"HeTsAlHjfFEReVDiNCI9vMQLKFKKWnAorT2+iyRueA3bt2gchf863BBhZvJddL7Q\n"
"KBa0osXw+eGBRAwsm7m1qCho3b3fN2nFAa+k07ptRkOeablmFdXE81nVlA==\n"
"-----END CERTIFICATE-----\n";
-static const char *const key2 = key1;
+#define key2 key1
static const char *const hash2 = "FA18FD34BAABE47D6E2910E080F421C109CA97F5";
static const char *const cname2 = "ovpn-test-ec2";
"353PpJJ9s2b/Fqoc4d7udqhQogA7jqbayTKhJxbT134l2NzqDROzuS0kXbX8bXCi\n"
"mXSa4c8=\n"
"-----END CERTIFICATE-----\n";
-static const char *const key4 = key3;
+#define key4 key3
static const char *const hash4 = "E1401D4497C944783E3D62CDBD2A1F69F5E5071E";
-static const char *const cname4 = cname3; /* same CN as that of cert3 */
+#define cname4 cname3 /* same CN as that of cert3 */
#endif /* CERT_DATA_H */
const char *const friendly_name; /* identifies certs loaded to the store -- keep unique */
const char *hash; /* SHA1 fingerprint */
int valid; /* nonzero if certificate has not expired */
-} certs[] = {
- {cert1, key1, cname1, "OVPN TEST CA1", "OVPN Test Cert 1", hash1, 1},
- {cert2, key2, cname2, "OVPN TEST CA2", "OVPN Test Cert 2", hash2, 1},
- {cert3, key3, cname3, "OVPN TEST CA1", "OVPN Test Cert 3", hash3, 1},
- {cert4, key4, cname4, "OVPN TEST CA2", "OVPN Test Cert 4", hash4, 0},
- {}
-};
+} certs[5];
static bool certs_loaded;
static HCERTSTORE user_store;
+/* Fill-in certs[] array */
+void
+init_cert_data()
+{
+ struct test_cert certs_local[] = {
+ {cert1, key1, cname1, "OVPN TEST CA1", "OVPN Test Cert 1", hash1, 1},
+ {cert2, key2, cname2, "OVPN TEST CA2", "OVPN Test Cert 2", hash2, 1},
+ {cert3, key3, cname3, "OVPN TEST CA1", "OVPN Test Cert 3", hash3, 1},
+ {cert4, key4, cname4, "OVPN TEST CA2", "OVPN Test Cert 4", hash4, 0},
+ {0}
+ };
+ assert(sizeof(certs_local) == sizeof(certs));
+ memcpy(certs, certs_local, sizeof(certs_local));
+}
+
/* Lookup a certificate in our certificate/key db */
static struct test_cert *
lookup_cert(const char *friendly_name)
{
return;
}
+ init_cert_data();
user_store = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER
|CERT_STORE_OPEN_EXISTING_FLAG, L"MY");
assert_non_null(user_store);
const char *const friendly_name; /* identifies certs loaded to the store -- keep unique */
uint8_t hash[HASHSIZE]; /* SHA1 fingerprint: computed and filled in later */
char *p11_id; /* PKCS#11 id -- filled in later */
-} certs[] = {
- {cert1, key1, cname1, "OVPN TEST CA1", "OVPN Test Cert 1", {}, NULL},
- {cert2, key2, cname2, "OVPN TEST CA2", "OVPN Test Cert 2", {}, NULL},
- {cert3, key3, cname3, "OVPN TEST CA1", "OVPN Test Cert 3", {}, NULL},
- {cert4, key4, cname4, "OVPN TEST CA2", "OVPN Test Cert 4", {}, NULL},
- {}
-};
+} certs[5];
static bool pkcs11_id_management;
static char softhsm2_tokens_path[] = "softhsm2_tokens_XXXXXX";
static const char *pkcs11_id_current;
struct env_set *es;
+/* Fill-in certs[] array */
+void
+init_cert_data()
+{
+ struct test_cert certs_local[] = {
+ {cert1, key1, cname1, "OVPN TEST CA1", "OVPN Test Cert 1", {0}, NULL},
+ {cert2, key2, cname2, "OVPN TEST CA2", "OVPN Test Cert 2", {0}, NULL},
+ {cert3, key3, cname3, "OVPN TEST CA1", "OVPN Test Cert 3", {0}, NULL},
+ {cert4, key4, cname4, "OVPN TEST CA2", "OVPN Test Cert 4", {0}, NULL},
+ {0}
+ };
+ assert(sizeof(certs_local) == sizeof(certs));
+ memcpy(certs, certs_local, sizeof(certs_local));
+}
+
/* Intercept get_user_pass for PIN and other prompts */
bool
get_user_pass_cr(struct user_pass *up, const char *auth_file, const char *prefix,
umask(0077); /* ensure all files and directories we create get user only access */
char config[256];
+ init_cert_data();
if (!mkdtemp(softhsm2_tokens_path))
{
fail_msg("make tmpdir using template <%s> failed (error = %d)", softhsm2_tokens_path, errno);
assert_non_null(pubkey);
assert_non_null(privkey);
#ifdef HAVE_XKEY_PROVIDER
- digest_sign_verify(privkey, pubkey); /* this will exercise signing via pkcs11 backend */
+ /* this will exercise signing via pkcs11 backend */
+ assert_int_equal(digest_sign_verify(privkey, pubkey), 1);
#else
if (!SSL_CTX_check_private_key(tls_ctx.ctx))
{
projects / thirdparty / openvpn.git / commitdiff
