diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2017-03-24 18:17:38 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2017-03-24 18:17:38 +0900 |
commit | 97b1eb4200762e04ca793b5e0c2bf0bfe2541a8c (patch) | |
tree | 0eeb21670312d8d581a53cec55c178de121b5023 | |
parent | 11fd00766270ad3fc740b9f1e7414b58f04ad501 (diff) | |
download | cert-svc-97b1eb4200762e04ca793b5e0c2bf0bfe2541a8c.tar.gz cert-svc-97b1eb4200762e04ca793b5e0c2bf0bfe2541a8c.tar.bz2 cert-svc-97b1eb4200762e04ca793b5e0c2bf0bfe2541a8c.zip |
Move trust-anchor to seperate git
Change-Id: Ibb55a1f8f64759aee36a597bd66cf2d9f9111a39
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
40 files changed, 0 insertions, 2280 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 4c3700c..f7a4e96 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,7 +25,6 @@ ADD_DEFINITIONS("-Wextra") ADD_DEFINITIONS("-Werror") SET(TARGET_VCORE_LIB "cert-svc-vcore") -SET(TARGET_TRANSEC_LIB "cert-svc-transec") SET(TARGET_CERT_SERVER "cert-server") ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_RO_PATH}/schema.xsd\"") @@ -34,9 +33,6 @@ ADD_DEFINITIONS("-DSERVER_STREAM=\"${SERVER_STREAM}\"") ADD_DEFINITIONS("-DCERTSVC_SYSTEM_STORE_DB=\"${CERT_SVC_DB_PATH}/certs-meta.db\"") ADD_DEFINITIONS("-DCERTSVC_PKCS12_STORAGE_DIR=\"${CERT_SVC_PKCS12}/\"") -ADD_DEFINITIONS("-DCERTSVC_TRANSEC_USR_DIR=\"${CERT_SVC_TRANSEC_USR}\"") -ADD_DEFINITIONS("-DCERTSVC_TRANSEC_GLOBAL_DIR=\"${CERT_SVC_TRANSEC_GLOBAL}\"") -ADD_DEFINITIONS("-DCERTSVC_TRANSEC_BUNDLE=\"${CERT_SVC_TRANSEC_BUNDLE}\"") ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS=\"${TZ_SYS_CA_CERTS}\"") ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS_ORIG=\"${TZ_SYS_CA_CERTS_ORIG}\"") diff --git a/packaging/cert-svc.spec b/packaging/cert-svc.spec index 2bd225c..1e48107 100644 --- a/packaging/cert-svc.spec +++ b/packaging/cert-svc.spec @@ -47,11 +47,6 @@ Requires: openssl %global cert_svc_ro_path %ro_data_dir/cert-svc %global cert_svc_db_path %cert_svc_path/dbspace %global cert_svc_pkcs12 %cert_svc_path/pkcs12 -%global cert_svc_transec %cert_svc_path/transec -%global cert_svc_transec_res %cert_svc_transec/res -%global cert_svc_transec_usr %cert_svc_transec/usr -%global cert_svc_transec_global %cert_svc_transec/global -%global cert_svc_transec_bundle %cert_svc_transec_res/ca-bundle.pem %global cert_svc_ca_bundle %cert_svc_path/ca-certificate.crt %global cert_svc_examples %cert_svc_ro_path/examples %global cert_svc_tests %rw_app_dir/cert-svc-tests @@ -123,9 +118,6 @@ export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE" -DCERT_SVC_PATH=%cert_svc_path \ -DCERT_SVC_RO_PATH=%cert_svc_ro_path \ -DCERT_SVC_PKCS12=%cert_svc_pkcs12 \ - -DCERT_SVC_TRANSEC_USR=%cert_svc_transec_usr \ - -DCERT_SVC_TRANSEC_GLOBAL=%cert_svc_transec_global \ - -DCERT_SVC_TRANSEC_BUNDLE=%cert_svc_transec_bundle \ -DCERT_SVC_DB_PATH=%cert_svc_db_path \ -DCERT_SVC_OLD_DB_PATH=%cert_svc_old_db_path \ -DUPGRADE_SCRIPT_PATH=%upgrade_script_path \ @@ -145,12 +137,8 @@ make %{?_smp_mflags} %install_service sockets.target.wants cert-server.socket mkdir -p %buildroot%cert_svc_pkcs12 -mkdir -p %buildroot%cert_svc_transec_res -mkdir -p %buildroot%cert_svc_transec_usr -mkdir -p %buildroot%cert_svc_transec_global touch %buildroot%cert_svc_db_path/certs-meta.db-journal -touch %buildroot%cert_svc_transec_bundle ln -sf %TZ_SYS_CA_BUNDLE %buildroot%cert_svc_ca_bundle @@ -182,7 +170,6 @@ fi %_unitdir/cert-server.socket %_unitdir/sockets.target.wants/cert-server.socket %_libdir/libcert-svc-vcore.so.* -%_libdir/libcert-svc-transec.so.* %bin_dir/cert-server %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12 @@ -191,7 +178,6 @@ fi %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db %attr(-, %{user_name}, %{group_name}) %cert_svc_db_path/certs-meta.db-journal %attr(-, %{user_name}, %{group_name}) %cert_svc_ro_path -%attr(-, %{user_name}, %{group_name}) %cert_svc_transec/* %attr(755, root, root) %upgrade_script_path/202.cert-svc-db-upgrade.sh %attr(755, root, root) %upgrade_script_path/203.cert-svc-disabled-certs-upgrade.sh @@ -201,7 +187,6 @@ fi %_includedir/* %_libdir/pkgconfig/* %_libdir/libcert-svc-vcore.so -%_libdir/libcert-svc-transec.so %if 0%{?certsvc_test_build} %files test diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 6f93734..94a9a59 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -165,5 +165,3 @@ INSTALL(FILES cert-svc/cstring.h DESTINATION ${INCLUDEDIR}/cert-svc/cert-svc ) - -ADD_SUBDIRECTORY(transec) diff --git a/src/transec/Api.cpp b/src/transec/Api.cpp deleted file mode 100644 index be85acb..0000000 --- a/src/transec/Api.cpp +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file Api.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Implementation of trust anchor CAPI. - */ -#include "tanchor/trust-anchor.h" - -#include "TrustAnchor.h" - -using namespace transec; - -int trust_anchor_global_install(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates) -{ - TrustAnchor ta(package_id, app_certificates_path); - return ta.install(with_system_certificates); -} - -int trust_anchor_usr_install(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates) -{ - TrustAnchor ta(package_id, app_certificates_path, uid); - return ta.install(with_system_certificates); -} - -int trust_anchor_global_launch(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates) -{ - TrustAnchor ta(package_id, app_certificates_path); - return ta.launch(with_system_certificates); -} - -int trust_anchor_usr_launch(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates) -{ - TrustAnchor ta(package_id, app_certificates_path, uid); - return ta.launch(with_system_certificates); -} - -int trust_anchor_global_uninstall(const char *package_id, - const char *app_certificates_path) -{ - TrustAnchor ta(package_id, app_certificates_path); - return ta.uninstall(); -} - -int trust_anchor_usr_uninstall(const char *package_id, - const char *app_certificates_path, - uid_t uid) -{ - TrustAnchor ta(package_id, app_certificates_path, uid); - return ta.uninstall(); -} diff --git a/src/transec/CMakeLists.txt b/src/transec/CMakeLists.txt deleted file mode 100644 index 79a6765..0000000 --- a/src/transec/CMakeLists.txt +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Sangwan Kwon (sangwan.kwon@samsung.com) -# @breif Make trasnport security library -# -PKG_CHECK_MODULES(${TARGET_TRANSEC_LIB}_DEP - REQUIRED - klay - openssl -) - -SET(${TARGET_TRANSEC_LIB}_SRCS - InitLib.cpp - Exception.cpp - Api.cpp - Certificate.cpp - TrustAnchor.cpp -) - -INCLUDE_DIRECTORIES( - SYSTEM - . - ${${TARGET_TRANSEC_LIB}_DEP_INCLUDE_DIRS} -) - -ADD_LIBRARY(${TARGET_TRANSEC_LIB} SHARED ${${TARGET_TRANSEC_LIB}_SRCS}) - -# TODO(sangwan.kwon) visibility needed to be hidden -SET_TARGET_PROPERTIES(${TARGET_TRANSEC_LIB} - PROPERTIES - COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=default" - SOVERSION ${SO_VERSION} - VERSION ${VERSION} -) - -TARGET_LINK_LIBRARIES(${TARGET_TRANSEC_LIB} - ${${TARGET_TRANSEC_LIB}_DEP_LIBRARIES} -) - -INSTALL(TARGETS ${TARGET_TRANSEC_LIB} DESTINATION ${LIB_INSTALL_DIR}) - -INSTALL(FILES - TrustAnchor.h - DESTINATION - ${INCLUDEDIR}/cert-svc/transec -) - -INSTALL(DIRECTORY - tanchor - DESTINATION - ${INCLUDEDIR}) diff --git a/src/transec/Certificate.cpp b/src/transec/Certificate.cpp deleted file mode 100644 index 7a37785..0000000 --- a/src/transec/Certificate.cpp +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file Certificate.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief - */ -#include "Certificate.h" - -#include <cstdio> -#include <vector> -#include <stdexcept> - -#include <openssl/pem.h> - -namespace transec { - -namespace { - -using X509Ptr = std::unique_ptr<X509, decltype(&::X509_free)>; - -const std::string START_CERT = "-----BEGIN CERTIFICATE-----"; -const std::string END_CERT = "-----END CERTIFICATE-----"; -const std::string START_TRUSTED = "-----BEGIN TRUSTED CERTIFICATE-----"; -const std::string END_TRUSTED = "-----END TRUSTED CERTIFICATE-----"; - -const int HASH_LENGTH = 8; - -} // namespace anonymous - -Certificate::Certificate(const std::string &path) : - m_fp(FilePtr(fopen(path.c_str(), "rb"), ::fclose)) -{ - if (this->m_fp == nullptr) - throw std::invalid_argument("Faild to open certificate."); -} - -std::string Certificate::getSubjectNameHash() const -{ - X509Ptr x509(::PEM_read_X509(this->m_fp.get(), NULL, NULL, NULL), - ::X509_free); - if (x509 == nullptr) { - ::rewind(this->m_fp.get()); - x509 = X509Ptr(::PEM_read_X509_AUX(this->m_fp.get(), NULL, NULL, NULL), - ::X509_free); - } - - if (x509 == nullptr) - throw std::logic_error("Failed to read certificate."); - - std::vector<char> buf(HASH_LENGTH + 1); - snprintf(buf.data(), buf.size(), - "%08lx", ::X509_subject_name_hash(x509.get())); - - return std::string(buf.data(), HASH_LENGTH); -} - -std::string Certificate::getCertificateData() const -{ - std::fseek(this->m_fp.get(), 0L, SEEK_END); - unsigned int fsize = std::ftell(this->m_fp.get()); - std::rewind(this->m_fp.get()); - - std::string content(fsize, 0); - if (fsize != std::fread(static_cast<void*>(&content[0]), 1, fsize, - this->m_fp.get())) - throw std::logic_error("Failed to read certificate from fp."); - - return this->parseData(content); -} - -std::string Certificate::parseData(const std::string &data) const -{ - if (data.empty()) - throw std::logic_error("There is no data to parse."); - - size_t from = data.find(START_CERT); - size_t to = data.find(END_CERT); - size_t tailLen = END_CERT.length(); - - if (from == std::string::npos || to == std::string::npos || from > to) { - from = data.find(START_TRUSTED); - to = data.find(END_TRUSTED); - tailLen = END_TRUSTED.length(); - } - - if (from == std::string::npos || to == std::string::npos || from > to) - throw std::logic_error("Failed to parse certificate."); - - return std::string(data, from, to - from + tailLen); -} - -} // namespace transec diff --git a/src/transec/Certificate.h b/src/transec/Certificate.h deleted file mode 100644 index fe216db..0000000 --- a/src/transec/Certificate.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file Certificate.h - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief - */ -#pragma once - -#include <string> -#include <memory> -#include <cstdio> - -namespace transec { - -using FilePtr = std::unique_ptr<FILE, decltype(&::fclose)>; - -class Certificate { -public: - explicit Certificate(const std::string &path); - virtual ~Certificate(void) = default; - - Certificate(const Certificate &) = delete; - Certificate(Certificate &&) = delete; - Certificate &operator=(const Certificate &) = delete; - Certificate &operator=(Certificate &&) = delete; - - std::string getSubjectNameHash() const; - std::string getCertificateData() const; - -private: - std::string parseData(const std::string &data) const; - - FilePtr m_fp; -}; - -} // namespace transec diff --git a/src/transec/Exception.cpp b/src/transec/Exception.cpp deleted file mode 100644 index a9cc828..0000000 --- a/src/transec/Exception.cpp +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file Exception.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Exception guard and custom exceptions - */ -#include "Exception.h" - -#include <exception> - -#include <klay/exception.h> -#include <klay/audit/logger.h> - -namespace transec { - -int exceptionGuard(const std::function<int()> &func) -{ - // TODO add custom error code - try { - return func(); - } catch (runtime::Exception &e) { - ERROR(e.what()); - return -1; - } catch (const std::invalid_argument &e) { - ERROR("Invalid argument: " << e.what()); - return -1; - } catch (const std::exception &e) { - ERROR(e.what()); - return -1; - } catch (...) { - ERROR("Unknown exception occurred."); - return -1; - } -} - -} // namespace transec diff --git a/src/transec/Exception.h b/src/transec/Exception.h deleted file mode 100644 index 9d2b959..0000000 --- a/src/transec/Exception.h +++ /dev/null @@ -1,33 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file Exception.h - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Exception guard and custom exceptions - */ -#pragma once - -#include <functional> - -#define EXCEPTION_GUARD_START return transec::exceptionGuard([&]() { -#define EXCEPTION_GUARD_END }); - -namespace transec { - -int exceptionGuard(const std::function<int()> &); - -} // namespace transec diff --git a/src/transec/InitLib.cpp b/src/transec/InitLib.cpp deleted file mode 100644 index 2e31105..0000000 --- a/src/transec/InitLib.cpp +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file InitLib.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Init global configuration for library - */ - -#include <klay/audit/logger.h> -#include <klay/audit/dlog-sink.h> - -#include <memory> - -namespace transec { -namespace { - -class InitLib { -public: - InitLib() - { - audit::Logger::setBackend(new audit::DlogLogSink()); - audit::Logger::setTag("CERT_SVC"); - }; - ~InitLib() = default; -}; - -static std::unique_ptr<InitLib> init(new(std::nothrow)(InitLib)); - -} // namespace anonymous -} // namespace transec diff --git a/src/transec/TrustAnchor.cpp b/src/transec/TrustAnchor.cpp deleted file mode 100644 index c67c1eb..0000000 --- a/src/transec/TrustAnchor.cpp +++ /dev/null @@ -1,363 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file TrustAnchor.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Implementation of trust anchor - */ -#include "TrustAnchor.h" - -#include <climits> -#include <cerrno> -#include <ctime> - -#include <unistd.h> -#include <fcntl.h> -#include <sys/mount.h> -#include <sys/stat.h> - -#include <set> -#include <vector> - -#include <klay/filesystem.h> -#include <klay/audit/logger.h> - -#include "Certificate.h" -#include "Exception.h" - -namespace transec { - -namespace { - -const std::string BASE_USR_PATH(CERTSVC_TRANSEC_USR_DIR); -const std::string BASE_GLOBAL_PATH(CERTSVC_TRANSEC_GLOBAL_DIR); -const std::string TRANSEC_BUNDLE_PATH(CERTSVC_TRANSEC_BUNDLE); -const std::string SYS_CERTS_PATH(TZ_SYS_CA_CERTS); -const std::string SYS_BUNDLE_PATH(TZ_SYS_CA_BUNDLE); -const std::string MOUNT_POINT_CERTS(TZ_SYS_CA_CERTS); -const std::string MOUNT_POINT_BUNDLE(TZ_SYS_CA_BUNDLE); -const std::string BUNDLE_NAME("ca-bundle.pem"); -const std::string NEW_LINE("\n"); - -} // namespace anonymous - -class TrustAnchor::Impl { -public: - explicit Impl(const std::string &packageId, - const std::string &certsDir, - uid_t uid) noexcept; - explicit Impl(const std::string &packageId, - const std::string &certsDir) noexcept; - virtual ~Impl(void) = default; - - int install(bool withSystemCerts) noexcept; - int uninstall(bool isRollback = false) noexcept; - int launch(bool withSystemCerts); - -private: - void preInstall(void) const; - void linkTo(const std::string &src, const std::string &dst) const; - void makeCustomBundle(bool withSystemCerts); - std::string readLink(const std::string &path) const; - std::string getUniqueHashName(const std::string &hashName) const; - bool isSystemCertsModified(void) const; - - std::string m_packageId; - std::string m_appCertsPath; - uid_t m_uid; - - std::string m_customBasePath; - std::string m_customCertsPath; - std::string m_customBundlePath; - - std::set<std::string> m_customCertNameSet; - std::vector<std::string> m_customCertsData; -}; - -TrustAnchor::Impl::Impl(const std::string &packageId, - const std::string &certsDir, - uid_t uid) noexcept : - m_packageId(packageId), - m_appCertsPath(certsDir), - m_uid(uid), - m_customBasePath(BASE_USR_PATH + "/" + - std::to_string(static_cast<int>(uid)) + "/" + - packageId), - m_customCertsPath(m_customBasePath + "/certs"), - m_customBundlePath(m_customBasePath + "/bundle"), - m_customCertNameSet(), - m_customCertsData() {} - -TrustAnchor::Impl::Impl(const std::string &packageId, - const std::string &certsDir) noexcept : - m_packageId(packageId), - m_appCertsPath(certsDir), - m_uid(-1), - m_customBasePath(BASE_GLOBAL_PATH + "/" + packageId), - m_customCertsPath(m_customBasePath + "/certs"), - m_customBundlePath(m_customBasePath + "/bundle"), - m_customCertNameSet(), - m_customCertsData() {} - -std::string TrustAnchor::Impl::readLink(const std::string &path) const -{ - std::vector<char> buf(PATH_MAX); - ssize_t count = readlink(path.c_str(), buf.data(), buf.size()); - return std::string(buf.data(), (count > 0) ? count : 0); -} - -void TrustAnchor::Impl::linkTo(const std::string &src, - const std::string &dst) const -{ - errno = 0; - int ret = ::symlink(src.c_str(), dst.c_str()); - if (ret != 0) - throw std::logic_error("Fail to link " + src + " -> " + dst + - "[" + std::to_string(errno) + "]"); -} - -void TrustAnchor::Impl::preInstall(void) const -{ - runtime::File customBaseDir(this->m_customBasePath); - if (customBaseDir.exists()) { - WARN("App custom directory is already exist. remove it!"); - customBaseDir.remove(true); - } - customBaseDir.makeDirectory(true); - - runtime::File customCertsDir(this->m_customCertsPath); - customCertsDir.makeDirectory(); - - runtime::File customBundleDir(this->m_customBundlePath); - customBundleDir.makeDirectory(); - - runtime::File appCertsDir(this->m_appCertsPath); - if (!appCertsDir.exists() || !appCertsDir.isDirectory()) - throw std::invalid_argument("App custom certs path is wrong. : " + - m_appCertsPath); - - DEBUG("Success to pre-install stage."); -} - -int TrustAnchor::Impl::install(bool withSystemCerts) noexcept -{ - EXCEPTION_GUARD_START - - this->preInstall(); - - if (withSystemCerts) { - // link system certificates to the custom directory - runtime::DirectoryIterator iter(SYS_CERTS_PATH), end; - while (iter != end) { - linkTo(readLink(iter->getPath()), - this->m_customCertsPath + "/" + iter->getName()); - this->m_customCertNameSet.emplace(iter->getName()); - ++iter; - } - DEBUG("Success to migrate system certificates."); - } - - // link app certificates to the custom directory as subjectNameHash - runtime::DirectoryIterator iter(this->m_appCertsPath), end; - while (iter != end) { - Certificate cert(iter->getPath()); - std::string hashName = this->getUniqueHashName(cert.getSubjectNameHash()); - linkTo(iter->getPath(), - this->m_customCertsPath + "/" + hashName); - this->m_customCertNameSet.emplace(std::move(hashName)); - - this->m_customCertsData.emplace_back(cert.getCertificateData()); - ++iter; - } - - this->makeCustomBundle(withSystemCerts); - - INFO("Success to install[" << this->m_packageId << - "] to " << this->m_customBasePath); - return 0; - - EXCEPTION_GUARD_END -} - -int TrustAnchor::Impl::uninstall(bool isRollback) noexcept -{ - EXCEPTION_GUARD_START - - runtime::File customBaseDir(this->m_customBasePath); - if (!customBaseDir.exists() && !isRollback) - throw std::invalid_argument("There is no installed anchor previous."); - - if (customBaseDir.exists()) - customBaseDir.remove(true); - - INFO("Success to uninstall. : " << this->m_packageId); - return 0; - - EXCEPTION_GUARD_END -} - -bool TrustAnchor::Impl::isSystemCertsModified(void) const -{ - struct stat systemAttr, customAttr; - - stat(SYS_BUNDLE_PATH.c_str(), &systemAttr); - DEBUG("System bundle mtime : " << ::ctime(&systemAttr.st_mtime)); - - auto customBundle = this->m_customBundlePath + "/" + BUNDLE_NAME; - stat(customBundle.c_str(), &customAttr); - DEBUG("Custom bundle mtime : " << ::ctime(&customAttr.st_mtime)); - - return systemAttr.st_mtime > customAttr.st_mtime; -} - -int TrustAnchor::Impl::launch(bool withSystemCerts) -{ - EXCEPTION_GUARD_START - - if (withSystemCerts && this->isSystemCertsModified()) - this->makeCustomBundle(true); - - errno = 0; - // disassociate from the parent namespace - if (::unshare(CLONE_NEWNS)) - throw std::logic_error("Failed to unshare namespace > " + - std::to_string(errno)); - - // convert it to a slave for preventing propagation - if (::mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL)) - throw std::logic_error("Failed to disconnect root fs."); - - if (::mount(this->m_customCertsPath.c_str(), - MOUNT_POINT_CERTS.c_str(), - NULL, - MS_BIND, - NULL)) - throw std::logic_error("Failed to mount certs."); - - auto bundle = this->m_customBundlePath + "/" + BUNDLE_NAME; - if (::mount(bundle.c_str(), - MOUNT_POINT_BUNDLE.c_str(), - NULL, - MS_BIND, - NULL)) - throw std::logic_error("Failed to mount bundle."); - - INFO("Success to launch. : " << this->m_packageId); - return 0; - - EXCEPTION_GUARD_END -} - -std::string TrustAnchor::Impl::getUniqueHashName( - const std::string &hashName) const -{ - int sameFileNameCnt = 0; - std::string uniqueName; - do { - uniqueName = hashName + "." + std::to_string(sameFileNameCnt++); - } while (this->m_customCertNameSet.find(uniqueName) != - this->m_customCertNameSet.end()); - - return uniqueName; -} - -void TrustAnchor::Impl::makeCustomBundle(bool withSystemCerts) -{ - runtime::File customBundle(this->m_customBundlePath + "/" + - BUNDLE_NAME); - if (customBundle.exists()) { - WARN("App custom bundle is already exist. remove it!"); - customBundle.remove(); - } - - DEBUG("Start to migrate previous bundle."); - if (withSystemCerts) { - runtime::File sysBundle(SYS_BUNDLE_PATH); - if (!sysBundle.exists()) - throw std::logic_error("There is no system bundle file."); - sysBundle.copyTo(this->m_customBundlePath); - } else { - runtime::File transecBundle(TRANSEC_BUNDLE_PATH); - if (!transecBundle.exists()) - throw std::logic_error("There is no transec bundle file."); - transecBundle.copyTo(this->m_customBundlePath); - } - DEBUG("Finish migrating previous bundle."); - - if (this->m_customCertsData.empty()) { - DEBUG("System certificates is changed after TrustAnchor installation."); - runtime::DirectoryIterator iter(this->m_appCertsPath), end; - while (iter != end) { - Certificate cert(iter->getPath()); - this->m_customCertsData.emplace_back(cert.getCertificateData()); - ++iter; - } - } - - DEBUG("Start to add app's certificate to bundle."); - customBundle.open(O_RDWR | O_APPEND); - for (const auto &cert : this->m_customCertsData) { - customBundle.write(cert.c_str(), cert.length()); - customBundle.write(NEW_LINE.c_str(), NEW_LINE.length()); - } - - INFO("Success to make app custom bundle."); -} - -TrustAnchor::TrustAnchor(const std::string &packageId, - const std::string &certsDir, - uid_t uid) noexcept : - m_pImpl(new Impl(packageId, certsDir, uid)) {} - -TrustAnchor::TrustAnchor(const std::string &packageId, - const std::string &certsDir) noexcept : - m_pImpl(new Impl(packageId, certsDir)) {} - -TrustAnchor::~TrustAnchor(void) = default; - -int TrustAnchor::install(bool withSystemCerts) noexcept -{ - if (this->m_pImpl == nullptr) - return -1; - - int ret = this->m_pImpl->install(withSystemCerts); - - if (ret != 0) { - ERROR("Failed to intall ACTA. Remove custom directory for rollback."); - this->m_pImpl->uninstall(true); - } - - return ret; -} - -int TrustAnchor::uninstall(void) noexcept -{ - if (this->m_pImpl == nullptr) - return -1; - - return this->m_pImpl->uninstall(); -} - -int TrustAnchor::launch(bool withSystemCerts) noexcept -{ - if (this->m_pImpl == nullptr) - return -1; - - return this->m_pImpl->launch(withSystemCerts); -} - -} // namespace transec diff --git a/src/transec/TrustAnchor.h b/src/transec/TrustAnchor.h deleted file mode 100644 index ee2bd9c..0000000 --- a/src/transec/TrustAnchor.h +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file TrustAnchor.h - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Trust anchor C++ API header - */ -#pragma once - -#include <sys/types.h> -#include <string> -#include <memory> - -namespace transec { - -class TrustAnchor { -public: - explicit TrustAnchor(const std::string &packageId, - const std::string &certsDir, - uid_t uid) noexcept; - explicit TrustAnchor(const std::string &packageId, - const std::string &certsDir) noexcept; - virtual ~TrustAnchor(void); - - TrustAnchor(const TrustAnchor &) = delete; - TrustAnchor(TrustAnchor &&) = delete; - TrustAnchor &operator=(const TrustAnchor &) = delete; - TrustAnchor &operator=(TrustAnchor &&) = delete; - - int install(bool withSystemCerts) noexcept; - int uninstall(void) noexcept; - int launch(bool withSystemCerts) noexcept; - -private: - class Impl; - std::unique_ptr<Impl> m_pImpl; -}; - -} // namespace transec diff --git a/src/transec/tanchor/error.h b/src/transec/tanchor/error.h deleted file mode 100644 index d91264e..0000000 --- a/src/transec/tanchor/error.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -/** - * @file error.h - * @brief Error enums and defines. - */ - - -#ifndef TRUST_ANCHOR_ERROR_H -#define TRUST_ANCHOR_ERROR_H - - -#include <errno.h> - - -#ifdef __cplusplus -extern "C" { -#endif - - -#define TRUST_ANCHOR_ERROR_BASE -0x01000000 - - -/** - * @brief Enumeration for trust anchor error values. - */ -typedef enum { - TRUST_ANCHOR_ERROR_NONE = 0, - TRUST_ANCHOR_ERROR_INVALID_PARAMETER = -EINVAL, - TRUST_ANCHOR_ERROR_OUT_OF_MEMORY = -ENOMEM, - TRUST_ANCHOR_ERROR_INTERNAL = TRUST_ANCHOR_ERROR_BASE | 0x01 -} trust_anchor_error_e; - - -#ifdef __cplusplus -} /* extern */ -#endif - - -#endif /* TRUST_ANCHOR_ERROR_H */ diff --git a/src/transec/tanchor/trust-anchor.h b/src/transec/tanchor/trust-anchor.h deleted file mode 100644 index 274efbb..0000000 --- a/src/transec/tanchor/trust-anchor.h +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - - -/** - * @file trust-anchor.h - * @brief Trust anchor CAPI header - */ - - -#ifndef TRUST_ANCHOR_H -#define TRUST_ANCHOR_H - - -#include <stddef.h> -#include <sys/types.h> - - -#ifdef __cplusplus -extern "C" { -#endif - - -/** - * @brief Install trust anchor for global app. - * @details App custom certificates would be installed on system. - * This function should be called before trust_anchor_global_launch(). - * @param[in] package_id Global package id - * @param[in] app_certificates_path App custom certificates path - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_launch() - * @see trust_anchor_global_uninstall() - */ -int trust_anchor_global_install(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates); - - -/** - * @brief Install trust anchor for user app. - * @details App custom certificates would be installed on system. - * This function should be called before trust_anchor_usr_launch(). - * @param[in] package_id User package id - * @param[in] app_certificates_path App custom certificates path - * @param[in] uid user id - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_usr_launch() - * @see trust_anchor_usr_uninstall() - */ -int trust_anchor_usr_install(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates); - - -/** - * @brief Launch trust anchor for global app. - * @details After lauching trust anchor, app can use custom certificates. - * @param[in] package_id Global package id - * @param[in] app_certificates_path App custom certificates path - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_install() - */ -int trust_anchor_global_launch(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates); - - -/** - * @brief Launch trust anchor for user app. - * @details After lauching trust anchor, app can use custom certificates. - * @param[in] package_id User package id - * @param[in] app_certificates_path App custom certificates path - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_install() - */ -int trust_anchor_usr_launch(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates); - - -/** - * @brief Uninstall trust anchor for global app. - * @param[in] package_id Global package id - * @param[in] app_certificates_path App custom certificates path - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_install() - */ -int trust_anchor_global_uninstall(const char *package_id, - const char *app_certificates_path); - - -/** - * @brief Uninstall trust anchor for user app. - * @param[in] package_id User package id - * @param[in] app_certificates_path App custom certificates path - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_usr_install() - */ -int trust_anchor_usr_uninstall(const char *package_id, - const char *app_certificates_path, - uid_t uid); - - -#ifdef __cplusplus -} /* extern */ -#endif - - -#endif /* TRUST_ANCHOR_H */ diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 7118186..5950646 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -17,7 +17,6 @@ SET(TARGET_CAPI_TEST "cert-svc-tests-capi") SET(TARGET_PKCS12_TEST "cert-svc-tests-pkcs12") SET(TARGET_VCORE_TEST "cert-svc-tests-vcore") SET(TARGET_PLUGIN_SAMPLE "cert-svc-validator-plugin") -SET(TARGET_TRANSEC_TEST "cert-svc-tests-transec") PKG_CHECK_MODULES(TEST_DEP REQUIRED @@ -55,4 +54,3 @@ ADD_SUBDIRECTORY(pkcs12) ADD_SUBDIRECTORY(vcore) ADD_SUBDIRECTORY(plugin) ADD_SUBDIRECTORY(upgrade) -ADD_SUBDIRECTORY(transec) diff --git a/tests/transec/CMakeLists.txt b/tests/transec/CMakeLists.txt deleted file mode 100644 index 8d06282..0000000 --- a/tests/transec/CMakeLists.txt +++ /dev/null @@ -1,64 +0,0 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Sangwan Kwon (sangwan.kwon@samsung.com) -# @breif -# -SET(TEST_SRCS - main.cpp - test-util.cpp - test-capi-installer.cpp - test-capi-launcher.cpp - test-installer.cpp - test-launcher.cpp - test-certificate.cpp -) - -SET(TEST_TRANSEC_PATH "${CERT_SVC_TESTS}/transec") -ADD_DEFINITIONS("-DTEST_TRANSEC_PATH=\"${TEST_TRANSEC_PATH}\"") - -INCLUDE_DIRECTORIES( - . - SYSTEM - ${PROJECT_SOURCE_DIR}/src/transec -) - -ADD_EXECUTABLE(${TARGET_TRANSEC_TEST} - ${TEST_SRCS} - ${DPL_TEST_SOURCES} -) - -TARGET_LINK_LIBRARIES(${TARGET_TRANSEC_TEST} - ${TARGET_VCORE_LIB} - ${TARGET_TRANSEC_LIB} - ${TEST_DEP_LIBRARIES} -) - -INSTALL(TARGETS - ${TARGET_TRANSEC_TEST} - DESTINATION - ${BIN_DIR} - PERMISSIONS - OWNER_READ - OWNER_WRITE - OWNER_EXECUTE - GROUP_READ - GROUP_EXECUTE - WORLD_READ - WORLD_EXECUTE -) - -ADD_SUBDIRECTORY(resource) -ADD_SUBDIRECTORY(script) diff --git a/tests/transec/main.cpp b/tests/transec/main.cpp deleted file mode 100644 index 3b1a265..0000000 --- a/tests/transec/main.cpp +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file main.cpp - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief This file is the implementation file of main - */ - -#include <dpl/test/test_runner.h> - -int main(int argc, char *argv[]) -{ - VcoreDPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv); - return 0; -} - diff --git a/tests/transec/resource/CMakeLists.txt b/tests/transec/resource/CMakeLists.txt deleted file mode 100644 index 5a8a5c4..0000000 --- a/tests/transec/resource/CMakeLists.txt +++ /dev/null @@ -1,20 +0,0 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Sangwan Kwon (sangwan.kwon@samsung.com) -# @breif -# - -INSTALL(DIRECTORY certs DESTINATION ${TEST_TRANSEC_PATH}) diff --git a/tests/transec/resource/certs/02265526.0 b/tests/transec/resource/certs/02265526.0 deleted file mode 100644 index 5084b67..0000000 --- a/tests/transec/resource/certs/02265526.0 +++ /dev/null @@ -1,31 +0,0 @@ -# alias=Entrust Root Certification Authority - G2 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC -VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50 -cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs -IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz -dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy -NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu -dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt -dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0 -aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj -YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK -AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T -RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN -cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW -wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1 -U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0 -jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP -BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN -BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/ -jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ -Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v -1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R -nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH -VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBLMB4GCCsGAQUFBwMD -BggrBgEFBQcDBAYIKwYBBQUHAwEMKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9u -IEF1dGhvcml0eSAtIEcy ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/024dc131.0 b/tests/transec/resource/certs/024dc131.0 deleted file mode 100644 index 3b52c82..0000000 --- a/tests/transec/resource/certs/024dc131.0 +++ /dev/null @@ -1,49 +0,0 @@ -# alias=Microsec e-Szigno Root CA -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAw -cjELMAkGA1UEBhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNy -b3NlYyBMdGQuMRQwEgYDVQQLEwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9z -ZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0MDYxMjI4NDRaFw0xNzA0MDYxMjI4 -NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVzdDEWMBQGA1UEChMN -TWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMTGU1p -Y3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2u -uO/TEdyB5s87lozWbxXGd36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+ -LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/NoqdNAoI/gqyFxuEPkEeZlApxcpMqyabA -vjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjcQR/Ji3HWVBTji1R4P770 -Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJPqW+jqpx -62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcB -AQRbMFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3Aw -LQYIKwYBBQUHMAKGIWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAP -BgNVHRMBAf8EBTADAQH/MIIBcwYDVR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIB -AQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3LmUtc3ppZ25vLmh1L1NaU1ov -MIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0AdAB2AOEAbgB5 -ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn -AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABT -AHoAbwBsAGcA4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABh -ACAAcwB6AGUAcgBpAG4AdAAgAGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABo -AHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMAegBpAGcAbgBvAC4AaAB1AC8AUwBa -AFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6Ly93d3cuZS1zemln -bm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NOPU1p -Y3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxP -PU1pY3Jvc2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZv -Y2F0aW9uTGlzdDtiaW5hcnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuB -EGluZm9AZS1zemlnbm8uaHWkdzB1MSMwIQYDVQQDDBpNaWNyb3NlYyBlLVN6aWdu -w7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhTWjEWMBQGA1UEChMNTWlj -cm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhVMIGsBgNV -HSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJI -VTERMA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDAS -BgNVBAsTC2UtU3ppZ25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBS -b290IENBghEAzLjnv04pGv2i3GalHCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS -8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMTnGZjWS7KXHAM/IO8VbH0jgds -ZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FEaGAHQzAxQmHl -7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a -86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfR -hUZLphK3dehKyVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/ -MPMMNz7UwiiAc7EBt51alhQBS6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICUwOzAe -BggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMBDBlNaWNyb3NlYyBlLVN6aWdu -byBSb290IENB ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/03179a64.0 b/tests/transec/resource/certs/03179a64.0 deleted file mode 100644 index d1c10a5..0000000 --- a/tests/transec/resource/certs/03179a64.0 +++ /dev/null @@ -1,37 +0,0 @@ -# alias=Staat der Nederlanden EV Root CA -# trust=CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO -TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh -dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y -MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg -TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS -b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS -M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC -UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d -Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p -rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l -pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb -j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC -KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS -/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X -cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH -1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP -px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB -/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7 -MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI -eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u -2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS -v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC -wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy -CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e -vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6 -Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa -Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL -eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8 -FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc -7uzXLjAuMAoGCCsGAQUFBwMBDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9v -dCBDQQ== ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/034868d6.0 b/tests/transec/resource/certs/034868d6.0 deleted file mode 100644 index 2cd5791..0000000 --- a/tests/transec/resource/certs/034868d6.0 +++ /dev/null @@ -1,39 +0,0 @@ -# alias=Swisscom Root EV CA 2 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAw -ZzELMAkGA1UEBhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdp -dGFsIENlcnRpZmljYXRlIFNlcnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290 -IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcNMzEwNjI1MDg0NTA4WjBnMQswCQYD -VQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2Vy -dGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYgQ0Eg -MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7Bx -UglgRCgzo3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD -1ycfMQ4jFrclyxy0uYAyXhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPH -oCE2G3pXKSinLr9xJZDzRINpUKTk4RtiGZQJo/PDvO/0vezbE53PnUgJUmfANykR -HvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8LiqG12W0OfvrSdsyaGOx9/ -5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaHZa0zKcQv -idm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHL -OdAGalNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaC -NYGu+HuB5ur+rPQam3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f -46Fq9mDU5zXNysRojddxyNMkM3OxbPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCB -UWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDixzgHcgplwLa7JSnaFp6LNYth -7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/BAQDAgGGMB0G -A1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED -MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWB -bj2ITY1x0kbBbkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6x -XCX5145v9Ydkn+0UjrgEjihLj6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98T -PLr+flaYC/NUn81ETm484T4VvwYmneTwkLbUwp4wLh/vx3rEUMfqe9pQy3omywC0 -Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7XwgiG/W9mR4U9s70 -WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH59yL -Gn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm -7JFe3VE/23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4S -nr8PyQUQ3nqjsTzyP6WqJ3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VN -vBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyAHmBR3NdUIR7KYndP+tiPsys6DXhyyWhB -WkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/giuMod89a2GQ+fYWVq6nTI -fI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuWl8PVP3wb -I+2ksx0WckNLIOFZfsLorSa/ovcwLTAUBggrBgEFBQcDAwYIKwYBBQUHAwEMFVN3 -aXNzY29tIFJvb3QgRVYgQ0EgMg== ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/062cdee6.0 b/tests/transec/resource/certs/062cdee6.0 deleted file mode 100644 index 43be67d..0000000 --- a/tests/transec/resource/certs/062cdee6.0 +++ /dev/null @@ -1,26 +0,0 @@ -# alias=GlobalSign Root CA - R3 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4G -A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp -Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4 -MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEG -A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWtiHL8 -RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsT -gHeMCOFJ0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmm -KPZpO/bLyCiR5Z2KYVc3rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zd -QQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjlOCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZ -XriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2xmmFghcCAwEAAaNCMEAw -DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI/wS3+o -LkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZU -RUm7lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMp -jjM5RcOO5LlXbKr8EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK -6fBdRoyV3XpYKBovHd7NADdBj+1EbddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQX -mcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18YIvDQVETI53O9zJrlAGomecs -Mx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7rkpeDMdmztcpH -WD9fMDkwHgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDAQwXR2xvYmFsU2ln -biBSb290IENBIC0gUjM= ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/064e0aa9.0 b/tests/transec/resource/certs/064e0aa9.0 deleted file mode 100644 index e247755..0000000 --- a/tests/transec/resource/certs/064e0aa9.0 +++ /dev/null @@ -1,36 +0,0 @@ -# alias=QuoVadis Root CA 2 G3 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQEL -BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc -BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00 -MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM -aW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIgRzMwggIiMA0GCSqG -SIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFhZiFf -qq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMW -n4rjyduYNM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ym -c5GQYaYDFCDy54ejiK2toIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+ -O7q414AB+6XrW7PFXmAqMaCvN+ggOp+oMiwMzAkd056OXbxMmO7FGmh77FOm6RQ1 -o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+lV0POKa2Mq1W/xPtbAd0j -IaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZoL1NesNKq -IcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz -8eQQsSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43eh -vNURG3YBZwjgQQvD6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l -7ZizlWNof/k19N+IxWA1ksB8aRxhlRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALG -cC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB -BjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZIhvcNAQELBQAD -ggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 -AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RC -roijQ1h5fq7KpVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0Ga -W/ZZGYjeVYg3UQt4XAoeo0L9x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4n -lv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgzdWqTHBLmYF5vHX/JHyPLhGGfHoJE -+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6XU/IyAgkwo1jwDQHV -csaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+NwmNtd -dbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNg -KCLjsZWDzYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeM -HVOyToV7BjjHLPj4sHKNJeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4 -WSr2Rz0ZiC3oheGe7IUIarFsNMkd7EgrO3jtZsSOeWmD3n+MMC0wFAYIKwYBBQUH -AwMGCCsGAQUFBwMBDBVRdW9WYWRpcyBSb290IENBIDIgRzM= ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/080911ac.0 b/tests/transec/resource/certs/080911ac.0 deleted file mode 100644 index d1ccc64..0000000 --- a/tests/transec/resource/certs/080911ac.0 +++ /dev/null @@ -1,39 +0,0 @@ -# alias=QuoVadis Root CA -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC -TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz -MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw -IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR -dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG -9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp -li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D -rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ -WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug -F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU -xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC -Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv -dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw -ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl -IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh -c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy -ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh -Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI -KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T -KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq -y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p -dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD -VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL -MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk -fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8 -7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R -cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y -mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW -xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK -SnQ2+TAyMB4GCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUHAwEMEFF1b1ZhZGlz -IFJvb3QgQ0E= ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/0810ba98.0 b/tests/transec/resource/certs/0810ba98.0 deleted file mode 100644 index b84050e..0000000 --- a/tests/transec/resource/certs/0810ba98.0 +++ /dev/null @@ -1,43 +0,0 @@ -# alias=Root CA Generalitat Valenciana -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJF -UzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJ -R1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcN -MDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3WjBoMQswCQYDVQQGEwJFUzEfMB0G -A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScw -JQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+ -WmmmO3I2F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKj -SgbwJ/BXufjpTjJ3Cj9BZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGl -u6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQD0EbtFpKd71ng+CT516nDOeB0/RSrFOy -A8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXteJajCq+TA81yc477OMUxk -Hl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMBAAGjggM7 -MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBr -aS5ndmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIIC -IwYKKwYBBAG/VQIBADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8A -cgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIA -YQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIAYQBsAGkAdABhAHQAIABWAGEA -bABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQByAGEAYwBpAPMA -bgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA -aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMA -aQBvAG4AYQBtAGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQA -ZQAgAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEA -YwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBuAHQAcgBhACAAZQBuACAAbABhACAA -ZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAAOgAvAC8AdwB3AHcA -LgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0dHA6 -Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+y -eAT8MIGVBgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQsw -CQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0G -A1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVu -Y2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRhTvW1yEICKrNcda3Fbcrn -lD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdzCkj+IHLt -b8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg -9J63NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XF -ducTZnV+ZfsBn5OHiJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmC -IoaZM3Fa6hlXPZHNqcCjbgcTpsnt+GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMMw -QDAeBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMBDB5Sb290IENBIEdlbmVy -YWxpdGF0IFZhbGVuY2lhbmE= ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/09789157.0 b/tests/transec/resource/certs/09789157.0 deleted file mode 100644 index 9afcf40..0000000 --- a/tests/transec/resource/certs/09789157.0 +++ /dev/null @@ -1,29 +0,0 @@ -# alias=Starfield Services Root Certificate Authority - G2 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoT -HFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVs -ZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 -MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy -ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2Vy -dmljZXMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20p -OsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm2 -8xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4PahHQUw2eeBGg6345AWh1K -Ts9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLPLJGmpufe -hRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk -6mFBrMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAw -DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+q -AdcwKziIorhtSpzyEZGDMA0GCSqGSIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMI -bw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPPE95Dz+I0swSdHynVv/heyNXB -ve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTyxQGjhdByPq1z -qwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd -iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn -0q23KXB56jzaYyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCN -sSi6MEowFAYIKwYBBQUHAwMGCCsGAQUFBwMBDDJTdGFyZmllbGQgU2VydmljZXMg -Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMg== ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/0b1b94ef.0 b/tests/transec/resource/certs/0b1b94ef.0 deleted file mode 100644 index 41c4c8a..0000000 --- a/tests/transec/resource/certs/0b1b94ef.0 +++ /dev/null @@ -1,37 +0,0 @@ -# alias=CFCA EV ROOT -# trust=CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJD -TjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9y -aXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkx -MjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5j -aWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNBIEVWIFJP -T1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnVBU03 -sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpL -TIpTUnrD7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5 -/ZOkVIBMUtRSqy5J35DNuF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp -7hZZLDRJGqgG16iI0gNyejLi6mhNbiyWZXvKWfry4t3uMCz7zEasxGPrb382KzRz -EpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7xzbh72fROdOXW3NiGUgt -hxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9fpy25IGvP -a931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqot -aK8KgWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNg -TnYGmE69g60dWIolhdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfV -PKPtl8MeNPo4+QgO48BdK4PRVmrJtqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hv -cWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAfBgNVHSMEGDAWgBTj/i39KNAL -tbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAd -BgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB -ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObT -ej/tUxPQ4i9qecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdL -jOztUmCypAbqTuv0axn96/Ua4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBS -ESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sGE5uPhnEFtC+NiWYzKXZUmhH4J/qy -P5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfXBDrDMlI1Dlb4pd19 -xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjnaH9d -Ci77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN -5mydLIhyPDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe -/v5WOaHIz16eGWRGENoXkbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+Z -AAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3CekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ -5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63suMBowCgYIKwYBBQUHAwEM -DENGQ0EgRVYgUk9PVA== ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/0c4c9b6c.0 b/tests/transec/resource/certs/0c4c9b6c.0 deleted file mode 100644 index f009e26..0000000 --- a/tests/transec/resource/certs/0c4c9b6c.0 +++ /dev/null @@ -1,47 +0,0 @@ -# alias=Global Chambersign Root - 2008 -# trust=CKA_TRUST_CODE_SIGNING CKA_TRUST_EMAIL_PROTECTION CKA_TRUST_SERVER_AUTH -# distrust= -# openssl-trust=codeSigning emailProtection serverAuth ------BEGIN TRUSTED CERTIFICATE----- -MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYD -VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0 -IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3 -MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD -aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMxNDBaFw0zODA3MzEx -MjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy -cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG -A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl -BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI -hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed -KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7 -G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2 -zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4 -ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG -HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2 -Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V -yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e -beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r -6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh -wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog -zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW -BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr -ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp -ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk -cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt -YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC -CQDJzdPp1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow -KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI -hvcNAQEFBQADggIBAICIf3DekijZBZRG/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZ -UohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6ReAJ3spED8IXDneRRXoz -X1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/sdZ7LoR/x -fxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVz -a2Mg9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yyd -Yhz2rXzdpjEetrHHfoUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMd -SqlapskD7+3056huirRXhOukP9DuqqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9O -AP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETrP3iZ8ntxPjzxmKfFGBI/5rso -M0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVqc5iJWzouE4ge -v8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z -09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/BMEAw -HgYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDAQweR2xvYmFsIENoYW1iZXJz -aWduIFJvb3QgLSAyMDA4 ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/resource/certs/0d1b923b.0 b/tests/transec/resource/certs/0d1b923b.0 deleted file mode 100644 index 89cdef2..0000000 --- a/tests/transec/resource/certs/0d1b923b.0 +++ /dev/null @@ -1,32 +0,0 @@ -# alias=S-TRUST Authentication and Encryption Root CA 2005 PN -# trust=CKA_TRUST_EMAIL_PROTECTION -# distrust= -# openssl-trust=emailProtection ------BEGIN TRUSTED CERTIFICATE----- -MIIEezCCA2OgAwIBAgIQNxkY5lNUfBq1uMtZWts1tzANBgkqhkiG9w0BAQUFADCB -rjELMAkGA1UEBhMCREUxIDAeBgNVBAgTF0JhZGVuLVd1ZXJ0dGVtYmVyZyAoQlcp -MRIwEAYDVQQHEwlTdHV0dGdhcnQxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fz -c2VuIFZlcmxhZyBHbWJIMT4wPAYDVQQDEzVTLVRSVVNUIEF1dGhlbnRpY2F0aW9u -IGFuZCBFbmNyeXB0aW9uIFJvb3QgQ0EgMjAwNTpQTjAeFw0wNTA2MjIwMDAwMDBa -Fw0zMDA2MjEyMzU5NTlaMIGuMQswCQYDVQQGEwJERTEgMB4GA1UECBMXQmFkZW4t -V3VlcnR0ZW1iZXJnIChCVykxEjAQBgNVBAcTCVN0dXR0Z2FydDEpMCcGA1UEChMg -RGV1dHNjaGVyIFNwYXJrYXNzZW4gVmVybGFnIEdtYkgxPjA8BgNVBAMTNVMtVFJV -U1QgQXV0aGVudGljYXRpb24gYW5kIEVuY3J5cHRpb24gUm9vdCBDQSAyMDA1OlBO -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bVKwdMz6tNGs9HiTNL1 -toPQb9UY6ZOvJ44TzbUlNlA0EmQpoVXhOmCTnijJ4/Ob4QSwI7+Vio5bG0F/WsPo -TUzVJBY+h0jUJ67m91MduwwA7z5hca2/OnpYH5Q9XIHV1W/fuJvS9eXLg3KSwlOy -ggLrra1fFi2SU3bxibYs9cEv4KdKb6AwajLrmnQDaHgTncovmwsdvs91DSaXm8f1 -XgqfeN+zvOyauu9VjxuapgdjKRdZYgkqeQd3peDRF2npW932kKvimAoA0SVtnteF -hy+S8dF2g08LOlk3KC8zpxdQ1iALCvQm+Z845y2kuJuJja2tyWp9iRe79n+Ag3rm -7QIDAQABo4GSMIGPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEG -MCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTVFJvbmxpbmUxLTIwNDgtNTAdBgNV -HQ4EFgQUD8oeXHngovMpttKFswtKtWXsa1IwHwYDVR0jBBgwFoAUD8oeXHngovMp -ttKFswtKtWXsa1IwDQYJKoZIhvcNAQEFBQADggEBAK8B8O0ZPCjoTVy7pWMciDMD -pwCHpB8gq9Yc4wYfl35UvbfRssnV2oDsF9eK9XvCAPbpEW+EoFolMeKJ+aQAPzFo -LtU96G7m1R08P7K9n3frndOMusDXtk3sU5wPBG7qNWdX4wple5A64U8+wwCSersF -iXOMy6ZNwPv2AtawB6MDwidAnwzkhYItr5pCHdDHjfhA7p0GVxzZotiAFP7hYy0y -h9WUUpY6RsZxlj33mA6ykaqP2vROJAA5VeitF7nTNCtKqUDMFypVZUF0Qn71wK/I -k63yGFs9iQzbRzkk+OBM8h+wPQrKBU6JIRrjKpms/H+h8Q8bHz2eBIPdltkdOpQw -QzAKBggrBgEFBQcDBAw1Uy1UUlVTVCBBdXRoZW50aWNhdGlvbiBhbmQgRW5jcnlw -dGlvbiBSb290IENBIDIwMDUgUE4= ------END TRUSTED CERTIFICATE----- diff --git a/tests/transec/script/CMakeLists.txt b/tests/transec/script/CMakeLists.txt deleted file mode 100644 index 8d71dd5..0000000 --- a/tests/transec/script/CMakeLists.txt +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file CMakeLists.txt -# @author Sangwan Kwon (sangwan.kwon@samsung.com) -# @breif -# - -CONFIGURE_FILE(pre-test.sh.in pre-test.sh @ONLY) -INSTALL(FILES - pre-test.sh - DESTINATION - ${TEST_TRANSEC_PATH}/script - PERMISSIONS - OWNER_READ - OWNER_WRITE - OWNER_EXECUTE - GROUP_READ - GROUP_EXECUTE - WORLD_READ - WORLD_EXECUTE) diff --git a/tests/transec/script/pre-test.sh.in b/tests/transec/script/pre-test.sh.in deleted file mode 100755 index b6df41a..0000000 --- a/tests/transec/script/pre-test.sh.in +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash -PATH=/bin:/usr/bin:/sbin:/usr/sbin - -# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# @file pre-test.sh.in -# @author Sangwan Kwon (sangwan.kwon@samsung.com) -# @brief set permission script for test -# - -TEST_TRANSEC=@BIN_DIR@/@TARGET_TRANSEC_TEST@ - -# change owner to system -chown @USER_NAME@:@GROUP_NAME@ $TEST_TRANSEC - -# run test program as owner -chmod 4755 $TEST_TRANSEC - -# launch() needs CAP_SYS_ADMIN -setcap cap_sys_admin+ep $TEST_TRANSEC diff --git a/tests/transec/test-capi-installer.cpp b/tests/transec/test-capi-installer.cpp deleted file mode 100644 index 4dae1f0..0000000 --- a/tests/transec/test-capi-installer.cpp +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-capi-installer.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Unit test program of Trust Anchor CAPI for installer - */ - -#include <dpl/test/test_runner.h> - -#include "tanchor/trust-anchor.h" - -#include "test-resource.h" - -RUNNER_TEST_GROUP_INIT(T0800_CAPI_TRUST_ANCHOR_INSTALLER) - -RUNNER_TEST(T0801_CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_POSITIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); -} - -RUNNER_TEST(T0802_CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_POSITIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); -} - -RUNNER_TEST(T0803_CAPI_TRUST_ANCHOR_INSTALL_USER_APP_POSITIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); -} - -RUNNER_TEST(T0804_CAPI_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_POSITIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, true); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); -} - -RUNNER_TEST(T0805_CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_NEGATIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, false); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor install should be fail."); -} - -RUNNER_TEST(T0806_CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_NEGATIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, true); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor install should be fail."); -} - -RUNNER_TEST(T0807_CAPI_TRUST_ANCHOR_INSTALL_USER_APP_NEGATIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, false); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor install should be fail."); -} - -RUNNER_TEST(T0808_CAPI_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_NEGATIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, true); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor install should be fail."); -} - -RUNNER_TEST(T0821_CAPI_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_POSITIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); - - ret = trust_anchor_global_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor uninstall should be success."); -} - -RUNNER_TEST(T0822_CAPI_TRUST_ANCHOR_UNINSTALL_USER_APP_POSITIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor install should be success."); - - ret = trust_anchor_usr_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor uninstall should be success."); -} - -RUNNER_TEST(T0823_CAPI_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_NEGATIVE) -{ - int ret = trust_anchor_global_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor uninstall should be fail."); -} - -RUNNER_TEST(T0824_CAPI_TRUST_ANCHOR_UNINSTALL_USER_APP_NEGATIVE) -{ - int ret = trust_anchor_usr_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); - RUNNER_ASSERT_MSG(ret != 0, "Trust Anchor uninstall should be fail."); -} diff --git a/tests/transec/test-capi-launcher.cpp b/tests/transec/test-capi-launcher.cpp deleted file mode 100644 index a941078..0000000 --- a/tests/transec/test-capi-launcher.cpp +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-capi-launcher.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Unit test program of Trust Anchor for launcher - */ - -#include <dpl/test/test_runner.h> - -#include <tanchor/trust-anchor.h> - -#include <unistd.h> - -#include "test-util.h" -#include "test-resource.h" - -RUNNER_TEST_GROUP_INIT(T0500_CAPI_TRUST_ANCHOR_LAUNCER) - -// Launch needs CAP_SYS_ADMIN -RUNNER_TEST(T0501_TRUST_ANCHOR_LAUNCH) -{ - auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS); - auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true); - - // pre-condition - int pid = fork(); - - if (pid == 0) { - ret = trust_anchor_global_launch(DUMMY_PKG_ID, APP_CERTS_DIR, true); - RUNNER_ASSERT_MSG(ret == 0, "Trust Anchor launch should be success."); - - auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS); - RUNNER_ASSERT_MSG(beforeLs != afterLsChild, "Failed to launch."); - - auto afterCatChild = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - RUNNER_ASSERT_MSG(beforeCat != afterCatChild, "Failed to launch."); - - } else { - auto afterLsParent = test::util::ls(TZ_SYS_RO_CA_CERTS); - RUNNER_ASSERT_MSG(beforeLs == afterLsParent, "Failed to launch."); - - auto afterCatParent = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - RUNNER_ASSERT_MSG(beforeCat == afterCatParent, "Failed to launch."); - } -} diff --git a/tests/transec/test-certificate.cpp b/tests/transec/test-certificate.cpp deleted file mode 100644 index dc94e1c..0000000 --- a/tests/transec/test-certificate.cpp +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-certificate.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Unit test program of Certificate - */ - -#include <dpl/test/test_runner.h> - -#include <iostream> - -#include <Certificate.h> - -#include "test-resource.h" - -RUNNER_TEST_GROUP_INIT(T0600_CERTIFICATE) - -using namespace transec; - -RUNNER_TEST(T0601_GET_SUBJECT_NAME_HASH) -{ - try { - Certificate certificate(TEST_PEM_PATH); - auto hash = certificate.getSubjectNameHash(); - RUNNER_ASSERT_MSG(hash.compare(TEST_PEM_HASH) == 0, - "Failed to get proper hash."); - } catch (const std::exception &e) { - std::cout << "std::exception occured." << e.what() << std::endl; - } catch (...) { - std::cout << "Unknown exception occured." << std::endl; - } -} - -RUNNER_TEST(T0602_GET_CERTIFICATE_DATA) -{ - try { - Certificate certificate(TEST_PEM_PATH); - auto data = certificate.getCertificateData(); - RUNNER_ASSERT_MSG(data.compare(TEST_PEM_DATA) == 0, - "Failed to get proper certificate data."); - } catch (const std::exception &e) { - std::cout << "std::exception occured." << e.what() << std::endl; - } catch (...) { - std::cout << "Unknown exception occured." << std::endl; - } -} diff --git a/tests/transec/test-installer.cpp b/tests/transec/test-installer.cpp deleted file mode 100644 index b7398d7..0000000 --- a/tests/transec/test-installer.cpp +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-installer.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Unit test program of Trust Anchor for installer - */ - -#include <dpl/test/test_runner.h> - -#include <TrustAnchor.h> - -#include <sched.h> -#include <unistd.h> - -#include <iostream> - -#include "test-resource.h" - -RUNNER_TEST_GROUP_INIT(T0400_API_TRUST_ANCHOR_INSTALLER) - -using namespace transec; - -RUNNER_TEST(T0401_TRUST_ANCHOR_INSTALL_GLOBAL_APP_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); -} - -RUNNER_TEST(T0402_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); - int ret = ta.install(true); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); -} - -RUNNER_TEST(T0403_TRUST_ANCHOR_INSTALL_USER_APP_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); -} - -RUNNER_TEST(T0404_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - int ret = ta.install(true); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); -} - -RUNNER_TEST(T0405_TRUST_ANCHOR_INSTALL_GLOBAL_APP_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret != 0, "TA install should be fail."); -} - -RUNNER_TEST(T0406_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.install(true); - RUNNER_ASSERT_MSG(ret != 0, "TA install should be fail."); -} - -RUNNER_TEST(T0407_TRUST_ANCHOR_INSTALL_USER_APP_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret != 0, "TA install should be fail."); -} - -RUNNER_TEST(T0408_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); - int ret = ta.install(true); - RUNNER_ASSERT_MSG(ret != 0, "TA install should be fail."); -} - -RUNNER_TEST(T0421_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); - - ret = ta.uninstall(); - RUNNER_ASSERT_MSG(ret == 0, "TA uninstall should be success."); -} - -RUNNER_TEST(T0422_TRUST_ANCHOR_UNINSTALL_USER_APP_POSITIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - int ret = ta.install(false); - RUNNER_ASSERT_MSG(ret == 0, "TA install should be success."); - - ret = ta.uninstall(); - RUNNER_ASSERT_MSG(ret == 0, "TA uninstall should be success."); -} - -RUNNER_TEST(T0423_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.uninstall(); - RUNNER_ASSERT_MSG(ret != 0, "TA uninstall should be fail."); -} - -RUNNER_TEST(T0424_TRUST_ANCHOR_UNINSTALL_USER_APP_NEGATIVE) -{ - TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); - int ret = ta.uninstall(); - RUNNER_ASSERT_MSG(ret != 0, "TA uninstall should be fail."); -} diff --git a/tests/transec/test-launcher.cpp b/tests/transec/test-launcher.cpp deleted file mode 100644 index 6b95660..0000000 --- a/tests/transec/test-launcher.cpp +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-launcher.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Unit test program of Trust Anchor for launcher - */ - -#include <dpl/test/test_runner.h> - -#include <TrustAnchor.h> - -#include <unistd.h> - -#include "test-util.h" -#include "test-resource.h" - -RUNNER_TEST_GROUP_INIT(T0600_API_TRUST_ANCHOR_LAUNCER) - -using namespace transec; - -// Launch needs CAP_SYS_ADMIN -RUNNER_TEST(T0601_TRUST_ANCHOR_LAUNCH) -{ - auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS); - auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - - TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); - int ret = ta.install(true); - - // pre-condition - int pid = fork(); - - if (pid == 0) { - ret = ta.launch(true); - RUNNER_ASSERT_MSG(ret == 0, "TA launch should be success."); - - auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS); - RUNNER_ASSERT_MSG(beforeLs != afterLsChild, "Failed to launch."); - - auto afterCatChild = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - RUNNER_ASSERT_MSG(beforeCat != afterCatChild, "Failed to launch."); - - } else { - auto afterLsParent = test::util::ls(TZ_SYS_RO_CA_CERTS); - RUNNER_ASSERT_MSG(beforeLs == afterLsParent, "Failed to launch."); - - auto afterCatParent = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - RUNNER_ASSERT_MSG(beforeCat == afterCatParent, "Failed to launch."); - } -} diff --git a/tests/transec/test-resource.h b/tests/transec/test-resource.h deleted file mode 100644 index 5531f60..0000000 --- a/tests/transec/test-resource.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-resource.h - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief Test resoure name and paths - */ -#pragma once - -#define DUMMY_PKG_ID "dummmy-pkg-id" -#define DUMMY_UID 5001 -#define DUMMY_CERTS_DIR "/home/dummy" - -#define APP_CERTS_DIR TEST_TRANSEC_PATH "/certs" - -#define TEST_PEM_PATH APP_CERTS_DIR "/02265526.0" -#define TEST_PEM_HASH "02265526" - -#define TEST_PEM_DATA \ - "-----BEGIN TRUSTED CERTIFICATE-----\n" \ - "MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC\n" \ - "VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50\n" \ - "cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs\n" \ - "IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz\n" \ - "dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMDkwNzA3MTcy\n" \ - "NTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu\n" \ - "dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt\n" \ - "dGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0\n" \ - "aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmlj\n" \ - "YXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n" \ - "AoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP/vaCeb9zYQYKpSfYs1/T\n" \ - "RU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXzHHfV1IWN\n" \ - "cCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hW\n" \ - "wcKUs/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1\n" \ - "U1+cPvQXLOZprE4yTGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0\n" \ - "jaWvYkxN4FisZDQSA/i2jZRjJKRxAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAP\n" \ - "BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ60B7vfec7aVHUbI2fkBJmqzAN\n" \ - "BgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5ZiXMRrEPR9RP/\n" \ - "jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ\n" \ - "Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v\n" \ - "1fN2D807iDginWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4R\n" \ - "nAuknZoh8/CbCzB428Hch0P+vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmH\n" \ - "VHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xOe4pIb4tF9jBLMB4GCCsGAQUFBwMD\n" \ - "BggrBgEFBQcDBAYIKwYBBQUHAwEMKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9u\n" \ - "IEF1dGhvcml0eSAtIEcy\n" \ - "-----END TRUSTED CERTIFICATE-----\n" - diff --git a/tests/transec/test-util.cpp b/tests/transec/test-util.cpp deleted file mode 100644 index 38fb534..0000000 --- a/tests/transec/test-util.cpp +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-util.cpp - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief - */ -#include "test-util.h" - -#include <sched.h> - -#include <cstdio> -#include <memory> -#include <vector> - -namespace test { -namespace util { - -std::string ls(const char *path) -{ - using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>; - std::string cmd("/bin/ls "); - cmd.append(path); - - FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose); - if (ls == nullptr) - return std::string(); - - std::vector<char> buf(1024); - std::string ret; - while (::fgets(buf.data(), buf.size(), ls.get())) - ret.append(buf.data()); - - return ret; -} - -std::string cat(const char *path) -{ - using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>; - std::string cmd("/bin/cat "); - cmd.append(path); - - FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose); - if (ls == nullptr) - return std::string(); - - std::vector<char> buf(1024); - std::string ret; - while (::fgets(buf.data(), buf.size(), ls.get())) - ret.append(buf.data()); - - return ret; -} - -} // namespace util -} // namespace test diff --git a/tests/transec/test-util.h b/tests/transec/test-util.h deleted file mode 100644 index e10d706..0000000 --- a/tests/transec/test-util.h +++ /dev/null @@ -1,34 +0,0 @@ -/* - * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file test-util.h - * @author Sangwan Kwon (sangwan.kwon@samsung.com) - * @version 0.1 - * @brief - */ -#pragma once - -#include <stddef.h> -#include <string> - -namespace test { -namespace util { - -std::string ls(const char *path); -std::string cat(const char *path); - -} // namespace util -} // namespace test |