summaryrefslogtreecommitdiff
path: root/trust/tests/test-builder.c
Commit message (Collapse)AuthorAgeFilesLines
* trust: Rename p11_index_batch() to p11_index_load()Stef Walter2013-07-031-8/+8
| | | | | | The name makes it clearer what's going on. This is only used during loading, so we can track whether a change has resulted from the trust module or from the file storage.
* trust: Implement validation for creating/modifying objectsStef Walter2013-06-261-0/+427
|
* Our own unit testing frameworkStef Walter2013-05-211-291/+155
| | | | | | | | * Support the TAP protocol * Much cleaner without having to carry around state * First class support for setup/teardown * Port the common tests * Wait on porting other tests until we've merged outstanding code
* Don't respect timezones for CKA_START_DATE or CKA_END_DATEStef Walter2013-04-031-13/+1
| | | | | | | | | | | | | The PKCS#11 specification does not note what timezone these dates are in. In addition the time values are not represented in PKCS#11. So don't reinterpret certificate dates, other than filling in the century for dates that have a two digit year. Lastly, these are low resolution optional fields so not being all strict about timezones here is appropriate. https://bugs.freedesktop.org/show_bug.cgi?id=62825
* Separate library init from message codeStef Walter2013-04-031-2/+1
| | | | | | | | | | | Put library init/uninit code its into their own statically linked library so that they don't get linked into the p11-kit executable. Refactor the message code so that the library initialization can plug in its per thread message buffer. https://bugs.freedesktop.org/show_bug.cgi?id=63046
* Use CKA_X_CERTIFICATE_VALUE for trust assertionsStef Walter2013-03-291-3/+3
| | | | | | | These don't contain the CKA_VALUE attribute for certificate data but rather the CKA_X_CERTIFICATE_VALUE attribute. https://bugs.freedesktop.org/show_bug.cgi?id=62896
* Don't try to guess at overflowing time values on 32-bit systemsStef Walter2013-03-281-0/+71
| | | | | | | | | Since CKA_START_DATE and CKA_END_DATE are the only places where we want to parse out times, and these are optional, just leave blank if the time overflows what libc can handle on a 32-bit system. https://bugs.freedesktop.org/show_bug.cgi?id=62825
* Fix memory leaks reported by 'make leakcheck'Stef Walter2013-03-201-10/+41
|
* trust: Rework index to be faster and more usableStef Walter2013-03-201-22/+22
| | | | | | | | | The index now uses a sort of cross between a hash table and a bloom filter internally to select matching items. This is needed for the massive amount of lookups we want to do during loading. In addition make p11_index_find() and p11_index_replace() easier to use.
* hash: Rename file and functions for hashesStef Walter2013-03-201-3/+3
| | | | | We're going to be adding other hashes. Also build as part of a different common library.
* trust: Better generation of nss objects and assertions for serial+issuerStef Walter2013-03-181-108/+188
| | | | | | | In many cases certficates are distrusted by serial+issuer. Make sure this works, and fix various cases where we weren't generating compat NSS objects and compat trust assertions for these types of input.
* trust: Support a p11-kit specific serialization formatStef Walter2013-03-151-39/+0
| | | | | | | This is documented in doc/internals/ subdirectory Add tests for the format as well. https://bugs.freedesktop.org/show_bug.cgi?id=62156
* trust: Use a SHA-1 hash of subjectPublicKeyInfo as CKA_ID by defaultStef Walter2013-03-151-1/+17
| | | | | | | This is what's recommended by the spec, and allows stapled extensions to hang off a predictable CKA_ID. https://bugs.freedesktop.org/show_bug.cgi?id=62329
* trust: Add a builder which builds objects out of parsed dataStef Walter2013-03-151-0/+1611
The builder completes the objects from the parsed data and takes over the responsibilities that the parser and adapter previously shared. This is necessary to prepare for arbitrary data coming from the p11-kit specific input files. https://bugs.freedesktop.org/show_bug.cgi?id=62329