Add unicode issuer name compare test (#561)

* Increase minimum iOS and macOS supported versions - use more std::filesystem IB-7483 Signed-off-by: Raul Metsma <[email protected]> * Add unicode issuer name compare test IB-7810 Signed-off-by: Raul Metsma <[email protected]> --------- Signed-off-by: Raul Metsma <[email protected]>
open-eid · Oct 5, 2023 · 7dc3ce9 · 7dc3ce9
1 parent 15d3142
commit 7dc3ce9
Show file tree

Hide file tree

Showing 4 changed files with 68 additions and 66 deletions.
diff --git a/test/data/gencerts.sh b/test/data/gencerts.sh
@@ -23,3 +23,6 @@ done
 openssl req -out signerEC.req -new -newkey ec:<(openssl ecparam -name secp384r1) -nodes -keyout signerEC.key -subj "/C=EE/CN=signer EC"
 openssl x509 -req -in signerEC.req -out signerEC.crt -CA inter.crt -CAkey inter.key -CAserial interserial.txt -extfile openssl.conf -extensions v3_usr -days 3650
 openssl pkcs12 -export -nodes -in signerEC.crt -inkey signerEC.key -out signerEC.p12 -password pass:signerEC
+
+openssl req -out unicode.req -new -newkey ec:<(openssl ecparam -name secp384r1) -nodes -keyout unicode.key -subj "/C=EE/CN=unicodeöäüõ" -utf8
+openssl x509 -req -in unicode.req -out unicode.crt -signkey unicode.key -days 365 
diff --git a/test/data/unicode.crt b/test/data/unicode.crt
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBhzCCAQwCFHwlKK7JnqHZRCECmbJz/7VNRNMEMAoGCCqGSM49BAMCMCcxCzAJ
+BgNVBAYTAkVFMRgwFgYDVQQDDA91bmljb2Rlw7bDpMO8w7UwHhcNMjMxMDA0MTM0
+MTM4WhcNMjQxMDAzMTM0MTM4WjAnMQswCQYDVQQGEwJFRTEYMBYGA1UEAwwPdW5p
+Y29kZcO2w6TDvMO1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE6Sx6tkRnC2b/J91s
+mmL5VhrywL/kGcxJV+bX4ThM+zY3+P59VULwuhCFV3ShjC8Xt8I4iBIhMZQmBfIa
+s6jDI7oHxRQWUIG9BCAjnyEUDJIb7PvLRKmf2CsJhmfC+94yMAoGCCqGSM49BAMC
+A2kAMGYCMQD4jHmeKWn6YJ0D8S6+2TdFdkeawlD6yoL1HtOVxYxHmVu/wtbSAVM+
+R8uJeR8tg6oCMQDt43YaOQEKgX1T3kBn2Fna8ovhwOVBJUYlVWDW88Sm5qi+ilOn
+KRRV6XxGYDbwpRU=
+-----END CERTIFICATE-----
diff --git a/test/libdigidocpp_boost.cpp b/test/libdigidocpp_boost.cpp
@@ -30,8 +30,6 @@
 #include <crypto/X509Crypto.h>
 #include <util/DateTime.h>
 
-#include <openssl/opensslv.h>
-
 namespace digidoc
 {
 
@@ -41,7 +39,7 @@ class TestFixture: public DigiDocPPFixture
     TestFixture()
     {
         copyTSL("EE_T-good.xml");
-        digidoc::initialize("untitestboost");
+        initialize("untitestboost");
     }
 };
 
@@ -123,9 +121,9 @@ BOOST_AUTO_TEST_SUITE_END()
 BOOST_AUTO_TEST_SUITE(X509CertSuite)
 BOOST_AUTO_TEST_CASE(parameters)
 {
-    auto signer1 = make_unique<PKCS12Signer>("signer1.p12", "signer1");
-    X509Cert c = signer1->cert();
-    BOOST_CHECK_EQUAL(c, signer1->cert());
+    PKCS12Signer signer1("signer1.p12", "signer1");
+    X509Cert c = signer1.cert();
+    BOOST_CHECK_EQUAL(c, signer1.cert());
     BOOST_CHECK_EQUAL(!c, false);
     BOOST_CHECK_EQUAL(c, true);
 
@@ -143,27 +141,30 @@ BOOST_AUTO_TEST_CASE(parameters)
 }
 BOOST_AUTO_TEST_SUITE_END()
 
-BOOST_AUTO_TEST_SUITE(X509Crypto)
+BOOST_AUTO_TEST_SUITE(X509CryptoSuite)
 BOOST_AUTO_TEST_CASE(parameters)
 {
     X509Cert cert("47101010033.cer", X509Cert::Pem);
-    digidoc::X509Crypto crypto(cert);
+    X509Crypto crypto(cert);
     BOOST_CHECK_EQUAL(crypto.isRSAKey(), true);
     BOOST_CHECK_EQUAL(crypto.compareIssuerToString(cert.issuerName()), 0);
     BOOST_CHECK_EQUAL(crypto.compareIssuerToString("[email protected],CN=TEST of ESTEID-SK 2015,O=AS Sertifitseerimiskeskus,C=EE"), -1);
     BOOST_CHECK_EQUAL(crypto.compareIssuerToString("[email protected],CN=TEST of EST\\45ID-SK 2015,O=AS Sertifitseerimiskeskus,C=EE"), -1);
     BOOST_CHECK_EQUAL(crypto.compareIssuerToString(cert.issuerName()+"EE"), -1);
 
-    digidoc::X509Crypto test(X509Cert("test.crt", X509Cert::Pem));
+    X509Cert cert1("unicode.crt", X509Cert::Pem);
+    BOOST_CHECK_EQUAL(X509Crypto(cert1).compareIssuerToString(cert1.issuerName()), 0);
+
+    X509Crypto test(X509Cert("test.crt", X509Cert::Pem));
     BOOST_CHECK_EQUAL(test.compareIssuerToString("CN=\\\"test\\\""), 0);
 
-    auto signer1 = make_unique<PKCS12Signer>("signer1.p12", "signer1");
+    PKCS12Signer signer1("signer1.p12", "signer1");
     const vector<unsigned char> data{'H','e','l','l','o',' ','w','o','r','l','d'};
     vector<unsigned char> digest = Digest(URI_SHA256).result(data);
-    vector<unsigned char> signature = signer1->sign(URI_SHA256, digest);
-    BOOST_CHECK_EQUAL(digidoc::X509Crypto(signer1->cert()).verify(URI_SHA256, digest, signature), true);
+    vector<unsigned char> signature = signer1.sign(URI_SHA256, digest);
+    BOOST_CHECK_EQUAL(X509Crypto(signer1.cert()).verify(URI_SHA256, digest, signature), true);
     digest[0] += 1;
-    BOOST_CHECK_EQUAL(digidoc::X509Crypto(signer1->cert()).verify(URI_SHA256, digest, signature), false);
+    BOOST_CHECK_EQUAL(X509Crypto(signer1.cert()).verify(URI_SHA256, digest, signature), false);
 }
 BOOST_AUTO_TEST_SUITE_END()
 
@@ -291,17 +292,17 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signature, Doc, DocTypes)
 
     BOOST_CHECK_THROW(d->removeSignature(0U), Exception);
 
-    auto signer1 = make_unique<PKCS12Signer>("signer1.p12", "signer1");
-    signer1->setProfile("time-stamp");
-    BOOST_CHECK_THROW(d->sign(signer1.get()), Exception);
+    PKCS12Signer signer1("signer1.p12", "signer1");
+    signer1.setProfile("time-stamp");
+    BOOST_CHECK_THROW(d->sign(&signer1), Exception);
 
     // Add first Signature
     BOOST_CHECK_NO_THROW(d->addDataFile("test1.txt", "text/plain"));
-    BOOST_CHECK_NO_THROW(d->sign(signer1.get()));
+    BOOST_CHECK_NO_THROW(d->sign(&signer1));
     BOOST_CHECK_EQUAL(d->signatures().size(), 1U);
     if(d->signatures().size() == 1)
     {
-        BOOST_CHECK_EQUAL(d->signatures().at(0)->signingCertificate(), signer1->cert());
+        BOOST_CHECK_EQUAL(d->signatures().at(0)->signingCertificate(), signer1.cert());
         BOOST_CHECK_NO_THROW(d->signatures().at(0)->validate());
     }
     BOOST_CHECK_NO_THROW(d->save(Doc::EXT + ".tmp"));
@@ -311,12 +312,12 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signature, Doc, DocTypes)
     BOOST_CHECK_THROW(d->removeDataFile(0U), Exception);
 
     // Add second Signature
-    auto signer2 = make_unique<PKCS12Signer>("signer2.p12", "signer2");
-    BOOST_CHECK_NO_THROW(d->sign(signer2.get()));
+    PKCS12Signer signer2("signer2.p12", "signer2");
+    BOOST_CHECK_NO_THROW(d->sign(&signer2));
     BOOST_CHECK_EQUAL(d->signatures().size(), 2U);
     if(d->signatures().size() == 2)
     {
-        BOOST_CHECK_EQUAL(d->signatures().at(1)->signingCertificate(), signer2->cert());
+        BOOST_CHECK_EQUAL(d->signatures().at(1)->signingCertificate(), signer2.cert());
         BOOST_CHECK_NO_THROW(d->signatures().at(1)->validate());
     }
     BOOST_CHECK_NO_THROW(d->save());
@@ -325,28 +326,28 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signature, Doc, DocTypes)
     BOOST_CHECK_NO_THROW(d->removeSignature(0U));
     BOOST_CHECK_EQUAL(d->signatures().size(), 1U);
     if(d->signatures().size() == 1)
-        BOOST_CHECK_EQUAL(d->signatures().at(0)->signingCertificate(), signer2->cert());
+        BOOST_CHECK_EQUAL(d->signatures().at(0)->signingCertificate(), signer2.cert());
 
     if(d->mediaType() == ASiCE::TYPE)
     {
-        auto signer3 = make_unique<PKCS12Signer>("signerEC.p12", "signerEC");
+        PKCS12Signer signer3("signerEC.p12", "signerEC");
         Signature *s3 = nullptr;
-        BOOST_CHECK_NO_THROW(s3 = d->sign(signer3.get()));
+        BOOST_CHECK_NO_THROW(s3 = d->sign(&signer3));
         BOOST_CHECK_EQUAL(d->signatures().size(), 2U);
         if(s3)
         {
             BOOST_CHECK_EQUAL(s3->signatureMethod(), URI_ECDSA_SHA256);
-            BOOST_CHECK_EQUAL(s3->signingCertificate(), signer3->cert());
+            BOOST_CHECK_EQUAL(s3->signingCertificate(), signer3.cert());
             BOOST_CHECK_NO_THROW(s3->validate());
         }
         BOOST_CHECK_NO_THROW(d->save());
 
         // Reload from file and validate
         d = Container::openPtr(Doc::EXT + ".tmp");
         BOOST_CHECK_EQUAL(d->signatures().size(), 2U);
-        if((s3 = d->signatures().back()))
+        if(s3 = d->signatures().back(); s3)
         {
-            BOOST_CHECK_EQUAL(s3->signingCertificate(), signer3->cert());
+            BOOST_CHECK_EQUAL(s3->signingCertificate(), signer3.cert());
             BOOST_CHECK_NO_THROW(s3->validate());
         }
 
@@ -355,43 +356,43 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signature, Doc, DocTypes)
         BOOST_CHECK_EQUAL(d->signatures().size(), 1U);
 
         // TSA signature
-        signer2->setProfile("time-stamp-archive");
-        BOOST_CHECK_NO_THROW(s3 = d->sign(signer2.get()));
-        //BOOST_CHECK_EQUAL(s3->TSCertificate(), signer2->cert());
+        signer2.setProfile("time-stamp-archive");
+        BOOST_CHECK_NO_THROW(s3 = d->sign(&signer2));
+        //BOOST_CHECK_EQUAL(s3->TSCertificate(), signer2.cert());
         //BOOST_CHECK_NO_THROW(s3->validate());
         BOOST_CHECK_NO_THROW(d->save(Doc::EXT + "-TSA.tmp"));
         BOOST_CHECK_NO_THROW(d->removeSignature(1U));
         BOOST_CHECK_EQUAL(d->signatures().size(), 1U);
 
         // Save with no SignatureValue and later add signautre value
-        signer2->setProfile("time-stamp");
+        signer2.setProfile("time-stamp");
         d = Container::createPtr(Doc::EXT + ".tmp");
         BOOST_CHECK_NO_THROW(d->addDataFile("test1.txt", "text/plain"));
         Signature *s = nullptr;
-        BOOST_CHECK_NO_THROW(s = d->prepareSignature(signer2.get()));
+        BOOST_CHECK_NO_THROW(s = d->prepareSignature(&signer2));
         vector<unsigned char> signatureValue;
-        BOOST_CHECK_NO_THROW(signatureValue = signer2->sign(s->signatureMethod(), s->dataToSign()));
+        BOOST_CHECK_NO_THROW(signatureValue = signer2.sign(s->signatureMethod(), s->dataToSign()));
         BOOST_CHECK_NO_THROW(d->save());
         d = Container::openPtr(Doc::EXT + ".tmp");
         s = d->signatures().back();
         BOOST_CHECK_NO_THROW(s->setSignatureValue(signatureValue));
-        BOOST_CHECK_NO_THROW(s->extendSignatureProfile(signer2->profile()));
+        BOOST_CHECK_NO_THROW(s->extendSignatureProfile(signer2.profile()));
         BOOST_CHECK_NO_THROW(d->save());
         BOOST_CHECK_NO_THROW(s->validate());
 
         // RSA PSS tests
         d = Container::createPtr(Doc::EXT + ".tmp");
         BOOST_CHECK_NO_THROW(d->addDataFile("test1.txt", "text/plain"));
-        signer1->setMethod(URI_RSA_PSS_SHA256);
-        BOOST_CHECK_NO_THROW(s = d->sign(signer1.get()));
+        signer1.setMethod(URI_RSA_PSS_SHA256);
+        BOOST_CHECK_NO_THROW(s = d->sign(&signer1));
         BOOST_CHECK_NO_THROW(s->validate());
-        BOOST_CHECK_EQUAL(s->signatureMethod(), signer1->method());
-        auto signer4 = make_unique<PKCS12Signer>("signerEC384.p12", "signerEC");
-        signer4->setProfile("BES"); // Not signed with same Issuer
+        BOOST_CHECK_EQUAL(s->signatureMethod(), signer1.method());
+        PKCS12Signer signer4("signerEC384.p12", "signerEC");
+        signer4.setProfile("BES"); // Not signed with same Issuer
         d = Container::createPtr(Doc::EXT + ".tmp");
         BOOST_CHECK_NO_THROW(d->addDataFile("test1.txt", "text/plain"));
         Signature *s4 = nullptr;
-        BOOST_CHECK_NO_THROW(s4 = d->sign(signer4.get()));
+        BOOST_CHECK_NO_THROW(s4 = d->sign(&signer4));
         BOOST_CHECK_EQUAL(s4->signatureMethod(), URI_ECDSA_SHA384);
     }
 
@@ -402,13 +403,13 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signature, Doc, DocTypes)
 
 BOOST_AUTO_TEST_CASE_TEMPLATE(files, Doc, DocTypes)
 {
-    auto signer1 = make_unique<PKCS12Signer>("signer1.p12", "signer1");
+    PKCS12Signer signer1("signer1.p12", "signer1");
     for(const string &data : {"0123456789~#%&()=`@{[]}'", "öäüõ"})
     {
         auto d = Container::createPtr("test." + Doc::EXT);
         const Signature *s1 = nullptr;
         BOOST_CHECK_NO_THROW(d->addDataFile(data + ".txt", "text/plain"));
-        BOOST_CHECK_NO_THROW(s1 = d->sign(signer1.get()));
+        BOOST_CHECK_NO_THROW(s1 = d->sign(&signer1));
         if(s1)
             s1->validate();
         d->save(data + Doc::EXT + ".tmp");
@@ -422,23 +423,23 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(files, Doc, DocTypes)
 BOOST_AUTO_TEST_CASE_TEMPLATE(signatureParameters, Doc, DocTypes)
 {
     auto d = Container::createPtr("test." + Doc::EXT);
-    auto signer1 = make_unique<PKCS12Signer>("signer1.p12", "signer1");
+    PKCS12Signer signer1("signer1.p12", "signer1");
 
-    signer1->setSignatureProductionPlace("Tartu", "Tartumaa", "12345", "Estonia");
+    signer1.setSignatureProductionPlace("Tartu", "Tartumaa", "12345", "Estonia");
 
     vector<string> roles{"Role1"};
-    signer1->setSignerRoles( roles );
+    signer1.setSignerRoles( roles );
 
     const Signature *s1 = nullptr;
     BOOST_CHECK_NO_THROW(d->addDataFile("test1.txt", "text/plain"));
     BOOST_CHECK_NO_THROW(d->addDataFile("test2.bin", "text/plain"));
-    BOOST_CHECK_NO_THROW(s1 = d->sign(signer1.get()));
+    BOOST_CHECK_NO_THROW(s1 = d->sign(&signer1));
     BOOST_CHECK_EQUAL(d->signatures().size(), 1U);
     if(s1)
     {
         BOOST_CHECK_NO_THROW(s1->validate());
         BOOST_CHECK_EQUAL(s1->id(), "S0");
-        BOOST_CHECK_EQUAL(s1->signingCertificate(), signer1->cert());
+        BOOST_CHECK_EQUAL(s1->signingCertificate(), signer1.cert());
         BOOST_CHECK_EQUAL(s1->signerRoles(), roles);
         BOOST_CHECK_EQUAL(s1->city(), "Tartu");
         BOOST_CHECK_EQUAL(s1->stateOrProvince(), "Tartumaa");
@@ -455,8 +456,8 @@ BOOST_AUTO_TEST_CASE_TEMPLATE(signatureParameters, Doc, DocTypes)
     if(d->signatures().size() == 1U)
         BOOST_CHECK_NO_THROW(d->signatures().front()->validate());
 
-    auto signer3 = make_unique<PKCS12Signer>("signer3.p12", "signer3");
-    BOOST_CHECK_THROW(d->sign(signer3.get()), Exception); // OCSP UNKNOWN
+    PKCS12Signer signer3("signer3.p12", "signer3");
+    BOOST_CHECK_THROW(d->sign(&signer3), Exception); // OCSP UNKNOWN
 }
 BOOST_AUTO_TEST_SUITE_END()
 

diff --git a/test/test.h b/test/test.h
@@ -27,15 +27,9 @@
 #include <crypto/X509Cert.h>
 #include <util/File.h>
 
-#ifdef _WIN32
-#include <direct.h>
-#define chdir _chdir
-#else
-#include <unistd.h>
-#endif
-
 using namespace digidoc;
 using namespace std;
+namespace fs = filesystem;
 
 namespace std
 {
@@ -102,7 +96,6 @@ class TestConfig: public ConfCurrent
 		profiles.emplace("1.3.6.1.4.1.10015.3.1.1");
 		return profiles;
 	}
-	bool PKCS12Disable() const override { return true; }
 	string TSUrl() const override { return "http://demo.sk.ee/tsa/"; }
 	bool TSLAutoUpdate() const override { return false; }
 	string TSLCache() const override { return path; }
@@ -128,10 +121,7 @@ class DigiDocPPFixture
 		if(argc > 1)
 		{
 			//BOOST_MESSAGE("Data path " + string(boost::unit_test::framework::master_test_suite().argv[argc-1]));
-DIGIDOCPP_WARNING_PUSH
-DIGIDOCPP_WARNING_DISABLE_GCC("-Wunused-result")
-			chdir(boost::unit_test::framework::master_test_suite().argv[argc-1]);
-DIGIDOCPP_WARNING_POP
+            fs::current_path(boost::unit_test::framework::master_test_suite().argv[argc-1]);
 			path = conf->path = boost::unit_test::framework::master_test_suite().argv[argc-1];
 		}
 		boost::unit_test::unit_test_monitor.register_exception_translator<Exception>(&translate_exception);
@@ -155,11 +145,8 @@ DIGIDOCPP_WARNING_POP
 
 	void copyTSL(const string &from)
 	{
-		ifstream i(util::File::encodeName(from).c_str(), ofstream::binary);
-		ofstream o(util::File::encodeName(path + "/EE_T.xml").c_str(), ifstream::binary);
-		o << i.rdbuf();
-		o.close();
-		i.close();
+        ofstream(util::File::encodeName(path + "/EE_T.xml"), ifstream::binary)
+            << ifstream(util::File::encodeName(from), ofstream::binary).rdbuf();
 	}
 
 	string path = ".";