Change building certificate chain APIsubmit/tizen/20160224.080105accepted/tizen/wearable/20160225.080701accepted/tizen/tv/20160225.080643accepted/tizen/mobile/20160225.080627accepted/tizen/ivi/20160225.080714

 * cert-svc API, key-manager API -> pkgmgr-info API

Change-Id: I1c3523dd73041f117fab1c1b0012d25c1535defe
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>

4 files changed, 90 insertions, 224 deletions

diff --git a/packaging/cert-checker.spec b/packaging/cert-checker.spec
index c7ae00c..8ca70c2 100644
--- a/packaging/cert-checker.spec
+++ b/packaging/cert-checker.spec
@@ -1,6 +1,6 @@
 Name:       cert-checker
 Summary:    OCSP checking on application installation
-Version:    0.0.2
+Version:    0.0.3
 Release:    1
 Group:      System/Security
 License:    Apache-2.0
diff --git a/src/certs.cpp b/src/certs.cpp
index d982f41..9c76b71 100644
--- a/src/certs.cpp
+++ b/src/certs.cpp
@@ -27,6 +27,7 @@
 #include <memory>
 #include <string>
 #include <vector>
+#include <map>
 #include <vcore/SignatureValidator.h>
 #include <vcore/SignatureFinder.h>
 #include <vcore/Certificate.h>
@@ -39,6 +40,64 @@
 
 namespace CCHECKER {
 
+namespace {
+struct PkgmgrinfoCertInfo {
+    PkgmgrinfoCertInfo()
+    {
+        ret = pkgmgrinfo_pkginfo_create_certinfo(&handle);
+    }
+    ~PkgmgrinfoCertInfo()
+    {
+        pkgmgrinfo_pkginfo_destroy_certinfo(handle);
+    }
+
+    pkgmgrinfo_certinfo_h handle;
+    int ret;
+};
+
+static void get_cert_chain(const char *pkgid, uid_t uid, int sig_type, chain_t &chain)
+{
+    LogDebug("Get cert chain start. pkgid : " << pkgid << ", uid : " << uid);
+    int ret;
+    int cert_type;
+    const char *cert_value;
+
+    auto pm_certinfo = std::make_shared<PkgmgrinfoCertInfo>();
+
+    if (pm_certinfo->ret != PMINFO_R_OK) {
+        LogError("Get pkgmgrinfo certinfo failed. ret : " << ret);
+        return;
+    }
+
+    ret = pkgmgrinfo_pkginfo_load_certinfo(pkgid, pm_certinfo->handle, uid);
+    if (ret != PMINFO_R_OK) {
+        LogError("Load pkgmgrinfo certinfo failed. ret : " << ret);
+        return;
+    }
+
+    // add signer, intermediate, root certificates.
+    for (int cert_cnt = 0; cert_cnt < 3; cert_cnt++) {
+        cert_type = sig_type - cert_cnt;
+        ret = pkgmgrinfo_pkginfo_get_cert_value(pm_certinfo->handle,
+                static_cast<pkgmgrinfo_cert_type>(cert_type), &cert_value);
+
+        if (ret != PMINFO_R_OK) {
+            LogError("Get cert value from certinfo failed. ret : " << ret);
+            return;
+        }
+
+        if (cert_value == NULL) {
+            LogDebug("cert_type[" << cert_type << "] is null");
+        } else {
+            LogDebug("Add cert_type[" << cert_type  << "] data : " << cert_value);
+            chain.push_back(cert_value);
+        }
+    }
+
+    return;
+}
+}
+
 Certs::Certs()
 {
     m_ckm = CKM::Manager::create();
@@ -49,9 +108,23 @@ Certs::~Certs()
 
 void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
 {
-    std::vector<std::string> signatures;
-    (void) signatures;
+    // build chain using pkgmgr-info
+    std::map<int, int> sig_type;
+    sig_type[AUTHOR_SIG] = PMINFO_AUTHOR_SIGNER_CERT;
+    sig_type[DISTRIBUTOR_SIG] = PMINFO_DISTRIBUTOR_SIGNER_CERT;
+    sig_type[DISTRIBUTOR2_SIG] = PMINFO_DISTRIBUTOR2_SIGNER_CERT;
+
+    for (auto s : sig_type) {
+        chain_t chain;
+        get_cert_chain(app.pkg_id.c_str(), app.uid, s.second, chain);
+
+        if(!chain.empty()) {
+            LogDebug("Add certificates chain to app. Size of chain : " << chain.size());
+            app.signatures.emplace_back(std::move(chain));
+        }
+    }
 
+    // get ocsp urls using cert-svc
     if (0 != tzplatform_set_user(app.uid)) {
         LogError("Cannot set user: tzplatform_set_user has failed");
         return;
@@ -66,7 +139,6 @@ void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
         std::string app_path = std::string(pkg_path) + std::string("/") + app.app_id;
         find_app_signatures (app, app_path, ocsp_urls);
     }
-
 }
 
 /* Since there's no information about application in signal,
@@ -101,6 +173,9 @@ void Certs::search_app (app_t &app, ocsp_urls_t &ocsp_urls)
 // Together with certificates we can pull out OCSP URLs
 void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls)
 {
+    // FIXME : delete unuse parameter
+    (void) app;
+
     ValidationCore::SignatureFinder signature_finder(app_path);
     ValidationCore::SignatureFileInfoSet signature_files;
 
@@ -114,19 +189,10 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
     LogDebug("Searching for certificates");
     for (auto &iter : signature_files) {
         LogDebug("Checking signature");
-        chain_t chain;
         ValidationCore::CertificateList certs;
         ValidationCore::SignatureValidator validator(iter);
-        if (validator.makeChainBySignature(false, certs) != ValidationCore::E_SIG_NONE) {
-            LogError("Signature: " << iter.getFileName() << " of " << app_path.c_str() << " is invalid");
-            continue;
-        }
 
         for (auto &cert_iter : certs) {
-            std::string app_cert = (*cert_iter).getBase64();
-            chain.push_back(app_cert);
-            LogDebug("Certificate: " << app_cert << " has been added");
-
             // check OCSP URL
             std::string ocsp_url = (*cert_iter).getOCSPURL();
             if (!ocsp_url.empty()) {
@@ -135,66 +201,20 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
                 url_t url(issuer, ocsp_url, time);
                 ocsp_urls.push_back(url);
                 LogDebug("Found OCSP URL: " << ocsp_url << " for issuer: " << issuer << ", time: " << time);
-
             }
         }
-        if (!chain.empty()) {
-            app.signatures.push_back(chain);
-            LogDebug("Certificates chain added to the app");
-        }
     }
 }
 
-// We assume that chain is sorted - first element is an end entity
-bool Certs::ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain)
+Certs::ocsp_response_t Certs::check_ocsp_chain (const chain_t &chain)
 {
-    bool first = true;
-    CKM::CertificateShPtr cert_end_entity;
-    CKM::CertificateShPtrVector vect_untrusted;
+    CKM::CertificateShPtrVector vect_ckm_chain;
 
     LogDebug("Size of chain: " << chain.size());
-
     for (auto &iter : chain) {
         CKM::RawBuffer buff(iter.begin(), iter.end());
-        CKM::CertificateShPtr cert = CKM::Certificate::create(buff, CKM::DataFormat::FORM_DER_BASE64);
-
-        if (!cert) {
-            LogError("CKM failed to create certificate");
-            return false;
-        }
-        if (first) {
-            first = false;
-            cert_end_entity = cert;
-            LogDebug("Found end entity certificate");
-        }
-        else {
-            vect_untrusted.push_back(cert);
-            LogDebug("Found untrusted certificate");
-        }
-    }
-
-    int ret = m_ckm->getCertificateChain(
-            cert_end_entity,
-            vect_untrusted,
-            CKM::CertificateShPtrVector(),
-            true, // useTrustedSystemCertificates
-            vect_ckm_chain);
-    if (ret != CKM_API_SUCCESS) {
-        LogError("CKM getCertificateChain returned: " << ret);
-        // TODO: Add handling for different errors codes?
-        return false;
-    }
-
-    return true;
-}
-
-Certs::ocsp_response_t Certs::check_ocsp_chain (const chain_t &chain)
-{
-    CKM::CertificateShPtrVector vect_ckm_chain;
-
-    if (!ocsp_build_chain(chain, vect_ckm_chain)) {
-        LogError("Error while build chain of certificates");
-        return Certs::ocsp_response_t::OCSP_CERT_ERROR;
+        auto cert = CKM::Certificate::create(buff, CKM::DataFormat::FORM_DER_BASE64);
+        vect_ckm_chain.emplace_back(std::move(cert));
     }
 
     int status = CKM_API_OCSP_STATUS_UNKNOWN;
diff --git a/src/include/cchecker/certs.h b/src/include/cchecker/certs.h
index 643c2c1..9b1d762 100644
--- a/src/include/cchecker/certs.h
+++ b/src/include/cchecker/certs.h
@@ -27,12 +27,19 @@
 
 #include <ckm/ckm-certificate.h>
 #include <vcore/Certificate.h>
+#include <pkgmgr-info.h>
 
 #include <cchecker/app.h>
 #include <ckm/ckm-manager.h>
 
 namespace CCHECKER {
 
+enum sig_t {
+    AUTHOR_SIG,
+    DISTRIBUTOR_SIG,
+    DISTRIBUTOR2_SIG
+};
+
 class Certs {
     public:
         enum class ocsp_response_t {
@@ -49,7 +56,6 @@ class Certs {
         ocsp_response_t check_ocsp_chain (const chain_t &chain);
         void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls);
         void search_app (app_t &app, ocsp_urls_t &ocsp_urls);
-        bool ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain);
 
     //private:
         CKM::ManagerShPtr m_ckm;
diff --git a/tests/test_certs.cpp b/tests/test_certs.cpp
index d5750f7..b206ead 100644
--- a/tests/test_certs.cpp
+++ b/tests/test_certs.cpp
@@ -354,164 +354,4 @@ LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j\
     BOOST_REQUIRE(resp == Certs::ocsp_response_t::OCSP_APP_OK);
 }
 
-BOOST_AUTO_TEST_CASE(find_app_signatures_1) {
-
-    // App1
-    app_t app1("app_id", "pkg_id", 101, {});
-    ocsp_urls_t ocsp_urls;
-    std::string path1 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app1");
-
-    find_app_signatures (app1, path1, ocsp_urls);
-    BOOST_REQUIRE(app1.signatures.size() == 2);
-    // set signatures/certificates in defined oder;
-    sort(app1);
-
-    app_t origin1("app_id", "pkg_id", 101, {});
-    chain_t chain1 = {"MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG\
-A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD\
-VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB\
-MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI\
-DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG\
-L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph\
-bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE\
-0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn\
-Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C\
-AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ\
-wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ\
-x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w==",
-            "MIICpzCCAhCgAwIBAgIJAKzDjmEF+1OXMA0GCSqGSIb3DQEBBQUAMIGTMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSUw\
-IwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQDDBxUaXplbiBUZXN0\
-IERldmVsb3BlciBSb290IENBMB4XDTEyMTAyOTEzMDEyMloXDTIyMTAyNzEzMDEyMlowgYQxCzAJ\
-BgNVBAYTAktSMQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVu\
-IFRlc3QgQ0ExIDAeBgNVBAsMF1RpemVuIERldmVsb3BlciBUZXN0IENBMRswGQYDVQQDDBJUaXpl\
-biBEZXZlbG9wZXIgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMyG0DSTHBgalQo1seDK\
-xpCU61gji+QQlxQkPQOvBrmuF6Z90zFCprTtg2sRjTLCNoRd75+VCCHuKGcrD27t7hwAekusPrpz\
-dsq5QoBMvNjGDM22lC45PJ4d86DEDY4erxeJ5aSQxqbfXK4pKe9NwxdkKuA8dTYZM1UcmhXs7YAL\
-AgMBAAGjEDAOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEACbr/OPNMJ+Ejrxfm/YjC\
-iRPpjJLnwXS2IDtitbxot6bEdZkZvOFXOC0Ca4GT+jtvOcSlU7tM3Mdd1MrKe1kkoVd1vhCV8V4C\
-K3/DPj8aN3rxfMfQitA6XMDcxzhsyMWz56OdifX50dvS/G/ad+kGhNhOOEKSE8zUyEDCGwqkfXk="};
-
-    chain_t chain2 = {"MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV\
-BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE\
-CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry\
-aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS\
-MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex\
-IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp\
-YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK\
-90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H\
-mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB\
-hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez\
-GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1\
-vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=",
-            "MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw\
-IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj\
-IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL\
-MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6\
-ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb\
-VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe\
-OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp\
-bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah\
-2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ\
-KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+\
-yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0\
-VhfnkHwPltmrpYVe"};
-
-
-    origin1.signatures.push_back(chain1);
-    origin1.signatures.push_back(chain2);
-    // set signatures/certificates in defined oder;
-    sort(origin1);
-
-    LogDebug("APP1: " << app1.str() << ", CERTS: " << app1.str_certs());
-    LogDebug("ORIG: " << origin1.str() << ", CERTS: " << origin1.str_certs());
-
-    BOOST_REQUIRE(app1 == origin1);
-
-    // App_2
-    app_t app2("app_id", "pkg_id", 102, {});
-    std::string path2 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app_2");
-
-    find_app_signatures (app2, path2, ocsp_urls);
-    BOOST_REQUIRE(app2.signatures.size() == 1);
-    // set signatures/certificates in defined oder;
-    sort(app2);
-
-
-    chain_t chain3 = {"MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV\
-BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE\
-CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry\
-aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS\
-MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex\
-IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp\
-YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK\
-90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H\
-mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB\
-hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez\
-GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1\
-vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=",
-                "MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO\
-MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw\
-IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj\
-IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL\
-MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6\
-ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb\
-VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe\
-OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp\
-bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah\
-2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ\
-KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+\
-yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0\
-VhfnkHwPltmrpYVe"};
-
-    app_t origin2("app_id", "pkg_id", 102, {});
-    origin2.signatures.push_back(chain3);
-
-    // set signatures/certificates in defined oder;
-    sort(origin2);
-
-    BOOST_REQUIRE(app2 == origin2);
-}
-
-BOOST_AUTO_TEST_CASE(find_app_signatures_negative) {
-
-    // App1
-    app_t app1("app_id", "pkg_id", 101, {});
-    ocsp_urls_t ocsp_urls;
-    std::string path1 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app3");
-
-    find_app_signatures (app1, path1, ocsp_urls);
-    // signature exists, but contains error - should not be parsed
-    BOOST_REQUIRE(app1.signatures.empty());
-}
-
-BOOST_AUTO_TEST_CASE(find_app_signatures_mixed) {
-
-    app_t app("app_id", "pkg_id", 101, {});
-    ocsp_urls_t ocsp_urls;
-    std::string path = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app4");
-
-    find_app_signatures (app, path, ocsp_urls);
-    // 2 signatures exist, but one of them contains error - only one should be parsed
-    BOOST_REQUIRE(app.signatures.size() == 1);
-
-    app_t origin("app_id", "pkg_id", 101, {});
-    chain_t chain = {"MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG\
-A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD\
-VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB\
-MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI\
-DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG\
-L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph\
-bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE\
-0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn\
-Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C\
-AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ\
-wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ\
-x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w=="};
-    origin.signatures.push_back(chain);
-
-    BOOST_REQUIRE(app == origin);
-}
-
 BOOST_AUTO_TEST_SUITE_END()