aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNuno Goncalves <[email protected]>2017-02-27 16:08:31 +0100
committerNuno Goncalves <[email protected]>2017-04-03 22:39:11 +0200
commit2d96d71f78ff1924ffb48cf49568b8f487e9018f (patch)
tree0cc211ad3e4a9807e91763fccb3d957c2dc14293
parent753b4c2d5301574d3c9390b79aa275a49809e6c8 (diff)
Refactor and modernize files to be edited
Signed-off-by: Nuno Goncalves <[email protected]>
-rw-r--r--src/lib/x509/certstor.cpp57
-rw-r--r--src/tests/unit_x509.cpp91
2 files changed, 70 insertions, 78 deletions
diff --git a/src/lib/x509/certstor.cpp b/src/lib/x509/certstor.cpp
index 10178a526..e068baa18 100644
--- a/src/lib/x509/certstor.cpp
+++ b/src/lib/x509/certstor.cpp
@@ -13,27 +13,23 @@ namespace Botan {
std::shared_ptr<const X509_CRL> Certificate_Store::find_crl_for(const X509_Certificate&) const
{
- return std::shared_ptr<const X509_CRL>();
+ return {};
}
void Certificate_Store_In_Memory::add_certificate(const X509_Certificate& cert)
{
- for(size_t i = 0; i != m_certs.size(); ++i)
- {
- if(*m_certs[i] == cert)
+ for(const auto& c : m_certs)
+ if(*c == cert)
return;
- }
m_certs.push_back(std::make_shared<const X509_Certificate>(cert));
}
void Certificate_Store_In_Memory::add_certificate(std::shared_ptr<const X509_Certificate> cert)
{
- for(size_t i = 0; i != m_certs.size(); ++i)
- {
- if(*m_certs[i] == *cert)
+ for(const auto& c : m_certs)
+ if(*c == *cert)
return;
- }
m_certs.push_back(cert);
}
@@ -41,8 +37,8 @@ void Certificate_Store_In_Memory::add_certificate(std::shared_ptr<const X509_Cer
std::vector<X509_DN> Certificate_Store_In_Memory::all_subjects() const
{
std::vector<X509_DN> subjects;
- for(size_t i = 0; i != m_certs.size(); ++i)
- subjects.push_back(m_certs[i]->subject_dn());
+ for(const auto& cert : m_certs)
+ subjects.push_back(cert->subject_dn());
return subjects;
}
@@ -50,22 +46,22 @@ std::shared_ptr<const X509_Certificate>
Certificate_Store_In_Memory::find_cert(const X509_DN& subject_dn,
const std::vector<uint8_t>& key_id) const
{
- for(size_t i = 0; i != m_certs.size(); ++i)
+ for(const auto& cert : m_certs)
{
// Only compare key ids if set in both call and in the cert
if(key_id.size())
{
- std::vector<uint8_t> skid = m_certs[i]->subject_key_id();
+ std::vector<uint8_t> skid = cert->subject_key_id();
if(skid.size() && skid != key_id) // no match
continue;
}
- if(m_certs[i]->subject_dn() == subject_dn)
- return m_certs[i];
+ if(cert->subject_dn() == subject_dn)
+ return cert;
}
- return std::shared_ptr<const X509_Certificate>();
+ return nullptr;
}
@@ -75,14 +71,9 @@ Certificate_Store_In_Memory::find_cert_by_pubkey_sha1(const std::vector<uint8_t>
if(key_hash.size() != 20)
throw Invalid_Argument("Certificate_Store_In_Memory::find_cert_by_pubkey_sha1 invalid hash");
- for(size_t i = 0; i != m_certs.size(); ++i)
- {
- const std::vector<uint8_t> hash_i = m_certs[i]->subject_public_key_bitstring_sha1();
- if(key_hash == hash_i)
- {
- return m_certs[i];
- }
- }
+ for(const auto& cert : m_certs)
+ if(key_hash == cert->subject_public_key_bitstring_sha1())
+ return cert;
return nullptr;
}
@@ -97,13 +88,13 @@ void Certificate_Store_In_Memory::add_crl(std::shared_ptr<const X509_CRL> crl)
{
X509_DN crl_issuer = crl->issuer_dn();
- for(size_t i = 0; i != m_crls.size(); ++i)
+ for(auto& c : m_crls)
{
// Found an update of a previously existing one; replace it
- if(m_crls[i]->issuer_dn() == crl_issuer)
+ if(c->issuer_dn() == crl_issuer)
{
- if(m_crls[i]->this_update() <= crl->this_update())
- m_crls[i] = crl;
+ if(c->this_update() <= crl->this_update())
+ c = crl;
return;
}
}
@@ -116,22 +107,22 @@ std::shared_ptr<const X509_CRL> Certificate_Store_In_Memory::find_crl_for(const
{
const std::vector<uint8_t>& key_id = subject.authority_key_id();
- for(size_t i = 0; i != m_crls.size(); ++i)
+ for(const auto& c : m_crls)
{
// Only compare key ids if set in both call and in the CRL
if(key_id.size())
{
- std::vector<uint8_t> akid = m_crls[i]->authority_key_id();
+ std::vector<uint8_t> akid = c->authority_key_id();
if(akid.size() && akid != key_id) // no match
continue;
}
- if(m_crls[i]->issuer_dn() == subject.issuer_dn())
- return m_crls[i];
+ if(c->issuer_dn() == subject.issuer_dn())
+ return c;
}
- return std::shared_ptr<const X509_CRL>();
+ return {};
}
Certificate_Store_In_Memory::Certificate_Store_In_Memory(const X509_Certificate& cert)
diff --git a/src/tests/unit_x509.cpp b/src/tests/unit_x509.cpp
index e23017738..52c0d0576 100644
--- a/src/tests/unit_x509.cpp
+++ b/src/tests/unit_x509.cpp
@@ -87,15 +87,16 @@ Botan::X509_Cert_Options req_opts2()
std::unique_ptr<Botan::Private_Key> make_a_private_key(const std::string& algo)
{
- std::string params = ""; // default "" means choose acceptable algo-specific params
-
- // Here we override defaults as needed
- if(algo == "RSA")
- params = "1024";
- if(algo == "GOST-34.10")
- params = "gost_256A";
- if(algo == "ECKCDSA" || algo == "ECGDSA")
- params = "brainpool256r1";
+ const std::string params = [&]{
+ // Here we override defaults as needed
+ if(algo == "RSA")
+ return "1024";
+ if(algo == "GOST-34.10")
+ return "gost_256A";
+ if(algo == "ECKCDSA" || algo == "ECGDSA")
+ return "brainpool256r1";
+ return ""; // default "" means choose acceptable algo-specific params
+ }();
return Botan::create_private_key(algo, Test::rng(), params);
}
@@ -111,7 +112,7 @@ Test::Result test_cert_status_strings()
Botan::to_string(Botan::Certificate_Status_Code::OK),
Botan::to_string(Botan::Certificate_Status_Code::VERIFIED));
- const std::vector<Botan::Certificate_Status_Code> codes = {
+ const Botan::Certificate_Status_Code codes[]{
Botan::Certificate_Status_Code::OCSP_RESPONSE_GOOD,
Botan::Certificate_Status_Code::OCSP_SIGNATURE_OK,
Botan::Certificate_Status_Code::VALID_CRL_CHECKED,
@@ -151,9 +152,9 @@ Test::Result test_cert_status_strings()
Botan::Certificate_Status_Code::CERT_PUBKEY_INVALID,
};
- for(auto code : codes)
+ for(const auto code : codes)
{
- std::string s = Botan::to_string(code);
+ const std::string s = Botan::to_string(code);
result.confirm("String is long enough to be informative", s.size() > 12);
result.test_eq("No duplicates", seen.count(s), 0);
seen.insert(s);
@@ -166,7 +167,7 @@ Test::Result test_cert_status_strings()
Test::Result test_x509_dates()
{
- Test::Result result("X509_Time");
+ Test::Result result("X509 Time");
Botan::X509_Time time;
result.confirm("unset time not set", !time.time_is_set());
@@ -187,7 +188,7 @@ Test::Result test_x509_dates()
result.test_eq("GENERALIZED_TIME readable_string", time.readable_string(), "2020/03/05 10:03:50 UTC");
// Dates that are valid per X.500 but rejected as unsupported
- const std::vector<std::string> valid_but_unsup = {
+ const std::string valid_but_unsup[]{
"0802010000-0000",
"0802011724+0000",
"0406142334-0500",
@@ -204,7 +205,7 @@ Test::Result test_x509_dates()
};
// valid length 13
- const std::vector<std::string> valid_utc = {
+ const std::string valid_utc[]{
"080201000000Z",
"080201172412Z",
"040614233433Z",
@@ -212,7 +213,7 @@ Test::Result test_x509_dates()
"000614233455Z",
};
- const std::vector<std::string> invalid_utc = {
+ const std::string invalid_utc[]{
"",
" ",
"2008`02-01",
@@ -284,11 +285,11 @@ Test::Result test_x509_dates()
};
// valid length 15
- const std::vector<std::string> valid_generalized_time = {
+ const std::string valid_generalized_time[]{
"20000305100350Z",
};
- const std::vector<std::string> invalid_generalized = {
+ const std::string invalid_generalized[]{
// No trailing Z
"20000305100350",
@@ -314,27 +315,27 @@ Test::Result test_x509_dates()
"170217180154Z",
};
- for(auto&& v : valid_but_unsup)
+ for(const auto& v : valid_but_unsup)
{
result.test_throws("valid but unsupported", [v]() { Botan::X509_Time t(v, Botan::ASN1_Tag::UTC_TIME); });
}
- for(auto&& v : valid_utc)
+ for(const auto& v : valid_utc)
{
Botan::X509_Time t(v, Botan::ASN1_Tag::UTC_TIME);
}
- for(auto&& v : valid_generalized_time)
+ for(const auto& v : valid_generalized_time)
{
Botan::X509_Time t(v, Botan::ASN1_Tag::GENERALIZED_TIME);
}
- for(auto&& v : invalid_utc)
+ for(const auto& v : invalid_utc)
{
result.test_throws("invalid", [v]() { Botan::X509_Time t(v, Botan::ASN1_Tag::UTC_TIME); });
}
- for (auto&& v : invalid_generalized)
+ for (const auto& v : invalid_generalized)
{
result.test_throws("invalid", [v]() { Botan::X509_Time t(v, Botan::ASN1_Tag::GENERALIZED_TIME); });
}
@@ -357,7 +358,7 @@ Test::Result test_x509_cert(const std::string& sig_algo, const std::string& hash
}
/* Create the self-signed cert */
- Botan::X509_Certificate ca_cert =
+ const Botan::X509_Certificate ca_cert =
Botan::X509::create_self_signed_cert(ca_opts(),
*ca_key,
hash_fn,
@@ -429,7 +430,7 @@ Test::Result test_x509_cert(const std::string& sig_algo, const std::string& hash
result.test_eq("issuer info Orga", user1_cert.issuer_info("O").at(0), ca_opts().organization);
result.test_eq("issuer info OrgaUnit", user1_cert.issuer_info("OU").at(0), ca_opts().org_unit);
- Botan::X509_CRL crl1 = ca.new_crl(Test::rng());
+ const Botan::X509_CRL crl1 = ca.new_crl(Test::rng());
/* Verify the certs */
Botan::Path_Validation_Restrictions restrictions(false, 80);
@@ -474,7 +475,7 @@ Test::Result test_x509_cert(const std::string& sig_algo, const std::string& hash
revoked.push_back(Botan::CRL_Entry(user1_cert, Botan::CESSATION_OF_OPERATION));
revoked.push_back(user2_cert);
- Botan::X509_CRL crl2 = ca.update_crl(crl1, revoked, Test::rng());
+ const Botan::X509_CRL crl2 = ca.update_crl(crl1, revoked, Test::rng());
store.add_crl(crl2);
@@ -522,27 +523,27 @@ Test::Result test_usage(const std::string& sig_algo, const std::string& hash_fn
}
/* Create the self-signed cert */
- Botan::X509_Certificate ca_cert =
+ const Botan::X509_Certificate ca_cert =
Botan::X509::create_self_signed_cert(ca_opts(),
*ca_key,
hash_fn,
Test::rng());
/* Create the CA object */
- Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng());
+ const Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng());
std::unique_ptr<Botan::Private_Key> user1_key(make_a_private_key(sig_algo));
Botan::X509_Cert_Options opts("Test User 1/US/Botan Project/Testing");
opts.constraints = Key_Constraints::DIGITAL_SIGNATURE;
- Botan::PKCS10_Request user1_req =
+ const Botan::PKCS10_Request user1_req =
Botan::X509::create_cert_req(opts,
*user1_key,
hash_fn,
Test::rng());
- Botan::X509_Certificate user1_cert =
+ const Botan::X509_Certificate user1_cert =
ca.sign_request(user1_req, Test::rng(),
from_date(2008, 01, 01),
from_date(2033, 01, 01));
@@ -556,13 +557,13 @@ Test::Result test_usage(const std::string& sig_algo, const std::string& hash_fn
opts.constraints = Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN);
- Botan::PKCS10_Request mult_usage_req =
+ const Botan::PKCS10_Request mult_usage_req =
Botan::X509::create_cert_req(opts,
*user1_key,
hash_fn,
Test::rng());
- Botan::X509_Certificate mult_usage_cert =
+ const Botan::X509_Certificate mult_usage_cert =
ca.sign_request(mult_usage_req, Test::rng(),
from_date(2008, 01, 01),
from_date(2033, 01, 01));
@@ -575,13 +576,13 @@ Test::Result test_usage(const std::string& sig_algo, const std::string& hash_fn
opts.constraints = Key_Constraints::NO_CONSTRAINTS;
- Botan::PKCS10_Request no_usage_req =
+ const Botan::PKCS10_Request no_usage_req =
Botan::X509::create_cert_req(opts,
*user1_key,
hash_fn,
Test::rng());
- Botan::X509_Certificate no_usage_cert =
+ const Botan::X509_Certificate no_usage_cert =
ca.sign_request(no_usage_req, Test::rng(),
from_date(2008, 01, 01),
from_date(2033, 01, 01));
@@ -610,14 +611,14 @@ Test::Result test_self_issued(const std::string& sig_algo, const std::string& ha
}
// create the self-signed cert
- Botan::X509_Certificate ca_cert =
+ const Botan::X509_Certificate ca_cert =
Botan::X509::create_self_signed_cert(ca_opts(),
*ca_key,
hash_fn,
Test::rng());
/* Create the CA object */
- Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng());
+ const Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng());
std::unique_ptr<Botan::Private_Key> user_key(make_a_private_key(sig_algo));
@@ -626,23 +627,23 @@ Test::Result test_self_issued(const std::string& sig_algo, const std::string& ha
Botan::X509_Cert_Options opts = ca_opts();
opts.constraints = Key_Constraints::DIGITAL_SIGNATURE;
- Botan::PKCS10_Request self_issued_req =
+ const Botan::PKCS10_Request self_issued_req =
Botan::X509::create_cert_req(opts,
*user_key,
hash_fn,
Test::rng());
- Botan::X509_Certificate self_issued_cert =
+ const Botan::X509_Certificate self_issued_cert =
ca.sign_request(self_issued_req, Test::rng(),
from_date(2008, 01, 01),
from_date(2033, 01, 01));
// check that this chain can can be verified successfully
- Botan::Certificate_Store_In_Memory trusted(ca.ca_certificate());
+ const Botan::Certificate_Store_In_Memory trusted(ca.ca_certificate());
- Botan::Path_Validation_Restrictions restrictions(false, 80);
+ const Botan::Path_Validation_Restrictions restrictions(false, 80);
- Botan::Path_Validation_Result validation_result =
+ const Botan::Path_Validation_Result validation_result =
Botan::x509_path_validate(self_issued_cert,
restrictions,
trusted);
@@ -868,7 +869,7 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string
opts.extensions = req_extensions;
/* Create a self-signed certificate */
- Botan::X509_Certificate self_signed_cert = Botan::X509::create_self_signed_cert(opts, *user_key, hash_fn, Test::rng());
+ const Botan::X509_Certificate self_signed_cert = Botan::X509::create_self_signed_cert(opts, *user_key, hash_fn, Test::rng());
// check if known Key_Usage extension is present in self-signed cert
auto key_usage_ext = self_signed_cert.v3_extensions().get(Botan::OIDS::lookup("X509v3.KeyUsage"));
@@ -886,14 +887,14 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string
}
- Botan::PKCS10_Request user_req =
+ const Botan::PKCS10_Request user_req =
Botan::X509::create_cert_req(opts,
*user_key,
hash_fn,
Test::rng());
/* Create a CA-signed certificate */
- Botan::X509_Certificate user_cert =
+ const Botan::X509_Certificate user_cert =
ca.sign_request(user_req, Test::rng(),
from_date(2008, 01, 01),
from_date(2033, 01, 01));
@@ -923,7 +924,7 @@ class X509_Cert_Unit_Tests : public Test
{
std::vector<Test::Result> results;
- const std::vector<std::string> sig_algos { "RSA", "DSA", "ECDSA", "ECGDSA", "ECKCDSA", "GOST-34.10" };
+ const std::string sig_algos[] { "RSA", "DSA", "ECDSA", "ECGDSA", "ECKCDSA", "GOST-34.10" };
Test::Result cert_result("X509 Unit");
Test::Result usage_result("X509 Usage");
Test::Result self_issued_result("X509 Self Issued");