File 7903-public_key-add-types-delete-redundant-code... of Package erlang

Overview Repositories Revisions Requests Users Attributes Meta

File 7903-public_key-add-types-delete-redundant-code-pkits_SUI.patch of Package erlang

From 10d052ac41ba5f67216ff8754bfc2d08f367d35e Mon Sep 17 00:00:00 2001
From: Kiko Fernandez-Reyes <kiko@erlang.org>
Date: Mon, 19 Dec 2022 10:25:17 +0100
Subject: [PATCH 3/3] public_key: add types/delete redundant code pkits_SUITE

---
 lib/public_key/test/pkits_SUITE.erl | 51 +++++++++++++++++++----------
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/lib/public_key/test/pkits_SUITE.erl b/lib/public_key/test/pkits_SUITE.erl
index 9cd71adce1..ad4defa5fb 100644
--- a/lib/public_key/test/pkits_SUITE.erl
+++ b/lib/public_key/test/pkits_SUITE.erl
@@ -19,7 +19,7 @@
 %%
 
 
-%%  Se specification here:
+%%  See specification here:
 %%  http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/pkitesting.html
 
 -module(pkits_SUITE).
@@ -332,7 +332,7 @@ not_before_valid() ->
     [{doc,"Test valid periods"}].
 not_before_valid(Config) when is_list(Config) ->
     run([{ "4.2.3", "Valid pre2000 UTC notBefore Date Test3 EE", ok},
-	 { "4.2.4", "Valid GeneralizedTime notBefore Date Test4 EE", ok}]).
+         { "4.2.4", "Valid GeneralizedTime notBefore Date Test4 EE", ok}]).
 
 not_after_invalid() ->
     [{doc,"Test valid periods"}].
@@ -828,13 +828,24 @@ unknown_not_critical_extension(Config) when is_list(Config) ->
 %% Internal functions ------------------------------------------------
 %%--------------------------------------------------------------------
 
+-spec run([tuple()]) -> ok.
 run(Tests) ->    
     [TA] = read_certs("Trust Anchor Root Certificate"),
     run(Tests, TA).
 
+-spec run([Entry] | Entry, TA) -> ok when
+      TA :: public_key:pem_entry(),
+      Entry :: {CA, Test, Result} | {CA, Test, Result, CertificateBodies},
+      CA :: public_key:pem_entry(),
+      Test :: string(),
+      Result :: atom(),
+      CertificateBodies :: [binary()].
 run({Chap, Test, Result}, TA) ->
-    CertChain = cas(Chap) ++ read_certs(Test),
-    Options = path_validation_options(TA, Chap,Test),
+    run({Chap, Test, Result, read_certs(Test)}, TA);
+
+run({Chap, Test, Result, CertsBody}, TA) ->
+    CertChain = cas(Chap) ++ CertsBody,
+    Options = path_validation_options(Chap),
     try public_key:pkix_path_validation(TA, CertChain, Options) of
 	{Result, _} -> ok;
 	{error,Result} when Result =/= ok ->
@@ -851,15 +862,14 @@ run({Chap, Test, Result}, TA) ->
             exit(crash)
     end;
 
-run([Test|Rest],TA) ->
-    run(Test,TA),
-    run(Rest,TA);
-run([],_) -> ok.
+run(Tests,TA) when is_list(Tests) ->
+    lists:foreach(fun (T) -> run(T, TA) end, Tests),
+    ok.
 
-path_validation_options(TA, Chap, Test) ->
+path_validation_options(Chap) ->
     case needs_crl_options(Chap) of
 	true ->
-	    crl_options(TA, Chap, Test);
+	    crl_options(Chap);
 	false ->
 	     Fun =
 		fun(_,{bad_cert, _} = Reason, _) ->
@@ -873,9 +883,14 @@ path_validation_options(TA, Chap, Test) ->
 	    [{verify_fun, {Fun, []}}]
     end.
 
+-spec read_certs(TestCase :: string()) -> [CertificateContent :: binary()].
 read_certs(Test) ->
     File = cert_file(Test),
     Ders = erl_make_certs:pem_to_der(File),
+    extract_certificate(Ders).
+
+-spec extract_certificate(Certificates :: [public_key:pem_entry()]) -> CertificateContent :: binary().
+extract_certificate(Ders) ->
     [Cert || {'Certificate', Cert, not_encrypted} <- Ders].
 
 read_crls(Test) ->
@@ -883,13 +898,15 @@ read_crls(Test) ->
     Ders = erl_make_certs:pem_to_der(File),
     [CRL || {'CertificateList', CRL, not_encrypted} <- Ders].
 
+-spec cert_file(TestCase :: string()) -> FilenamePath :: string().
 cert_file(Test) ->
     file(?CONV, lists:append(string:tokens(Test, " -")) ++ ".pem").
 
+-spec crl_file(TestCase :: string()) -> FilenamePath :: string().
 crl_file(Test) ->
     file(?CRL, lists:append(string:tokens(Test, " -")) ++ ".pem").
 
-
+-spec file(Subdir :: string(), Filename :: string()) -> FilenamePath :: string().
 file(Sub,File) ->
     TestDir = case get(datadir) of
 		  undefined -> "./pkits_SUITE_data";
@@ -939,7 +956,7 @@ needs_crl_options("4.15" ++ _) ->
 needs_crl_options(_) ->
     false.
 
-crl_options(_TA, Chap, _Test) ->
+crl_options(Chap) ->
     CRLNames = crl_names(Chap),
     CRLs = crls(CRLNames),
     Paths = lists:map(fun(CRLName) -> crl_path(CRLName) end, CRLNames),
@@ -966,16 +983,12 @@ crl_options(_TA, Chap, _Test) ->
 		CRLInfo = lists:reverse(CRLInfo0),
 		PathDb = crl_path_db(lists:reverse(Crls), Paths, []),
 
-		Fun = fun(DP, CRLtoValidate, Id, PathDb0) ->
-			      trusted_cert_and_path(DP, CRLtoValidate, Id, PathDb0)
-		      end,
-
 		case CRLInfo of
 		    [] ->
 			{valid, UserState};
 		    [_|_] ->
 			case public_key:pkix_crls_validate(OtpCert, CRLInfo,
-							   [{issuer_fun,{Fun, PathDb}}]) of
+							   [{issuer_fun,{fun trusted_cert_and_path/4, PathDb}}]) of
 			    valid ->
 				{valid, UserState};
 			    Reason  ->
@@ -1089,6 +1102,7 @@ dp_crlissuer_to_issuer(DPCRLIssuer) ->
 
 %%%%%%%%%%%%%%% CA mappings %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
+-spec cas(Chap :: string()) -> [Certificates :: public_key:pem_entry()].
 cas(Chap) ->
     CAS = intermidiate_cas(Chap),
     lists:foldl(fun([], Acc) ->
@@ -1097,7 +1111,8 @@ cas(Chap) ->
 			[CACert] = read_certs(CA),
 			[CACert | Acc]
 		end, [], CAS).
- 
+
+-spec intermidiate_cas(Chap :: string()) -> [CACert :: string()].
 intermidiate_cas(Chap) when Chap == "4.1.1";
 			    Chap == "4.1.3";
 			    Chap == "4.2.2";
-- 
2.35.3

Places

File 7903-public_key-add-types-delete-redundant-code-pkits_SUI.patch of Package erlang

Places