randombit / botan / 5134090420

coverage: 91.721% (-0.3%) from 91.995%
5134090420

push

github

randombit 
Merge GH #3565 Disable noisy/pointless pylint warnings

76048 of 82912 relevant lines covered (91.72%)

11755290.1 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

79.06
/src/tests/test_certstor_system.cpp
1 
/*
2 
* (C) 1999-2021 Jack Lloyd
3 
* (C) 2019,2021 René Meusel
4 
*
5 
* Botan is released under the Simplified BSD License (see license.txt)
6 
*/
7 









8



#include "tests.h"










9












10



#if defined(BOTAN_HAS_CERTSTOR_SYSTEM)










11












12



   #include "test_certstor_utils.h"










13



   #include <botan/ber_dec.h>










14



   #include <botan/certstor_system.h>










15



   #include <botan/der_enc.h>










16



   #include <botan/hex.h>










17



   #include <memory>










18












19



namespace Botan_Tests {










20












21



namespace {










22












23



Test::Result find_certificate_by_pubkey_sha1(Botan::Certificate_Store& certstore) {




1





24



   Test::Result result("System Certificate Store - Find Certificate by SHA1(pubkey)");




1





25












26



   try {




1





27



      result.start_timer();




1





28



      auto cert = certstore.find_cert_by_pubkey_sha1(get_key_id());




1





29



      result.end_timer();




1





30












31



      if(result.test_not_nullopt("found certificate", cert)) {




4





32



         auto cns = cert->subject_dn().get_attribute("CN");




1





33



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





34



         result.test_eq("CN", cns.front(), get_subject_cn());




2





35



      }




1





36



   } catch(std::exception& e) {




1





37



      result.test_failure(e.what());




×







38



   }




×







39












40



   result.test_throws("on invalid SHA1 hash data", [&] { certstore.find_cert_by_pubkey_sha1({}); });




3





41












42



   return result;




1





43



}




×







44












45



Test::Result find_certificate_by_pubkey_sha1_with_unmatching_key_id(Botan::Certificate_Store& certstore) {




1





46



   Test::Result result("System Certificate Store - Find Certificate by SHA1(pubkey) - regression test for GH #2779");




1





47












48



   if(!certstore.find_cert(get_dn_of_cert_with_different_key_id(), {}).has_value()) {




2





49



      result.note_missing("OS does not trust the certificate used for this regression test, skipping");




×







50



      return result;




×







51



   }










52












53



   try {




1





54



      result.start_timer();




1





55



      auto cert = certstore.find_cert_by_pubkey_sha1(get_pubkey_sha1_of_cert_with_different_key_id());




1





56



      result.end_timer();




1





57












58



      if(result.test_not_nullopt("found certificate", cert)) {




4





59



         auto cns = cert->subject_dn().get_attribute("CN");




1





60



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





61



         result.test_eq("CN", cns.front(), "SecureTrust CA");




2





62



      }




1





63



   } catch(std::exception& e) {




1





64



      result.test_failure(e.what());




×







65



   }




×







66












67



   return result;










68



}




×







69












70



Test::Result find_cert_by_subject_dn(Botan::Certificate_Store& certstore) {




1





71



   Test::Result result("System Certificate Store - Find Certificate by subject DN");




1





72












73



   try {




1





74



      auto dn = get_dn();




1





75












76



      result.start_timer();




1





77



      auto cert = certstore.find_cert(dn, std::vector<uint8_t>());




1





78



      result.end_timer();




1





79












80



      if(result.test_not_nullopt("found certificate", cert)) {




4





81



         auto cns = cert->subject_dn().get_attribute("CN");




1





82



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





83



         result.test_eq("CN", cns.front(), get_subject_cn());




2





84



      }




1





85



   } catch(std::exception& e) {




1





86



      result.test_failure(e.what());




×







87



   }




×







88












89



   return result;




1





90



}




×







91












92



Test::Result find_cert_by_utf8_subject_dn(Botan::Certificate_Store& certstore) {




1





93



   Test::Result result("System Certificate Store - Find Certificate by UTF8 subject DN");




1





94












95



   try {




1





96



      auto dn = get_utf8_dn();




1





97












98



      result.start_timer();




1





99



      auto cert = certstore.find_cert(dn, std::vector<uint8_t>());




1





100



      result.end_timer();




1





101












102



      if(result.test_not_nullopt("found certificate", cert)) {




4





103



         auto cns = cert->subject_dn().get_attribute("CN");




1





104



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





105



         result.test_eq("CN", cns.front(), "D-TRUST Root Class 3 CA 2 EV 2009");




2





106



      }




1





107



   } catch(std::exception& e) {




1





108



      result.test_failure(e.what());




×







109



   }




×







110












111



   return result;




1





112



}




×







113












114



Test::Result find_cert_by_subject_dn_and_key_id(Botan::Certificate_Store& certstore) {




1





115



   Test::Result result("System Certificate Store - Find Certificate by subject DN and key ID");




1





116












117



   try {




1





118



      auto dn = get_dn();




1





119












120



      result.start_timer();




1





121



      auto cert = certstore.find_cert(dn, get_key_id());




1





122



      result.end_timer();




1





123












124



      if(result.test_not_nullopt("found certificate", cert)) {




4





125



         auto cns = cert->subject_dn().get_attribute("CN");




1





126



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





127



         result.test_eq("CN", cns.front(), get_subject_cn());




2





128



      }




1





129



   } catch(std::exception& e) {




1





130



      result.test_failure(e.what());




×







131



   }




×







132












133



   return result;




1





134



}




×







135












136



Test::Result find_certs_by_subject_dn_and_key_id(Botan::Certificate_Store& certstore) {




1





137



   Test::Result result("System Certificate Store - Find Certificates by subject DN and key ID");




1





138












139



   try {




1





140



      auto dn = get_dn();




1





141












142



      result.start_timer();




1





143



      auto certs = certstore.find_all_certs(dn, get_key_id());




1





144



      result.end_timer();




1





145












146



      if(result.confirm("result not empty", !certs.empty()) &&




3





147



         result.test_eq("exactly one certificate", certs.size(), 1)) {




3





148



         auto cns = certs.front().subject_dn().get_attribute("CN");




1





149



         result.test_is_eq("exactly one CN", cns.size(), size_t(1));




1





150



         result.test_eq("CN", cns.front(), get_subject_cn());




2





151



      }




1





152



   } catch(std::exception& e) {




1





153



      result.test_failure(e.what());




×







154



   }




×







155












156



   return result;




1





157



}




×







158












159



Test::Result find_all_certs_by_subject_dn(Botan::Certificate_Store& certstore) {




1





160



   Test::Result result("System Certificate Store - Find all Certificates by subject DN");




1





161












162



   try {




1





163



      auto dn = get_dn();




1





164












165



      result.start_timer();




1





166



      auto certs = certstore.find_all_certs(dn, std::vector<uint8_t>());




1





167



      result.end_timer();




1





168












169



      // check for duplications










170



      sort(certs.begin(), certs.end());




1





171



      for(size_t i = 1; i < certs.size(); ++i) {




1





172



         if(certs[i - 1] == certs[i]) {




×







173



            result.test_failure("find_all_certs produced duplicated result");




×







174



         }










175



      }










176












177



      if(result.confirm("result not empty", !certs.empty())) {




3





178



         auto cns = certs.front().subject_dn().get_attribute("CN");




1





179



         result.test_gte("at least one CN", cns.size(), size_t(1));




1





180



         result.test_eq("CN", cns.front(), get_subject_cn());




2





181



      }




1





182



   } catch(std::exception& e) {




1





183



      result.test_failure(e.what());




×







184



   }




×







185












186



   return result;




1





187



}




×







188












189



Test::Result find_all_subjects(Botan::Certificate_Store& certstore) {




1





190



   Test::Result result("System Certificate Store - Find all Certificate Subjects");




1





191












192



   try {




1





193



      result.start_timer();




1





194



      auto subjects = certstore.all_subjects();




1





195



      result.end_timer();




1





196












197



      if(result.confirm("result not empty", !subjects.empty())) {




3





198



         auto dn = get_dn();




1





199



         auto needle = std::find_if(




1





200



            subjects.cbegin(), subjects.cend(), [=](const Botan::X509_DN& subject) { return subject == dn; });




76





201












202



         if(result.confirm("found expected certificate", needle != subjects.end())) {




3





203



            result.confirm("expected certificate", *needle == dn);




3





204



         }










205



      }




1





206



   } catch(std::exception& e) {




1





207



      result.test_failure(e.what());




×







208



   }




×







209












210



   return result;




1





211



}




×







212












213



Test::Result no_certificate_matches(Botan::Certificate_Store& certstore) {




1





214



   Test::Result result("System Certificate Store - can deal with no matches (regression test)");




1





215












216



   try {




1





217



      auto dn = get_unknown_dn();




1





218



      auto kid = get_unknown_key_id();




1





219












220



      result.start_timer();




1





221



      auto certs = certstore.find_all_certs(dn, kid);




1





222



      auto cert = certstore.find_cert(dn, kid);




1





223



      auto pubk_cert = certstore.find_cert_by_pubkey_sha1(kid);




1





224



      result.end_timer();




1





225












226



      result.confirm("find_all_certs did not find the dummy", certs.empty());




2





227



      result.confirm("find_cert did not find the dummy", !cert);




2





228



      result.confirm("find_cert_by_pubkey_sha1 did not find the dummy", !pubk_cert);




3





229



   } catch(std::exception& e) {




2





230



      result.test_failure(e.what());




×







231



   }




×







232












233



   return result;




1





234



}




×







235












236



   #if defined(BOTAN_HAS_CERTSTOR_MACOS)










237












238



Test::Result certificate_matching_with_dn_normalization(Botan::Certificate_Store& certstore) {










239



   Test::Result result("System Certificate Store - normalization of X.509 DN (regression test)");










240












241



   try {










242



      auto dn = get_skewed_dn();










243












244



      result.start_timer();










245



      auto certs = certstore.find_all_certs(dn, std::vector<uint8_t>());










246



      auto cert = certstore.find_cert(dn, std::vector<uint8_t>());










247



      result.end_timer();










248












249



      if(result.confirm("find_all_certs did find the skewed DN", !certs.empty()) &&










250



         result.confirm("find_cert did find the skewed DN", cert.has_value())) {










251



         result.test_eq(










252



            "it is the correct cert", certs.front().subject_dn().get_first_attribute("CN"), get_subject_cn());










253



         result.test_eq("it is the correct cert", cert->subject_dn().get_first_attribute("CN"), get_subject_cn());










254



      }










255



   } catch(std::exception& e) {










256



      result.test_failure(e.what());










257



   }










258












259



   return result;










260



}










261












262



   #endif










263












264



class Certstor_System_Tests final : public Test {




×







265



   public:










266



      std::vector<Test::Result> run() override {




1





267



         Test::Result open_result("System Certificate Store - Open Keychain");




1





268












269



         std::unique_ptr<Botan::Certificate_Store> system;




1





270












271



         try {




1





272



            open_result.start_timer();




1





273



            system = std::make_unique<Botan::System_Certificate_Store>();




1





274



            open_result.end_timer();




1





275



         } catch(Botan::Not_Implemented& e) {




×







276



            BOTAN_UNUSED(e);




×







277



            open_result.test_note("Skipping due to not available in current build");




×







278



            return {open_result};




×







279



         } catch(std::exception& e) {




×







280



            open_result.test_failure(e.what());




×







281



            return {open_result};




×







282



         }




×







283












284



         open_result.test_success();




1





285












286



         std::vector<Test::Result> results;




1





287



         results.push_back(open_result);




1





288












289



         results.push_back(find_certificate_by_pubkey_sha1(*system));




2





290



         results.push_back(find_certificate_by_pubkey_sha1_with_unmatching_key_id(*system));




2





291



         results.push_back(find_cert_by_subject_dn(*system));




2





292



         results.push_back(find_cert_by_subject_dn_and_key_id(*system));




2





293



         results.push_back(find_all_certs_by_subject_dn(*system));




2





294



         results.push_back(find_certs_by_subject_dn_and_key_id(*system));




2





295



         results.push_back(find_all_subjects(*system));




2





296



         results.push_back(no_certificate_matches(*system));




2





297



         results.push_back(find_cert_by_utf8_subject_dn(*system));




2





298



   #if defined(BOTAN_HAS_CERTSTOR_MACOS)










299



         results.push_back(certificate_matching_with_dn_normalization(*system));










300



   #endif










301












302



         return results;




1





303



      }




2





304



};










305












306



BOTAN_REGISTER_TEST("x509", "certstor_system", Certstor_System_Tests);










307












308



}  // namespace










309












310



}  // namespace Botan_Tests










311












312



#endif
























    

  • 

    •