summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsangwan.kwon <sangwan.kwon@samsung.com>2016-02-17 11:31:09 +0900
committersangwan.kwon <sangwan.kwon@samsung.com>2016-02-24 15:07:57 +0900
commita49b608fe94e1c8f6a16f721a24f605967948867 (patch)
treefde92afc97ee046d865e2a8f7cd906b72b6cf1db
parent18e4ddb82a037b7c31b488ffcd96a36a8f32218c (diff)
downloadcert-checker-a49b608fe94e1c8f6a16f721a24f605967948867.tar.gz
cert-checker-a49b608fe94e1c8f6a16f721a24f605967948867.tar.bz2
cert-checker-a49b608fe94e1c8f6a16f721a24f605967948867.zip
* cert-svc API, key-manager API -> pkgmgr-info API Change-Id: I1c3523dd73041f117fab1c1b0012d25c1535defe Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r--packaging/cert-checker.spec2
-rw-r--r--src/certs.cpp144
-rw-r--r--src/include/cchecker/certs.h8
-rw-r--r--tests/test_certs.cpp160
4 files changed, 90 insertions, 224 deletions
diff --git a/packaging/cert-checker.spec b/packaging/cert-checker.spec
index c7ae00c..8ca70c2 100644
--- a/packaging/cert-checker.spec
+++ b/packaging/cert-checker.spec
@@ -1,6 +1,6 @@
Name: cert-checker
Summary: OCSP checking on application installation
-Version: 0.0.2
+Version: 0.0.3
Release: 1
Group: System/Security
License: Apache-2.0
diff --git a/src/certs.cpp b/src/certs.cpp
index d982f41..9c76b71 100644
--- a/src/certs.cpp
+++ b/src/certs.cpp
@@ -27,6 +27,7 @@
#include <memory>
#include <string>
#include <vector>
+#include <map>
#include <vcore/SignatureValidator.h>
#include <vcore/SignatureFinder.h>
#include <vcore/Certificate.h>
@@ -39,6 +40,64 @@
namespace CCHECKER {
+namespace {
+struct PkgmgrinfoCertInfo {
+ PkgmgrinfoCertInfo()
+ {
+ ret = pkgmgrinfo_pkginfo_create_certinfo(&handle);
+ }
+ ~PkgmgrinfoCertInfo()
+ {
+ pkgmgrinfo_pkginfo_destroy_certinfo(handle);
+ }
+
+ pkgmgrinfo_certinfo_h handle;
+ int ret;
+};
+
+static void get_cert_chain(const char *pkgid, uid_t uid, int sig_type, chain_t &chain)
+{
+ LogDebug("Get cert chain start. pkgid : " << pkgid << ", uid : " << uid);
+ int ret;
+ int cert_type;
+ const char *cert_value;
+
+ auto pm_certinfo = std::make_shared<PkgmgrinfoCertInfo>();
+
+ if (pm_certinfo->ret != PMINFO_R_OK) {
+ LogError("Get pkgmgrinfo certinfo failed. ret : " << ret);
+ return;
+ }
+
+ ret = pkgmgrinfo_pkginfo_load_certinfo(pkgid, pm_certinfo->handle, uid);
+ if (ret != PMINFO_R_OK) {
+ LogError("Load pkgmgrinfo certinfo failed. ret : " << ret);
+ return;
+ }
+
+ // add signer, intermediate, root certificates.
+ for (int cert_cnt = 0; cert_cnt < 3; cert_cnt++) {
+ cert_type = sig_type - cert_cnt;
+ ret = pkgmgrinfo_pkginfo_get_cert_value(pm_certinfo->handle,
+ static_cast<pkgmgrinfo_cert_type>(cert_type), &cert_value);
+
+ if (ret != PMINFO_R_OK) {
+ LogError("Get cert value from certinfo failed. ret : " << ret);
+ return;
+ }
+
+ if (cert_value == NULL) {
+ LogDebug("cert_type[" << cert_type << "] is null");
+ } else {
+ LogDebug("Add cert_type[" << cert_type << "] data : " << cert_value);
+ chain.push_back(cert_value);
+ }
+ }
+
+ return;
+}
+}
+
Certs::Certs()
{
m_ckm = CKM::Manager::create();
@@ -49,9 +108,23 @@ Certs::~Certs()
void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
{
- std::vector<std::string> signatures;
- (void) signatures;
+ // build chain using pkgmgr-info
+ std::map<int, int> sig_type;
+ sig_type[AUTHOR_SIG] = PMINFO_AUTHOR_SIGNER_CERT;
+ sig_type[DISTRIBUTOR_SIG] = PMINFO_DISTRIBUTOR_SIGNER_CERT;
+ sig_type[DISTRIBUTOR2_SIG] = PMINFO_DISTRIBUTOR2_SIGNER_CERT;
+
+ for (auto s : sig_type) {
+ chain_t chain;
+ get_cert_chain(app.pkg_id.c_str(), app.uid, s.second, chain);
+
+ if(!chain.empty()) {
+ LogDebug("Add certificates chain to app. Size of chain : " << chain.size());
+ app.signatures.emplace_back(std::move(chain));
+ }
+ }
+ // get ocsp urls using cert-svc
if (0 != tzplatform_set_user(app.uid)) {
LogError("Cannot set user: tzplatform_set_user has failed");
return;
@@ -66,7 +139,6 @@ void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
std::string app_path = std::string(pkg_path) + std::string("/") + app.app_id;
find_app_signatures (app, app_path, ocsp_urls);
}
-
}
/* Since there's no information about application in signal,
@@ -101,6 +173,9 @@ void Certs::search_app (app_t &app, ocsp_urls_t &ocsp_urls)
// Together with certificates we can pull out OCSP URLs
void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls)
{
+ // FIXME : delete unuse parameter
+ (void) app;
+
ValidationCore::SignatureFinder signature_finder(app_path);
ValidationCore::SignatureFileInfoSet signature_files;
@@ -114,19 +189,10 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
LogDebug("Searching for certificates");
for (auto &iter : signature_files) {
LogDebug("Checking signature");
- chain_t chain;
ValidationCore::CertificateList certs;
ValidationCore::SignatureValidator validator(iter);
- if (validator.makeChainBySignature(false, certs) != ValidationCore::E_SIG_NONE) {
- LogError("Signature: " << iter.getFileName() << " of " << app_path.c_str() << " is invalid");
- continue;
- }
for (auto &cert_iter : certs) {
- std::string app_cert = (*cert_iter).getBase64();
- chain.push_back(app_cert);
- LogDebug("Certificate: " << app_cert << " has been added");
-
// check OCSP URL
std::string ocsp_url = (*cert_iter).getOCSPURL();
if (!ocsp_url.empty()) {
@@ -135,66 +201,20 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
url_t url(issuer, ocsp_url, time);
ocsp_urls.push_back(url);
LogDebug("Found OCSP URL: " << ocsp_url << " for issuer: " << issuer << ", time: " << time);
-
}
}
- if (!chain.empty()) {
- app.signatures.push_back(chain);
- LogDebug("Certificates chain added to the app");
- }
}
}
-// We assume that chain is sorted - first element is an end entity
-bool Certs::ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain)
+Certs::ocsp_response_t Certs::check_ocsp_chain (const chain_t &chain)
{
- bool first = true;
- CKM::CertificateShPtr cert_end_entity;
- CKM::CertificateShPtrVector vect_untrusted;
+ CKM::CertificateShPtrVector vect_ckm_chain;
LogDebug("Size of chain: " << chain.size());
-
for (auto &iter : chain) {
CKM::RawBuffer buff(iter.begin(), iter.end());
- CKM::CertificateShPtr cert = CKM::Certificate::create(buff, CKM::DataFormat::FORM_DER_BASE64);
-
- if (!cert) {
- LogError("CKM failed to create certificate");
- return false;
- }
- if (first) {
- first = false;
- cert_end_entity = cert;
- LogDebug("Found end entity certificate");
- }
- else {
- vect_untrusted.push_back(cert);
- LogDebug("Found untrusted certificate");
- }
- }
-
- int ret = m_ckm->getCertificateChain(
- cert_end_entity,
- vect_untrusted,
- CKM::CertificateShPtrVector(),
- true, // useTrustedSystemCertificates
- vect_ckm_chain);
- if (ret != CKM_API_SUCCESS) {
- LogError("CKM getCertificateChain returned: " << ret);
- // TODO: Add handling for different errors codes?
- return false;
- }
-
- return true;
-}
-
-Certs::ocsp_response_t Certs::check_ocsp_chain (const chain_t &chain)
-{
- CKM::CertificateShPtrVector vect_ckm_chain;
-
- if (!ocsp_build_chain(chain, vect_ckm_chain)) {
- LogError("Error while build chain of certificates");
- return Certs::ocsp_response_t::OCSP_CERT_ERROR;
+ auto cert = CKM::Certificate::create(buff, CKM::DataFormat::FORM_DER_BASE64);
+ vect_ckm_chain.emplace_back(std::move(cert));
}
int status = CKM_API_OCSP_STATUS_UNKNOWN;
diff --git a/src/include/cchecker/certs.h b/src/include/cchecker/certs.h
index 643c2c1..9b1d762 100644
--- a/src/include/cchecker/certs.h
+++ b/src/include/cchecker/certs.h
@@ -27,12 +27,19 @@
#include <ckm/ckm-certificate.h>
#include <vcore/Certificate.h>
+#include <pkgmgr-info.h>
#include <cchecker/app.h>
#include <ckm/ckm-manager.h>
namespace CCHECKER {
+enum sig_t {
+ AUTHOR_SIG,
+ DISTRIBUTOR_SIG,
+ DISTRIBUTOR2_SIG
+};
+
class Certs {
public:
enum class ocsp_response_t {
@@ -49,7 +56,6 @@ class Certs {
ocsp_response_t check_ocsp_chain (const chain_t &chain);
void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls);
void search_app (app_t &app, ocsp_urls_t &ocsp_urls);
- bool ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain);
//private:
CKM::ManagerShPtr m_ckm;
diff --git a/tests/test_certs.cpp b/tests/test_certs.cpp
index d5750f7..b206ead 100644
--- a/tests/test_certs.cpp
+++ b/tests/test_certs.cpp
@@ -354,164 +354,4 @@ LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j\
BOOST_REQUIRE(resp == Certs::ocsp_response_t::OCSP_APP_OK);
}
-BOOST_AUTO_TEST_CASE(find_app_signatures_1) {
-
- // App1
- app_t app1("app_id", "pkg_id", 101, {});
- ocsp_urls_t ocsp_urls;
- std::string path1 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app1");
-
- find_app_signatures (app1, path1, ocsp_urls);
- BOOST_REQUIRE(app1.signatures.size() == 2);
- // set signatures/certificates in defined oder;
- sort(app1);
-
- app_t origin1("app_id", "pkg_id", 101, {});
- chain_t chain1 = {"MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG\
-A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD\
-VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB\
-MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI\
-DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG\
-L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph\
-bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE\
-0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn\
-Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C\
-AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ\
-wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ\
-x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w==",
- "MIICpzCCAhCgAwIBAgIJAKzDjmEF+1OXMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSUw\
-IwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQDDBxUaXplbiBUZXN0\
-IERldmVsb3BlciBSb290IENBMB4XDTEyMTAyOTEzMDEyMloXDTIyMTAyNzEzMDEyMlowgYQxCzAJ\
-BgNVBAYTAktSMQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVu\
-IFRlc3QgQ0ExIDAeBgNVBAsMF1RpemVuIERldmVsb3BlciBUZXN0IENBMRswGQYDVQQDDBJUaXpl\
-biBEZXZlbG9wZXIgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMyG0DSTHBgalQo1seDK\
-xpCU61gji+QQlxQkPQOvBrmuF6Z90zFCprTtg2sRjTLCNoRd75+VCCHuKGcrD27t7hwAekusPrpz\
-dsq5QoBMvNjGDM22lC45PJ4d86DEDY4erxeJ5aSQxqbfXK4pKe9NwxdkKuA8dTYZM1UcmhXs7YAL\
-AgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEACbr/OPNMJ+Ejrxfm/YjC\
-iRPpjJLnwXS2IDtitbxot6bEdZkZvOFXOC0Ca4GT+jtvOcSlU7tM3Mdd1MrKe1kkoVd1vhCV8V4C\
-K3/DPj8aN3rxfMfQitA6XMDcxzhsyMWz56OdifX50dvS/G/ad+kGhNhOOEKSE8zUyEDCGwqkfXk="};
-
- chain_t chain2 = {"MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV\
-BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE\
-CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry\
-aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS\
-MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex\
-IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp\
-YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK\
-90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H\
-mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB\
-hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez\
-GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1\
-vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=",
- "MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw\
-IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj\
-IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL\
-MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6\
-ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb\
-VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe\
-OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp\
-bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah\
-2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ\
-KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+\
-yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0\
-VhfnkHwPltmrpYVe"};
-
-
- origin1.signatures.push_back(chain1);
- origin1.signatures.push_back(chain2);
- // set signatures/certificates in defined oder;
- sort(origin1);
-
- LogDebug("APP1: " << app1.str() << ", CERTS: " << app1.str_certs());
- LogDebug("ORIG: " << origin1.str() << ", CERTS: " << origin1.str_certs());
-
- BOOST_REQUIRE(app1 == origin1);
-
- // App_2
- app_t app2("app_id", "pkg_id", 102, {});
- std::string path2 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app_2");
-
- find_app_signatures (app2, path2, ocsp_urls);
- BOOST_REQUIRE(app2.signatures.size() == 1);
- // set signatures/certificates in defined oder;
- sort(app2);
-
-
- chain_t chain3 = {"MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV\
-BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE\
-CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry\
-aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS\
-MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex\
-IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp\
-YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK\
-90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H\
-mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB\
-hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez\
-GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1\
-vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=",
- "MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw\
-IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj\
-IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL\
-MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6\
-ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb\
-VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe\
-OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp\
-bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah\
-2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ\
-KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+\
-yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0\
-VhfnkHwPltmrpYVe"};
-
- app_t origin2("app_id", "pkg_id", 102, {});
- origin2.signatures.push_back(chain3);
-
- // set signatures/certificates in defined oder;
- sort(origin2);
-
- BOOST_REQUIRE(app2 == origin2);
-}
-
-BOOST_AUTO_TEST_CASE(find_app_signatures_negative) {
-
- // App1
- app_t app1("app_id", "pkg_id", 101, {});
- ocsp_urls_t ocsp_urls;
- std::string path1 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app3");
-
- find_app_signatures (app1, path1, ocsp_urls);
- // signature exists, but contains error - should not be parsed
- BOOST_REQUIRE(app1.signatures.empty());
-}
-
-BOOST_AUTO_TEST_CASE(find_app_signatures_mixed) {
-
- app_t app("app_id", "pkg_id", 101, {});
- ocsp_urls_t ocsp_urls;
- std::string path = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app4");
-
- find_app_signatures (app, path, ocsp_urls);
- // 2 signatures exist, but one of them contains error - only one should be parsed
- BOOST_REQUIRE(app.signatures.size() == 1);
-
- app_t origin("app_id", "pkg_id", 101, {});
- chain_t chain = {"MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG\
-A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD\
-VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB\
-MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI\
-DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG\
-L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph\
-bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE\
-0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn\
-Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C\
-AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ\
-wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ\
-x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w=="};
- origin.signatures.push_back(chain);
-
- BOOST_REQUIRE(app == origin);
-}
-
BOOST_AUTO_TEST_SUITE_END()