - CertSvcInstance instance; - CertSvcCertificate certificate; - int retval; - RUNNER_ASSERT_MSG( - (retval = certsvc_instance_new(&instance)) == CERTSVC_SUCCESS, - "Failed to certsvc_instance_new. retval:" << retval); - RUNNER_ASSERT_MSG( - (retval = certsvc_certificate_new_from_memory( - instance, - (const unsigned char *)tizen_distributor_root_ca_partner_der_base64, - strlen(tizen_distributor_root_ca_partner_der_base64), - CERTSVC_FORM_DER_BASE64, - &certificate) == CERTSVC_SUCCESS), - "Failed to certsvc_certificate_new_from_memory. retval: " << retval); - CertSvcVisibility visibility; - RUNNER_ASSERT_MSG( - (retval == certsvc_certificate_get_visibility(certificate, &visibility)) == CERTSVC_SUCCESS, - "Failed to certsvc_certificate_get_visibility. retval: " << retval); - RUNNER_ASSERT_MSG( - visibility == CERTSVC_VISIBILITY_PARTNER, - "returned visibility should be partner(" << CERTSVC_VISIBILITY_PARTNER - << ") but returned(" << visibility << ")"); - certsvc_instance_free(instance); + std::map<CertSvcVisibility, const std::string> caMap; + caMap.insert(std::pair<CertSvcVisibility, const std::string>( + CERTSVC_VISIBILITY_DEVELOPER, + TestData::certCAAuthor)); + caMap.insert(std::pair<CertSvcVisibility, const std::string>( + CERTSVC_VISIBILITY_PUBLIC, + TestData::certCAPublic)); + caMap.insert(std::pair<CertSvcVisibility, const std::string>( + CERTSVC_VISIBILITY_PLATFORM, + TestData::certCAPlatform)); + caMap.insert(std::pair<CertSvcVisibility, const std::string>( + CERTSVC_VISIBILITY_PARTNER, + TestData::certCAPartner)); + + for (auto ca : caMap) { + CertSvcInstance instance; + CertSvcCertificate certificate; + int retval; + RUNNER_ASSERT_MSG( + (retval = certsvc_instance_new(&instance)) == CERTSVC_SUCCESS, + "Failed to certsvc_instance_new. retval:" << retval); + RUNNER_ASSERT_MSG( + (retval = certsvc_certificate_new_from_memory( + instance, + reinterpret_cast<const unsigned char *>(ca.second.c_str()), + ca.second.size(), + CERTSVC_FORM_DER_BASE64, + &certificate) == CERTSVC_SUCCESS), + "Failed to certsvc_certificate_new_from_memory. retval: " << retval); + CertSvcVisibility visibility; + RUNNER_ASSERT_MSG( + (retval == certsvc_certificate_get_visibility( + certificate, &visibility)) == CERTSVC_SUCCESS, + "Failed to certsvc_certificate_get_visibility. retval: " << retval); + RUNNER_ASSERT_MSG( + visibility == ca.first, + "returned visibility should be (" << ca.first << + ") but returned(" << visibility << ")"); + certsvc_instance_free(instance); + } } |