diff options
| -rw-r--r-- | src/lib/cert/x509/certstor.cpp | 3 | ||||
| -rw-r--r-- | src/lib/cert/x509/certstor_sql/certstor_sql.cpp | 12 | ||||
| -rw-r--r-- | src/lib/cert/x509/certstor_sql/certstor_sql.h | 8 | ||||
| -rw-r--r-- | src/tests/test_certstor.cpp | 25 |
4 files changed, 31 insertions, 17 deletions
diff --git a/src/lib/cert/x509/certstor.cpp b/src/lib/cert/x509/certstor.cpp index 4ef0e5240..6d02d41c6 100644 --- a/src/lib/cert/x509/certstor.cpp +++ b/src/lib/cert/x509/certstor.cpp @@ -5,7 +5,6 @@ * Botan is released under the Simplified BSD License (see license.txt) */ -#include <cassert> #include <botan/certstor.h> #include <botan/ber_dec.h> #include <botan/der_enc.h> @@ -16,8 +15,6 @@ #include <botan/hash.h> #include <botan/hex.h> -#include <iostream> - namespace Botan { std::shared_ptr<const X509_CRL> Certificate_Store::find_crl_for(const X509_Certificate&) const diff --git a/src/lib/cert/x509/certstor_sql/certstor_sql.cpp b/src/lib/cert/x509/certstor_sql/certstor_sql.cpp index d8325fb87..3a457a2a4 100644 --- a/src/lib/cert/x509/certstor_sql/certstor_sql.cpp +++ b/src/lib/cert/x509/certstor_sql/certstor_sql.cpp @@ -175,15 +175,15 @@ Certificate_Store_In_SQL::find_certs_for_key(const Private_Key& key) const stmt->bind(1,fpr); - std::shared_ptr<const X509_Certificate> cert; + std::vector<std::shared_ptr<const X509_Certificate>> certs; while(stmt->step()) { auto blob = stmt->get_blob(0); - cert = std::make_shared<X509_Certificate>( - std::vector<byte>(blob.first,blob.first + blob.second)); + certs.push_back(std::make_shared<X509_Certificate>( + std::vector<byte>(blob.first,blob.first + blob.second))); } - return {cert}; + return certs; } bool Certificate_Store_In_SQL::insert_key(const X509_Certificate& cert, const Private_Key& key) { @@ -196,8 +196,6 @@ bool Certificate_Store_In_SQL::insert_key(const X509_Certificate& cert, const Pr auto pkcs8 = PKCS8::BER_encode(key,rng,m_password); auto fpr = fingerprint_key(key); - //m_database->new_statement("BEGIN TRANSACTION")->spin(); - auto stmt1 = m_database->new_statement( "INSERT OR REPLACE INTO keys ( fingerprint, key ) VALUES ( ?1, ?2 )"); @@ -212,8 +210,6 @@ bool Certificate_Store_In_SQL::insert_key(const X509_Certificate& cert, const Pr stmt2->bind(2,cert.fingerprint("SHA-256")); stmt2->spin(); - //m_database->new_statement("END TRANSACTION")->spin(); - return true; } diff --git a/src/lib/cert/x509/certstor_sql/certstor_sql.h b/src/lib/cert/x509/certstor_sql/certstor_sql.h index 24db88cdd..096426b7a 100644 --- a/src/lib/cert/x509/certstor_sql/certstor_sql.h +++ b/src/lib/cert/x509/certstor_sql/certstor_sql.h @@ -33,10 +33,6 @@ class BOTAN_DLL Certificate_Store_In_SQL : public Certificate_Store virtual std::shared_ptr<const X509_Certificate> find_cert(const X509_DN& subject_dn, const std::vector<byte>& key_id) const override; - /// Generates a CRL for all certificates issued by "subject"s issuer. - virtual std::shared_ptr<const X509_CRL> - find_crl_for(const X509_Certificate& subject) const override; - /// Returns all subject DNs known to the store instance, virtual std::vector<X509_DN> all_subjects() const override; @@ -80,6 +76,10 @@ class BOTAN_DLL Certificate_Store_In_SQL : public Certificate_Store */ std::vector<X509_CRL> generate_crls() const; + /// Generates a CRL for all certificates issued by the given issuer. + virtual std::shared_ptr<const X509_CRL> + find_crl_for(const X509_Certificate& issuer) const override; + private: std::string fingerprint_key(const Private_Key&) const; diff --git a/src/tests/test_certstor.cpp b/src/tests/test_certstor.cpp index 02865c72c..5d894640b 100644 --- a/src/tests/test_certstor.cpp +++ b/src/tests/test_certstor.cpp @@ -12,9 +12,12 @@ #include <botan/internal/filesystem.h> #include <botan/pkcs8.h> #include <botan/auto_rng.h> + #include <sstream> + extern "C" { + #include <unistd.h> // unlink() + } #endif -#include <iostream> namespace Botan_Tests { @@ -53,6 +56,20 @@ Test::Result test_certstor_insert_find_remove_test( if(priv) { result.test_eq("Got wrong private key",key->pkcs8_private_key(),priv->pkcs8_private_key()); + + auto rev_certs = store.find_certs_for_key(*priv); + + if(rev_certs.empty()) + { + result.test_failure("No certificate"); + } + else + { + bool found = std::any_of(rev_certs.begin(),rev_certs.end(),[&](std::shared_ptr<const Botan::X509_Certificate> c) + { return c->fingerprint() == cert.fingerprint(); }); + + result.test_eq("Got wrong/no certificate",found,true); + } } if(certs[4] != cert_key && certs[5] != cert_key) @@ -193,7 +210,11 @@ class Certstor_Tests : public Test try { - Botan::Certificate_Store_In_SQLite store(fn.first + ".db","123"); + unlink((fn.first + ".db").c_str()); + + auto& rng = Test::rng(); + std::string passwd(reinterpret_cast<const char*>(rng.random_vec(8).data()),8); + Botan::Certificate_Store_In_SQLite store(fn.first + ".db",passwd); std::vector<std::pair<Botan::X509_Certificate,std::shared_ptr<Botan::Private_Key>>> retrieve; for(auto&& cert_key_pair : test_data) |