test: Add test that exercises duplicated certs in JKS

author Daiki Ueno <dueno@redhat.com>

Wed, 9 Jan 2019 14:44:48 +0000 (15:44 +0100)

committer Daiki Ueno <ueno@gnu.org>

Thu, 10 Jan 2019 13:06:02 +0000 (14:06 +0100)
author Daiki Ueno <dueno@redhat.com>
Wed, 9 Jan 2019 14:44:48 +0000 (15:44 +0100)
committer Daiki Ueno <ueno@gnu.org>
Thu, 10 Jan 2019 13:06:02 +0000 (14:06 +0100)
diff --git a/trust/extract-jks.c b/trust/extract-jks.c

index c274e4f127455b008bc9ac40ec79587a0ca7502e..ad8dc35b20f4cb5976ff96ad50aa68bef9d91931 100644 (file)
--- a/trust/extract-jks.c
+++ b/trust/extract-jks.c
@@ -1,5 +1,5 @@
  /*
- * Copyright (c) 2013, Red Hat Inc.
+ * Copyright (c) 2019, Red Hat Inc.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
diff --git a/trust/fixtures/duplicated.jks b/trust/fixtures/duplicated.jks

new file mode 100644 (file)

index 0000000..65d4225

Binary files /dev/null and b/trust/fixtures/duplicated.jks differ
diff --git a/trust/fixtures/duplicated1.der b/trust/fixtures/duplicated1.der

new file mode 100644 (file)

index 0000000..f9ea3ad

Binary files /dev/null and b/trust/fixtures/duplicated1.der differ
diff --git a/trust/fixtures/duplicated2.der b/trust/fixtures/duplicated2.der

new file mode 100644 (file)

index 0000000..a408031

Binary files /dev/null and b/trust/fixtures/duplicated2.der differ
diff --git a/trust/fixtures/multiple.jks b/trust/fixtures/multiple.jks

index d03f7acf6aafccc5812f732148323ff8edc0ce89..6d41bcc35dce8c2a47437dec5f13fed8c5c1344f 100644 (file)

Binary files a/trust/fixtures/multiple.jks and b/trust/fixtures/multiple.jks differ
diff --git a/trust/test-jks.c b/trust/test-jks.c

index 4e3447832f7b3d1aadaa5200ec7eae058416b157..49f930ec7fe676436ec43a14fe1462e8da74f6b8 100644 (file)
--- a/trust/test-jks.c
+++ b/trust/test-jks.c
@@ -1,6 +1,6 @@
  /*
   * Copyright (c) 2011, Collabora Ltd.
- * Copyright (c) 2018, Red Hat Inc.
+ * Copyright (c) 2019, Red Hat Inc.
   *
   * Redistribution and use in source and binary forms, with or without
   * modification, are permitted provided that the following conditions
@@ -46,13 +46,13 @@
  #include "pkcs11.h"     /* CK_FUNCTION_LIST */
  #include "pkcs11x.h"    /* CKO_X_CERTIFICATE_EXTENSION */
  #include "oid.h"        /* P11_OID_EXTENDED_KEY_USAGE */
+#include "parser.h"
  #include "test.h"       /* p11_test() */
  
  #include <stdarg.h>     /* va_list */
  #include <stdio.h>      /* asprintf() */
  #include <stdlib.h>     /* free() */
  #include <string.h>     /* memcpy() */
-#include <unistd.h>     /* rmdir() */
  
  struct {
         CK_FUNCTION_LIST module;
@@ -81,8 +81,7 @@ teardown (void *unused)
  {
         CK_RV rv;
  
-       if (rmdir (test.directory) < 0)
-               assert_not_reached ();
+       p11_test_directory_delete (test.directory);
         free (test.directory);
  
         p11_enumerate_cleanup (&test.ex);
@@ -188,9 +187,59 @@ test_file_multiple (void)
  
         ret = p11_extract_jks_cacerts (&test.ex, destination);
         assert_num_eq (true, ret);
+       free (destination);
  
         test_check_file (test.directory, "extract.jks", SRCDIR "/trust/fixtures/multiple.jks");
+}
+
+static void
+test_file_duplicated (void)
+{
+       char *destination;
+       p11_parser *parser;
+       p11_array *parsed;
+       CK_ATTRIBUTE *duplicated1;
+       CK_ATTRIBUTE *duplicated2;
+       bool ret;
+
+       parser = p11_parser_new (NULL);
+       assert_ptr_not_null (parser);
+
+       parsed = p11_parser_parsed (parser);
+       assert_ptr_not_null (parsed);
+
+       p11_parser_formats (parser, p11_parser_format_x509, NULL);
+
+       ret = p11_parse_file (parser, SRCDIR "/trust/fixtures/duplicated1.der", NULL,
+                             P11_PARSE_FLAG_NONE);
+
+       assert_num_eq (1, parsed->num);
+       duplicated1 = parsed->elem[0];
+       parsed->elem[0] = NULL;
+
+       ret = p11_parse_file (parser, SRCDIR "/trust/fixtures/duplicated2.der", NULL,
+                             P11_PARSE_FLAG_NONE);
+
+       assert_num_eq (1, parsed->num);
+       duplicated2 = parsed->elem[0];
+       parsed->elem[0] = NULL;
+
+       p11_parser_free (parser);
+
+       setup_objects (duplicated1, NULL);
+       setup_objects (duplicated2, NULL);
+
+       p11_kit_iter_add_filter (test.ex.iter, certificate_filter, 1);
+       p11_kit_iter_begin_with (test.ex.iter, &test.module, 0, 0);
+
+       if (asprintf (&destination, "%s/%s", test.directory, "extract.jks") < 0)
+               assert_not_reached ();
+
+       ret = p11_extract_jks_cacerts (&test.ex, destination);
+       assert_num_eq (true, ret);
         free (destination);
+
+       test_check_file (test.directory, "extract.jks", SRCDIR "/trust/fixtures/duplicated.jks");
  }
  
  extern time_t _p11_extract_jks_timestamp;
@@ -205,6 +254,7 @@ main (int argc,
  
         p11_fixture (setup, teardown);
         p11_test (test_file_multiple, "/jks/test_file_multiple");
+       p11_test (test_file_duplicated, "/jks/test_file_duplicated");
  
         return p11_test_run (argc, argv);
  }
author	Daiki Ueno <dueno@redhat.com>
	Wed, 9 Jan 2019 14:44:48 +0000 (15:44 +0100)
committer	Daiki Ueno <ueno@gnu.org>
	Thu, 10 Jan 2019 13:06:02 +0000 (14:06 +0100)
trust/extract-jks.c		patch \| blob \| history
trust/fixtures/duplicated.jks	[new file with mode: 0644]	patch \| blob
trust/fixtures/duplicated1.der	[new file with mode: 0644]	patch \| blob
trust/fixtures/duplicated2.der	[new file with mode: 0644]	patch \| blob
trust/fixtures/multiple.jks		patch \| blob \| history
trust/test-jks.c		patch \| blob \| history