summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaiki Ueno <dueno@redhat.com>2019-01-09 15:44:48 +0100
committerDaiki Ueno <ueno@gnu.org>2019-01-10 14:06:02 +0100
commitbebf4f3442ea5cdaa3a9fa2d0fee366e7264a227 (patch)
tree074a465c0d7ddbf4178bef67e353156e47d30bfb
parent7289639cf41df1840002e865bf700f50afec523c (diff)
test: Add test that exercises duplicated certs in JKS
-rw-r--r--trust/extract-jks.c2
-rw-r--r--trust/fixtures/duplicated.jksbin0 -> 2122 bytes
-rw-r--r--trust/fixtures/duplicated1.derbin0 -> 1010 bytes
-rw-r--r--trust/fixtures/duplicated2.derbin0 -> 1010 bytes
-rw-r--r--trust/fixtures/multiple.jksbin2556 -> 2567 bytes
-rw-r--r--trust/test-jks.c58
6 files changed, 55 insertions, 5 deletions
diff --git a/trust/extract-jks.c b/trust/extract-jks.c
index c274e4f..ad8dc35 100644
--- a/trust/extract-jks.c
+++ b/trust/extract-jks.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2013, Red Hat Inc.
+ * Copyright (c) 2019, Red Hat Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/trust/fixtures/duplicated.jks b/trust/fixtures/duplicated.jks
new file mode 100644
index 0000000..65d4225
--- /dev/null
+++ b/trust/fixtures/duplicated.jks
Binary files differ
diff --git a/trust/fixtures/duplicated1.der b/trust/fixtures/duplicated1.der
new file mode 100644
index 0000000..f9ea3ad
--- /dev/null
+++ b/trust/fixtures/duplicated1.der
Binary files differ
diff --git a/trust/fixtures/duplicated2.der b/trust/fixtures/duplicated2.der
new file mode 100644
index 0000000..a408031
--- /dev/null
+++ b/trust/fixtures/duplicated2.der
Binary files differ
diff --git a/trust/fixtures/multiple.jks b/trust/fixtures/multiple.jks
index d03f7ac..6d41bcc 100644
--- a/trust/fixtures/multiple.jks
+++ b/trust/fixtures/multiple.jks
Binary files differ
diff --git a/trust/test-jks.c b/trust/test-jks.c
index 4e34478..49f930e 100644
--- a/trust/test-jks.c
+++ b/trust/test-jks.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2011, Collabora Ltd.
- * Copyright (c) 2018, Red Hat Inc.
+ * Copyright (c) 2019, Red Hat Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -46,13 +46,13 @@
#include "pkcs11.h" /* CK_FUNCTION_LIST */
#include "pkcs11x.h" /* CKO_X_CERTIFICATE_EXTENSION */
#include "oid.h" /* P11_OID_EXTENDED_KEY_USAGE */
+#include "parser.h"
#include "test.h" /* p11_test() */
#include <stdarg.h> /* va_list */
#include <stdio.h> /* asprintf() */
#include <stdlib.h> /* free() */
#include <string.h> /* memcpy() */
-#include <unistd.h> /* rmdir() */
struct {
CK_FUNCTION_LIST module;
@@ -81,8 +81,7 @@ teardown (void *unused)
{
CK_RV rv;
- if (rmdir (test.directory) < 0)
- assert_not_reached ();
+ p11_test_directory_delete (test.directory);
free (test.directory);
p11_enumerate_cleanup (&test.ex);
@@ -188,9 +187,59 @@ test_file_multiple (void)
ret = p11_extract_jks_cacerts (&test.ex, destination);
assert_num_eq (true, ret);
+ free (destination);
test_check_file (test.directory, "extract.jks", SRCDIR "/trust/fixtures/multiple.jks");
+}
+
+static void
+test_file_duplicated (void)
+{
+ char *destination;
+ p11_parser *parser;
+ p11_array *parsed;
+ CK_ATTRIBUTE *duplicated1;
+ CK_ATTRIBUTE *duplicated2;
+ bool ret;
+
+ parser = p11_parser_new (NULL);
+ assert_ptr_not_null (parser);
+
+ parsed = p11_parser_parsed (parser);
+ assert_ptr_not_null (parsed);
+
+ p11_parser_formats (parser, p11_parser_format_x509, NULL);
+
+ ret = p11_parse_file (parser, SRCDIR "/trust/fixtures/duplicated1.der", NULL,
+ P11_PARSE_FLAG_NONE);
+
+ assert_num_eq (1, parsed->num);
+ duplicated1 = parsed->elem[0];
+ parsed->elem[0] = NULL;
+
+ ret = p11_parse_file (parser, SRCDIR "/trust/fixtures/duplicated2.der", NULL,
+ P11_PARSE_FLAG_NONE);
+
+ assert_num_eq (1, parsed->num);
+ duplicated2 = parsed->elem[0];
+ parsed->elem[0] = NULL;
+
+ p11_parser_free (parser);
+
+ setup_objects (duplicated1, NULL);
+ setup_objects (duplicated2, NULL);
+
+ p11_kit_iter_add_filter (test.ex.iter, certificate_filter, 1);
+ p11_kit_iter_begin_with (test.ex.iter, &test.module, 0, 0);
+
+ if (asprintf (&destination, "%s/%s", test.directory, "extract.jks") < 0)
+ assert_not_reached ();
+
+ ret = p11_extract_jks_cacerts (&test.ex, destination);
+ assert_num_eq (true, ret);
free (destination);
+
+ test_check_file (test.directory, "extract.jks", SRCDIR "/trust/fixtures/duplicated.jks");
}
extern time_t _p11_extract_jks_timestamp;
@@ -205,6 +254,7 @@ main (int argc,
p11_fixture (setup, teardown);
p11_test (test_file_multiple, "/jks/test_file_multiple");
+ p11_test (test_file_duplicated, "/jks/test_file_duplicated");
return p11_test_run (argc, argv);
}