summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJanusz Kozerski <j.kozerski@samsung.com>2015-08-04 11:59:59 +0200
committerJanusz Kozerski <j.kozerski@samsung.com>2015-09-08 09:40:51 +0200
commitae4a130374e96d383e09571f2e098ef237e28418 (patch)
treebe1aec96429587bebab0b8395326c4dde558c56d
parent4373c73514186ce90d71a0486447fa66dcf0a6c1 (diff)
downloadcert-checker-ae4a130374e96d383e09571f2e098ef237e28418.tar.gz
cert-checker-ae4a130374e96d383e09571f2e098ef237e28418.tar.bz2
cert-checker-ae4a130374e96d383e09571f2e098ef237e28418.zip
Use new cert-svc-vcore API: makeChainBySignature()
This change includes adding cert_order in DB. Chain of certificates should be created while reading/parsing signature. Certificates should be put into DB in right order - first should go end entity certificate. DB ensures that certificates will be loaded into the buffer in exactly same order (end entity will be the first element on the list). Verification: Run tests, all should pass. Change-Id: I09571bab7862bdb539dd3a957330fe23d687b48f
-rw-r--r--db/cert-checker.sql3
-rw-r--r--db/cert-checker.xml3
-rw-r--r--src/app.cpp2
-rw-r--r--src/certs.cpp137
-rw-r--r--src/db/sql_query.cpp18
-rw-r--r--src/include/cchecker/certs.h4
-rw-r--r--tests/CMakeLists.txt7
-rw-r--r--tests/app_event_operators.cpp12
-rw-r--r--tests/app_event_operators.h2
-rw-r--r--tests/files/app3/signature1.xml80
-rw-r--r--tests/files/app4/author-signature.xml61
-rw-r--r--tests/files/app4/signature1.xml79
-rw-r--r--tests/test_app.cpp91
-rw-r--r--tests/test_certs.cpp40
-rw-r--r--tests/test_db.cpp20
15 files changed, 380 insertions, 179 deletions
diff --git a/db/cert-checker.sql b/db/cert-checker.sql
index 2503e7c..9ef86f4 100644
--- a/db/cert-checker.sql
+++ b/db/cert-checker.sql
@@ -33,6 +33,9 @@ CREATE TABLE IF NOT EXISTS chains_to_check (
CREATE TABLE IF NOT EXISTS certs_to_check (
chain_id INTEGER NOT NULL,
certificate TEXT NOT NULL,
+ cert_order INTEGER NOT NULL,
+
+ UNIQUE (chain_id, cert_order),
PRIMARY KEY (chain_id, certificate),
FOREIGN KEY (chain_id) REFERENCES chains_to_check(chain_id) ON DELETE CASCADE
diff --git a/db/cert-checker.xml b/db/cert-checker.xml
index e72b044..f3ee60f 100644
--- a/db/cert-checker.xml
+++ b/db/cert-checker.xml
@@ -92,6 +92,9 @@
<row name="certificates" null="0" autoincrement="0">
<datatype>MEDIUMTEXT</datatype>
<default>'NULL'</default></row>
+<row name="cert_order" null="0" autoincrement="0">
+<datatype>INTEGER</datatype>
+<default>NULL</default></row>
<key type="PRIMARY" name="">
<part>certificates</part>
<part>chain_id</part>
diff --git a/src/app.cpp b/src/app.cpp
index 08b79a5..29a9b2d 100644
--- a/src/app.cpp
+++ b/src/app.cpp
@@ -65,9 +65,11 @@ std::string app_t::str_certs(void) const
std::stringstream ss;
for (const auto &iter : signatures) {
+ ss << " { ";
for (const auto iter_cert : iter) {
ss << "\"" << iter_cert << "\", ";
}
+ ss << " } ,";
}
return ss.str();
}
diff --git a/src/certs.cpp b/src/certs.cpp
index 277546d..d2d44e0 100644
--- a/src/certs.cpp
+++ b/src/certs.cpp
@@ -27,11 +27,9 @@
#include <memory>
#include <string>
#include <vector>
-#include <vcore/CertificateCollection.h>
-#include <vcore/SignatureReader.h>
+#include <vcore/SignatureValidator.h>
#include <vcore/SignatureFinder.h>
-#include <vcore/WrtSignatureValidator.h>
-#include <vcore/VCore.h>
+#include <vcore/Certificate.h>
#include <ckm/ckm-type.h>
#include <ckm/ckm-raw-buffer.h>
#include <tzplatform_config.h>
@@ -39,23 +37,15 @@
#include <cchecker/certs.h>
#include <cchecker/log.h>
-namespace {
-const std::string signatureXmlSchemaPath = std::string(tzplatform_getenv(TZ_SYS_SHARE))
- + std::string("/app-installers/signature_schema.xsd");
-}
-
namespace CCHECKER {
Certs::Certs()
{
- ValidationCore::VCoreInit();
m_ckm = CKM::Manager::create();
}
Certs::~Certs()
-{
- ValidationCore::VCoreDeinit();
-}
+{}
void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
{
@@ -122,36 +112,31 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
LogDebug("Number of signature files: " << signature_files.size());
LogDebug("Searching for certificates");
- for (auto iter = signature_files.begin(); iter != signature_files.end(); iter++) {
- chain_t chain;
+ for (auto &iter : signature_files) {
LogDebug("Checking signature");
- ValidationCore::SignatureData data(app_path + std::string("/") + (*iter).getFileName(),
- (*iter).getFileNumber());
- LogDebug("signatureXmlSchemaPath: " << signatureXmlSchemaPath);
- try {
- ValidationCore::SignatureReader reader;
- reader.initialize(data, signatureXmlSchemaPath);
- reader.read(data);
- ValidationCore::CertificateList certs = data.getCertList();
- for (auto cert_iter = certs.begin(); cert_iter != certs.end(); cert_iter++ ){
- std::string app_cert = (*cert_iter)->getBase64();
- chain.push_back(app_cert);
- LogDebug("Certificate: " << app_cert << " has been added");
-
- // check OCSP URL
- std::string ocsp_url = (*cert_iter)->getOCSPURL();
- if (ocsp_url != std::string("")) {
- std::string issuer = (*cert_iter)->getCommonName(ValidationCore::Certificate::FIELD_ISSUER);
- int64_t time = (*cert_iter)->getNotBefore();
- url_t url(issuer, ocsp_url, time);
- ocsp_urls.push_back(url);
- LogDebug("Found OCSP URL: " << ocsp_url << " for issuer: " << issuer << ", time: " << time);
-
- }
+ chain_t chain;
+ ValidationCore::CertificateList certs;
+ if (ValidationCore::SignatureValidator::makeChainBySignature(iter, false, certs) !=
+ ValidationCore::SignatureValidator::SIGNATURE_VALID) {
+ LogError("Signature: " << iter.getFileName() << " of " << app_path.c_str() << " is invalid");
+ continue;
+ }
+
+ for (auto &cert_iter : certs) {
+ std::string app_cert = (*cert_iter).getBase64();
+ chain.push_back(app_cert);
+ LogDebug("Certificate: " << app_cert << " has been added");
+
+ // check OCSP URL
+ std::string ocsp_url = (*cert_iter).getOCSPURL();
+ if (!ocsp_url.empty()) {
+ std::string issuer = (*cert_iter).getCommonName(ValidationCore::Certificate::FIELD_ISSUER);
+ int64_t time = (*cert_iter).getNotBefore();
+ url_t url(issuer, ocsp_url, time);
+ ocsp_urls.push_back(url);
+ LogDebug("Found OCSP URL: " << ocsp_url << " for issuer: " << issuer << ", time: " << time);
+
}
- } catch (const ValidationCore::ParserSchemaException::Base& exception) {
- // Needs to catch parser exceptions
- LogError("Error occured in ParserSchema: " << exception.DumpToString());
}
if (!chain.empty()) {
app.signatures.push_back(chain);
@@ -160,66 +145,26 @@ void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_u
}
}
-bool Certs::ocsp_create_list (const chain_t &chain, ValidationCore::CertificateList &certs_list)
+// We assume that chain is sorted - first element is an end entity
+bool Certs::ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain)
{
- ValidationCore::CertificateCollection collection;
- ValidationCore::CertificateList list;
-
- LogDebug("Chain size: " << chain.size());
- for (auto &iter : chain) {
- try {
- ValidationCore::CertificatePtr p_cert(
- new ValidationCore::Certificate(iter, ValidationCore::Certificate::FORM_BASE64));
- list.push_back(p_cert);
- } catch (const ValidationCore::Certificate::Exception::Base& exception) {
- LogError("Error while creating certificate from BASE64: " << exception.DumpToString());
- return false;
- }
- LogDebug("Load certificate to list: " << list.size());
- }
-
- // Function collection.load which takes certificate in std::string BASE64 fails for some reason,
- // so load(const CertificateList &certList) is used.
- collection.load(list);
- LogDebug("Load certificate to CertificateCollection: " << collection.size());
-
- if (!collection.sort()) {
- LogError("Cannot make chain of certificates");
- // What to do if chain cannot be build?
- return false;
- }
-
- if (collection.isChain()) {
- LogDebug("Build chain succeed, size: " << collection.size());
- } else {
- LogError("Building chain failed");
- return false;
- }
-
- certs_list = collection.getCertificateList();
-
- return true;
-}
-
-bool Certs::ocsp_build_chain (const ValidationCore::CertificateList &certs_list, CKM::CertificateShPtrVector &vect_ckm_chain)
-{
- CKM::CertificateShPtrVector vect_untrusted;
-
bool first = true;
CKM::CertificateShPtr cert_end_entity;
- LogDebug("Size of certs_list: " << certs_list.size());
- for (auto &iter : certs_list) {
- std::string cert_cp(iter->getBase64());
- CKM::RawBuffer buff(cert_cp.begin(), cert_cp.end());
+ CKM::CertificateShPtrVector vect_untrusted;
+
+ LogDebug("Size of chain: " << chain.size());
+
+ for (auto &iter : chain) {
+ CKM::RawBuffer buff(iter.begin(), iter.end());
CKM::CertificateShPtr cert = CKM::Certificate::create(buff, CKM::DataFormat::FORM_DER_BASE64);
if (!cert) {
- LogDebug("CKM failed to create certificate");
+ LogError("CKM failed to create certificate");
return false;
}
- else if (first) {
- cert_end_entity = cert;
+ if (first) {
first = false;
+ cert_end_entity = cert;
LogDebug("Found end entity certificate");
}
else {
@@ -245,15 +190,9 @@ bool Certs::ocsp_build_chain (const ValidationCore::CertificateList &certs_list,
Certs::ocsp_response_t Certs::check_ocsp_chain (const chain_t &chain)
{
- ValidationCore::CertificateList certs_list;
- if (!ocsp_create_list(chain, certs_list)) {
- LogError("Error while build list of certificates");
- return Certs::ocsp_response_t::OCSP_CERT_ERROR;
- }
-
CKM::CertificateShPtrVector vect_ckm_chain;
- if (!ocsp_build_chain(certs_list, vect_ckm_chain)) {
+ if (!ocsp_build_chain(chain, vect_ckm_chain)) {
LogError("Error while build chain of certificates");
return Certs::ocsp_response_t::OCSP_CERT_ERROR;
}
diff --git a/src/db/sql_query.cpp b/src/db/sql_query.cpp
index ad77553..b171bf5 100644
--- a/src/db/sql_query.cpp
+++ b/src/db/sql_query.cpp
@@ -36,6 +36,7 @@ namespace {
#define DB_CERTIFICATE 108
#define DB_VERIFIED 109
#define DB_CHAIN_ID 110
+ #define DB_CERT_ORDER 111
// This changes define into question mark and a number in quotes
// e.g. _(DB_ISSUER) -> "?" "101"
@@ -68,7 +69,7 @@ namespace {
"INSERT INTO chains_to_check(check_id) VALUES(" _(DB_CHECK_ID) ");";
const char *DB_CMD_ADD_CERT =
- "INSERT INTO certs_to_check(chain_id, certificate) VALUES(" _(DB_CHAIN_ID) ", " _(DB_CERTIFICATE) ");";
+ "INSERT INTO certs_to_check(chain_id, certificate, cert_order) VALUES(" _(DB_CHAIN_ID) ", " _(DB_CERTIFICATE) ", " _(DB_CERT_ORDER) ");";
const char *DB_CMD_GET_CHAINS =
"SELECT chain_id FROM chains_to_check INNER JOIN to_check ON chains_to_check.check_id=to_check.check_id WHERE to_check.app_id="
@@ -81,7 +82,7 @@ namespace {
"SELECT app_id, pkg_id, uid, verified FROM to_check";
const char *DB_CMD_GET_CERTS =
- "SELECT certificate FROM certs_to_check WHERE chain_id=" _(DB_CHAIN_ID) ";";
+ "SELECT certificate FROM certs_to_check WHERE chain_id=" _(DB_CHAIN_ID) " ORDER BY cert_order ASC;";
const char *DB_CMD_SET_APP_AS_VERIFIED =
"UPDATE to_check SET verified=" _(DB_VERIFIED) " WHERE check_id=" _(DB_CHECK_ID) ";";
@@ -253,13 +254,16 @@ bool SqlQuery::add_app_to_check_list(const app_t &app)
for (const auto &iter : app.signatures) {
// Add chain
if (add_chain_id(check_id, chain_id)) {
- // add certificates from chain
+ // add certificates from chain in right order (start with 1) - end entity go first
+ int32_t cert_order = 1;
for (const auto &iter_cert : iter) {
SqlConnection::DataCommandAutoPtr addCertCommand =
m_connection->PrepareDataCommand(DB_CMD_ADD_CERT);
addCertCommand->BindInt32(DB_CHAIN_ID, chain_id);
addCertCommand->BindString(DB_CERTIFICATE, iter_cert.c_str());
+ addCertCommand->BindInt32(DB_CERT_ORDER, cert_order);
addCertCommand->Step();
+ cert_order++;
LogDebug("Certificate for app " << app.app_id << "added");
}
} else {
@@ -268,9 +272,9 @@ bool SqlQuery::add_app_to_check_list(const app_t &app)
return false;
}
- }
- m_connection->CommitTransaction();
- return true;
+ }
+ m_connection->CommitTransaction();
+ return true;
}
void SqlQuery::remove_app_from_check_list(const app_t &app)
@@ -336,7 +340,7 @@ void SqlQuery::get_app_list(std::list<app_t> &apps_buffer)
getChainsCommand->BindString(DB_PKG_ID, iter_app.pkg_id.c_str());
getChainsCommand->BindInt32(DB_UID, iter_app.uid);
- // Get all certs from chain
+ // Get all certs from chain - certs will be sorted - end entity go first
while (getChainsCommand->Step()) {
chain_t chain;
int32_t chain_id;
diff --git a/src/include/cchecker/certs.h b/src/include/cchecker/certs.h
index 7da95e6..643c2c1 100644
--- a/src/include/cchecker/certs.h
+++ b/src/include/cchecker/certs.h
@@ -49,9 +49,7 @@ class Certs {
ocsp_response_t check_ocsp_chain (const chain_t &chain);
void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls);
void search_app (app_t &app, ocsp_urls_t &ocsp_urls);
- bool ocsp_create_list(const chain_t &chain, ValidationCore::CertificateList &certs_list);
- bool ocsp_build_chain (const ValidationCore::CertificateList &certs_list,
- CKM::CertificateShPtrVector &vect_ckm_chain);
+ bool ocsp_build_chain (const chain_t &chain, CKM::CertificateShPtrVector &vect_ckm_chain);
//private:
CKM::ManagerShPtr m_ckm;
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index c8183ae..62800da 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -95,6 +95,13 @@ INSTALL(FILES
INSTALL(FILES
files/app_2/signature1.xml
DESTINATION ${TEST_APP_SIGNATURES_DIR}/app_2/)
+INSTALL(FILES
+ files/app3/signature1.xml
+ DESTINATION ${TEST_APP_SIGNATURES_DIR}/app3/)
+INSTALL(FILES
+ files/app4/author-signature.xml
+ files/app4/signature1.xml
+ DESTINATION ${TEST_APP_SIGNATURES_DIR}/app4/)
INSTALL(TARGETS ${TARGET_CERT_CHECKER_TESTS} DESTINATION ${BINDIR})
INSTALL(TARGETS ${TARGET_CERT_CHECKER_POPUP_TEST} DESTINATION ${BINDIR})
diff --git a/tests/app_event_operators.cpp b/tests/app_event_operators.cpp
index 1d26d60..6fb2c2e 100644
--- a/tests/app_event_operators.cpp
+++ b/tests/app_event_operators.cpp
@@ -27,11 +27,17 @@
namespace CCHECKER {
-void sort(app_t &app)
+void sort_buffer(std::list<app_t> &buff)
{
- for (auto &iter : app.signatures) {
- iter.sort();
+ for (auto &iter : buff) {
+ sort(iter);
}
+
+ buff.sort();
+}
+
+void sort(app_t &app)
+{
app.signatures.sort();
}
diff --git a/tests/app_event_operators.h b/tests/app_event_operators.h
index 3e96d28..2638c19 100644
--- a/tests/app_event_operators.h
+++ b/tests/app_event_operators.h
@@ -28,6 +28,8 @@
namespace CCHECKER {
+void sort_buffer(std::list<app_t> &buff);
+
void sort(app_t &app);
bool operator ==(const app_t &app1, const app_t &app2);
bool operator !=(const app_t &app1, const app_t &app2);
diff --git a/tests/files/app3/signature1.xml b/tests/files/app3/signature1.xml
new file mode 100644
index 0000000..483467e
--- /dev/null
+++ b/tests/files/app3/signature1.xml
@@ -0,0 +1,80 @@
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="DistributorSignature">
+<SignedInfo>
+<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod>
+<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod>
+<Reference URI="author-signature.xml">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>STd01qoNmkFKYFkHtIfTNzz44Sooj4yPcbnpPMvNXrA=</DigestValue>
+</Reference>
+<Reference URI="images/tizen_32.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="icon.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="js/main.js">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>gJORpAB1ok2tUJx0JeQkk9ByvXOQLMG4BMddjCQxYBs=</DigestValue>
+</Reference>
+<Reference URI="index.html">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>yckSRw904y3goDeL/oBnL0BM2kWy22cS4l8EFOrnhbM=</DigestValue>
+</Reference>
+<Reference URI="css/style.css">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>mVyzTIt7toDjqJDyK8zFNfUxuVnC7msv17Oai/+NZdI=</DigestValue>
+</Reference>
+<Reference URI="config.xml">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>n6D6h7VGH+8sz01o3wJNEWZNaoOQ2u3Lr2u1lcxkR9Y=</DigestValue>
+</Reference>
+<Reference URI="#prop">
+<Transforms>
+<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"></Transform>
+</Transforms>
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>u/jU3U4Zm5ihTMSjKGlGYbWzDfRkGphPPHx3gJIYEJ4=</DigestValue>
+</Reference>
+</SignedInfo>
+<SignatureValue>
+fxRqA7mM4PjJLYYTgz2nnV7VNmBvHU17VY3uAEKShLlYclmvj5GKNfdmlHrSd08KxMcHiqSJc1OE
+up2BNsnJ3UHIV6LLqFlOqdybXg3CH8jPiHWKG8Ns8xbljpIemRq5p3ZrMZdaTXjmP4B92GoWEdo2
+5uFbrpGzZLxpxnyAxLE=
+</SignatureValue_Bad_signature-should*not_parse>
+<KeyInfo>
+<X509Data>
+<X509Certificate>
+MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV
+BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE
+CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry
+aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS
+MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex
+IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp
+YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK
+90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H
+mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB
+hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez
+GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1
+vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=
+</X509Certificate>
+<X509Certificate>
+MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO
+MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw
+IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj
+IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL
+MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6
+ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb
+VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe
+OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp
+bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah
+2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ
+KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+
+yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0
+VhfnkHwPltmrpYVe
+</X509Certificate>
+</X509Data>
+</KeyInfo>
+<Object Id="prop"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"><SignatureProperty Id="profile" Target="#DistributorSignature"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"></dsp:Profile></SignatureProperty><SignatureProperty Id="role" Target="#DistributorSignature"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor"></dsp:Role></SignatureProperty><SignatureProperty Id="identifier" Target="#DistributorSignature"><dsp:Identifier></dsp:Identifier></SignatureProperty></SignatureProperties></Object>
+</Signature>
diff --git a/tests/files/app4/author-signature.xml b/tests/files/app4/author-signature.xml
new file mode 100644
index 0000000..13458b8
--- /dev/null
+++ b/tests/files/app4/author-signature.xml
@@ -0,0 +1,61 @@
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="AuthorSignature">
+<SignedInfo>
+<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod>
+<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod>
+<Reference URI="images/tizen_32.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="icon.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="js/main.js">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>gJORpAB1ok2tUJx0JeQkk9ByvXOQLMG4BMddjCQxYBs=</DigestValue>
+</Reference>
+<Reference URI="index.html">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>yckSRw904y3goDeL/oBnL0BM2kWy22cS4l8EFOrnhbM=</DigestValue>
+</Reference>
+<Reference URI="css/style.css">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>mVyzTIt7toDjqJDyK8zFNfUxuVnC7msv17Oai/+NZdI=</DigestValue>
+</Reference>
+<Reference URI="config.xml">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>KXS856VpStHxKdsgVoSkzgI0faEpYC0wTg2+ahLwCEk=</DigestValue>
+</Reference>
+<Reference URI="#prop">
+<Transforms>
+<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"></Transform>
+</Transforms>
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>lpo8tUDs054eLlBQXiDPVDVKfw30ZZdtkRs1jd7H5K8=</DigestValue>
+</Reference>
+</SignedInfo>
+<SignatureValue>
+QBiwbw/ChRHbNgpCMP5ht2U/BX9sfBgKFTmxEsxywtl1QUBRi+XbK3fhjt+SqBwv32RtEq0TouwB
+7rthEpLNj9R+GJwCdjNpl79kEvZcY+KaWk2gSXsQ5THtnN9wXxfi95ke84lOpbQ6+y8pPzLbEx5Q
+yYdu4jOAIscr2NV9bbM=
+</SignatureValue>
+<KeyInfo>
+<X509Data>
+<X509Certificate>
+MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG
+A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD
+VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB
+MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI
+DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG
+L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph
+bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE
+0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn
+Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ
+wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ
+x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w==
+</X509Certificate>
+</X509Data>
+</KeyInfo>
+<Object Id="prop"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"><SignatureProperty Id="profile" Target="#AuthorSignature"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"></dsp:Profile></SignatureProperty><SignatureProperty Id="role" Target="#AuthorSignature"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-author"></dsp:Role></SignatureProperty><SignatureProperty Id="identifier" Target="#AuthorSignature"><dsp:Identifier></dsp:Identifier></SignatureProperty></SignatureProperties></Object>
+</Signature>
diff --git a/tests/files/app4/signature1.xml b/tests/files/app4/signature1.xml
new file mode 100644
index 0000000..f525fac
--- /dev/null
+++ b/tests/files/app4/signature1.xml
@@ -0,0 +1,79 @@
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="DistributorSignature">
+<SignedInfo>
+<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod>
+<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod>
+<Reference URI="author-signature.xml">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>STd01qoNmkFKYFkHtIfTNzz44Sooj4yPcbnpPMvNXrA=</DigestValue>
+</Reference>
+<Reference URI="images/tizen_32.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="icon.png">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>eDr9ZPFlGlapLDnI1BiALwqovNdBvx3Aspc/lWOH3WI=</DigestValue>
+</Reference>
+<Reference URI="js/main.js">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>gJORpAB1ok2tUJx0JeQkk9ByvXOQLMG4BMddjCQxYBs=</DigestValue>
+</Reference>
+<Reference URI="index.html">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>yckSRw904y3goDeL/oBnL0BM2kWy22cS4l8EFOrnhbM=</DigestValue>
+</Reference>
+<Reference URI="css/style.css">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>mVyzTIt7toDjqJDyK8zFNfUxuVnC7msv17Oai/+NZdI=</DigestValue>
+</Reference>
+<Reference URI="config.xml">
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>n6D6h7VGH+8sz01o3wJNEWZNaoOQ2u3Lr2u1lcxkR9Y=</DigestValue>
+</Reference>
+<Reference URI="#prop">
+<Transforms>
+<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"></Transform>
+</Transforms>
+<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod>
+<DigestValue>u/jU3U4Zm5ihTMSjKGlGYbWzDfRkGphPPHx3gJIYEJ4=</DigestValue>
+</Reference>
+</SignedInfo>
+<SignatureValue>
+fxRqA7mM4PjJLYYTgz2nnV7VNmBvHU17VY3uAEKShLlYclmvj5GKNfdmlHrSd08KxMcHiqSJc1OE
+up2BNsnJ3UHIV6LLqFlOqdybXg3CH8jPiHWKG8Ns8xbljpIemRq5p3ZrMZdaTXjmP4B92GoWEdo2
+5uFbrpGzZLxpxnyAxLE=
+<KeyInfo>
+<X509Data>
+<X509Certificate>
+MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV
+BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE
+CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry
+aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS
+MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex
+IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp
+YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK
+90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H
+mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB
+hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez
+GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1
+vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc=
+</X509Certificate>
+<X509Certificate>
+MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO
+MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw
+IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj
+IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL
+MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6
+ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb
+VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe
+OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp
+bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah
+2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ
+KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+
+yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0
+VhfnkHwPltmrpYVe
+</X509Certificate>
+</X509Data>
+</KeyInfo>
+<Object Id="prop"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"><SignatureProperty Id="profile" Target="#DistributorSignature"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"></dsp:Profile></SignatureProperty><SignatureProperty Id="role" Target="#DistributorSignature"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor"></dsp:Role></SignatureProperty><SignatureProperty Id="identifier" Target="#DistributorSignature"><dsp:Identifier></dsp:Identifier></SignatureProperty></SignatureProperties></Object>
+</Signature>
diff --git a/tests/test_app.cpp b/tests/test_app.cpp
index 20bf905..295d724 100644
--- a/tests/test_app.cpp
+++ b/tests/test_app.cpp
@@ -35,31 +35,19 @@ BOOST_AUTO_TEST_CASE(App_positive) {
app_t app1("app_1", "pkg_1", 5001, {{"aaaaaa"}});
app_t app2("app_1", "pkg_1", 5001, {{"aaaaaa"}});
- app_t app3("app_2", "pkg_1", 5002, {{"aaa", "bbbb"}});
- app_t app4("app_2", "pkg_1", 5002, {{"bbbb", "aaa"}});
+ app_t app3("app_2", "pkg_1", 5002, {{"aaa", "bbbb"}, {"ccccc"}});
+ app_t app4("app_2", "pkg_1", 5002, {{"ccccc"}, {"aaa", "bbbb"}});
chain_t chain411 = {"cert_4.1", "cert 4.2"};
- chain_t chain412 = {"cert 4.2", "cert_4.1"};
chain_t chain421 = {"cert_4.2.1", "cert 4.2.2", "cert 4.2.3"};
- chain_t chain422 = {"cert 4.2.2", "cert 4.2.3", "cert_4.2.1"};
- chain_t chain423 = {"cert 4.2.3", "cert_4.2.1", "cert 4.2.2"};
- chain_t chain424 = {"cert_4.2.1", "cert 4.2.3", "cert 4.2.2"};
- chain_t chain425 = {"cert 4.2.3", "cert 4.2.2", "cert_4.2.1"};
- chain_t chain426 = {"cert 4.2.2", "cert_4.2.1", "cert 4.2.3"};
chain_t chain43 = {"cert_4.3.1"};
app_t app5("app_3", "pkg_1", 5003, {chain411, chain421, chain43});
- app_t app6("app_3", "pkg_1", 5003, {chain411, chain422, chain43});
- app_t app7("app_3", "pkg_1", 5003, {chain411, chain423, chain43});
- app_t app8("app_3", "pkg_1", 5003, {chain411, chain424, chain43});
- app_t app9("app_3", "pkg_1", 5003, {chain411, chain425, chain43});
- app_t app10("app_3", "pkg_1", 5003, {chain411, chain426, chain43});
- app_t app11("app_3", "pkg_1", 5003, {chain412, chain421, chain43});
- app_t app12("app_3", "pkg_1", 5003, {chain412, chain422, chain43});
- app_t app13("app_3", "pkg_1", 5003, {chain412, chain423, chain43});
- app_t app14("app_3", "pkg_1", 5003, {chain412, chain424, chain43});
- app_t app15("app_3", "pkg_1", 5003, {chain412, chain425, chain43});
- app_t app16("app_3", "pkg_1", 5003, {chain412, chain426, chain43});
+ app_t app6("app_3", "pkg_1", 5003, {chain421, chain411, chain43});
+ app_t app7("app_3", "pkg_1", 5003, {chain411, chain43, chain421});
+ app_t app8("app_3", "pkg_1", 5003, {chain421, chain43, chain411});
+ app_t app9("app_3", "pkg_1", 5003, {chain43, chain411, chain421});
+ app_t app10("app_3", "pkg_1", 5003, {chain43, chain421, chain411});
sort(app1);
sort(app2);
@@ -71,12 +59,6 @@ BOOST_AUTO_TEST_CASE(App_positive) {
sort(app8);
sort(app9);
sort(app10);
- sort(app11);
- sort(app12);
- sort(app13);
- sort(app14);
- sort(app15);
- sort(app16);
BOOST_REQUIRE(app1 == app2);
@@ -87,13 +69,6 @@ BOOST_AUTO_TEST_CASE(App_positive) {
BOOST_REQUIRE(app7 == app8);
BOOST_REQUIRE(app8 == app9);
BOOST_REQUIRE(app9 == app10);
- BOOST_REQUIRE(app10 == app11);
- BOOST_REQUIRE(app11 == app12);
- BOOST_REQUIRE(app12 == app13);
- BOOST_REQUIRE(app13 == app14);
- BOOST_REQUIRE(app14 == app15);
- BOOST_REQUIRE(app15 == app16);
- BOOST_REQUIRE(app16 == app5);
}
BOOST_AUTO_TEST_CASE(App_negative) {
@@ -104,14 +79,19 @@ BOOST_AUTO_TEST_CASE(App_negative) {
app_t app4("app_2", "pkg_2", 5002, {{"aaaaaa"}});
chain_t chain411 = {"cert_4.1", "cert 4.2"};
- chain_t chain412 = {"cert_4.1"};
+ chain_t chain412 = {"cert 4.2", "cert_4.1"};
chain_t chain421 = {"cert_4.2.1", "cert 4.2.2", "cert 4.2.3"};
- chain_t chain422 = {"" "cert 4.2.3", "cert_4.2.1"};
- chain_t chain423 = {"cert", "cert_4.2.1", "cert 4.2.2"};
- chain_t chain424 = {"cert_4.2.1", " ", "cert 4.2.2"};
- chain_t chain425 = {"cert 4.2.3", "cert 4.2.2"};
- chain_t chain426 = {"cert 4.2", "cert_4.2", "cert 4.2"};
+ chain_t chain422 = {"cert_4.2.1", "cert 4.2.3", "cert_4.2.2"};
+ chain_t chain423 = {"cert_4.2.3", "cert 4.2.1", "cert_4.2.2"};
+ chain_t chain424 = {"cert_4.2.3", "cert 4.2.2", "cert_4.2.1"};
+ chain_t chain425 = {"cert_4.2.2", "cert 4.2.1", "cert_4.2.3"};
+ chain_t chain426 = {"cert_4.2.2", "cert 4.2.3", "cert_4.2.1"};
+
+ chain_t chain427 = {"cert", "cert_4.2.1", "cert 4.2.2"};
+ chain_t chain428 = {"cert_4.2.1", " ", "cert 4.2.2"};
+ chain_t chain429 = {"cert 4.2.3", "cert 4.2.2"};
+ chain_t chain420 = {"cert 4.2" , "cert_4.2" , "cert 4.2" };
chain_t chain43 = {"cert_4.3.1"};
@@ -128,26 +108,27 @@ BOOST_AUTO_TEST_CASE(App_negative) {
app_t app15("app_3", "pkg_1", 5003, {chain412, chain425, chain43});
app_t app16("app_3", "pkg_1", 5003, {chain412, chain426, chain43});
- app_t apps[12] = {app5, app6, app7, app8, app9, app10, app11, app12, app13, app14, app15, app16};
-
- sort(app1);
- sort(app2);
- sort(app3);
- sort(app4);
-
- for (int i=0; i<12; i++) {
+ app_t app17("app_3", "pkg_1", 5003, {chain421});
+ app_t app18("app_3", "pkg_1", 5003, {chain422});
+ app_t app19("app_3", "pkg_1", 5003, {chain423});
+ app_t app20("app_3", "pkg_1", 5003, {chain424});
+ app_t app21("app_3", "pkg_1", 5003, {chain425});
+ app_t app22("app_3", "pkg_1", 5003, {chain426});
+ app_t app23("app_3", "pkg_1", 5003, {chain427});
+ app_t app24("app_3", "pkg_1", 5003, {chain428});
+ app_t app25("app_3", "pkg_1", 5003, {chain429});
+ app_t app26("app_3", "pkg_1", 5003, {chain420});
+
+ app_t apps[26] = {app1, app2, app3, app4, app5, app6, app7, app8,
+ app9, app10, app11, app12, app13, app14, app15, app16, app17,
+ app18, app19, app20, app21, app22, app23, app24, app25, app26};
+
+ for (int i=0; i<26; i++) {
sort(apps[i]);
}
- BOOST_REQUIRE(app1 != app2);
- BOOST_REQUIRE(app1 != app3);
- BOOST_REQUIRE(app1 != app4);
- BOOST_REQUIRE(app2 != app3);
- BOOST_REQUIRE(app2 != app4);
- BOOST_REQUIRE(app3 != app4);
-
- for (int i=0; i<12; i++) {
- for (int j=0; j<12; j++) {
+ for (int i=0; i<26; i++) {
+ for (int j=0; j<26; j++) {
if (i != j)
BOOST_REQUIRE(apps[i] != apps[j]);
else
diff --git a/tests/test_certs.cpp b/tests/test_certs.cpp
index 1867e4e..d5750f7 100644
--- a/tests/test_certs.cpp
+++ b/tests/test_certs.cpp
@@ -474,4 +474,44 @@ VhfnkHwPltmrpYVe"};
BOOST_REQUIRE(app2 == origin2);
}
+BOOST_AUTO_TEST_CASE(find_app_signatures_negative) {
+
+ // App1
+ app_t app1("app_id", "pkg_id", 101, {});
+ ocsp_urls_t ocsp_urls;
+ std::string path1 = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app3");
+
+ find_app_signatures (app1, path1, ocsp_urls);
+ // signature exists, but contains error - should not be parsed
+ BOOST_REQUIRE(app1.signatures.empty());
+}
+
+BOOST_AUTO_TEST_CASE(find_app_signatures_mixed) {
+
+ app_t app("app_id", "pkg_id", 101, {});
+ ocsp_urls_t ocsp_urls;
+ std::string path = std::string(TEST_APP_SIGNATURES_DIR) + std::string("/app4");
+
+ find_app_signatures (app, path, ocsp_urls);
+ // 2 signatures exist, but one of them contains error - only one should be parsed
+ BOOST_REQUIRE(app.signatures.size() == 1);
+
+ app_t origin("app_id", "pkg_id", 101, {});
+ chain_t chain = {"MIIClDCCAf2gAwIBAgIGAT4hYbcpMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYDVQQGEwJLUjEOMAwG\
+A1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSAwHgYD\
+VQQLDBdUaXplbiBEZXZlbG9wZXIgVGVzdCBDQTEbMBkGA1UEAwwSVGl6ZW4gRGV2ZWxvcGVyIENB\
+MB4XDTEzMDQxOTA4MjA1MloXDTQwMDkwNDA4MjA1MVowgZUxCzAJBgNVBAYTAlBMMREwDwYDVQQI\
+DAhNYXpvdmlhbjEPMA0GA1UEBwwGV2Fyc2F3MQ4wDAYDVQQKDAVTUlBPTDERMA8GA1UECwwIS1NG\
+L1dTU1AxJTAjBgkqhkiG9w0BCQEWFmoua296ZXJza2lAc2Ftc3VuZy5jb20xGDAWBgNVBAMMD0ph\
+bnVzeiBLb3plcnNraTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs0REWSsOn/QyVDSjSTRE\
+0W+LacX4cifRYI16nQi8WJhCAymhOg4UVXUk31Iwta8lOnQvgoce8bR+/dbCzDBmnogq8KXWlEtn\
+Ma3X6Tvz5BZfNy4Zj44G/aK0tJvnBj28h2ZZe545BNNW4zKR4SvNie9uM8v1r16PZaaS0YxOXl0C\
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQCGuwLCcQAAQz2Op83gTl0Pb+f7AinL8d3XGRC8dtFPqSrZ\
+wN3gEEIQxQeYLahEVPAsD1K9aWebbWm/sjpDERKW7hmYvGYz90Z+ocLKdork5XgQWqVGt7qi+pxZ\
+x6VDuNVxDrQtsX/hLf/YBhZJuzs/LSdlErUKQM8fdxvVzbld3w=="};
+ origin.signatures.push_back(chain);
+
+ BOOST_REQUIRE(app == origin);
+}
+
BOOST_AUTO_TEST_SUITE_END()
diff --git a/tests/test_db.cpp b/tests/test_db.cpp
index 066e895..95267e5 100644
--- a/tests/test_db.cpp
+++ b/tests/test_db.cpp
@@ -127,16 +127,15 @@ BOOST_AUTO_TEST_CASE(DB_app_positive) {
app2.verified = app_t::verified_t::NO;
app3.verified = app_t::verified_t::YES;
- sort(app1);
- sort(app2);
- sort(app3);
- sort(app4);
+
std::list<app_t> buffer_ok = {app1, app2, app3, app4};
get_app_list(buffer);
- buffer.sort();
- buffer_ok.sort();
+ // Need to sort buffer
+ sort_buffer(buffer);
+ sort_buffer(buffer_ok);
+
BOOST_REQUIRE(buffer_ok == buffer);
}
@@ -173,17 +172,14 @@ BOOST_AUTO_TEST_CASE(DB_app_negative) {
app2.verified = app_t::verified_t::NO;
app3.verified = app_t::verified_t::YES;
- sort(app1);
- sort(app2);
- sort(app3);
- sort(app4);
+
std::list<app_t> buffer_ok = {app1, app2, app3, app4};
get_app_list(buffer);
// list has to be sorted before comparison.
- buffer.sort();
- buffer_ok.sort();
+ sort_buffer(buffer);
+ sort_buffer(buffer_ok);
BOOST_REQUIRE(buffer_ok != buffer);
}