From 8fc338f2afb9abb75f9b7c0a2d442f7d4f1b2a40 Mon Sep 17 00:00:00 2001
From: Mike Kaganski <mike.kaganski@collabora.com>
Date: Fri, 29 Jul 2022 12:32:36 +0300
Subject: Better valid certificate check, consider filter data

Otherwise, testSignCertificateSubjectName that has an explicit certificate
subject name requirement would fail when user has other valid certificates,
but not this one.

Change-Id: Ic3c440a8316314c922a53a51085a3e829f235f6d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137593
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
---
 unotest/source/cpp/macros_test.cxx | 35 +++++++++++++++++++++++++++++++----
 1 file changed, 31 insertions(+), 4 deletions(-)

(limited to 'unotest')

diff --git a/unotest/source/cpp/macros_test.cxx b/unotest/source/cpp/macros_test.cxx
index 6e8a26cceeb4..76105b88b1a7 100644
--- a/unotest/source/cpp/macros_test.cxx
+++ b/unotest/source/cpp/macros_test.cxx
@@ -173,16 +173,43 @@ void MacrosTest::tearDownNssGpg()
 #endif
 }
 
+namespace
+{
+struct Valid
+{
+    DateTime now;
+    OUString subjectName;
+    Valid(const css::uno::Sequence<css::beans::PropertyValue>& rFilterData)
+        : now(DateTime::SYSTEM)
+    {
+        for (const auto& propVal : rFilterData)
+        {
+            if (propVal.Name == "SignCertificateSubjectName")
+                propVal.Value >>= subjectName;
+        }
+    }
+    bool operator()(const css::uno::Reference<css::security::XCertificate>& cert) const
+    {
+        if (!now.IsBetween(cert->getNotValidBefore(), cert->getNotValidAfter()))
+            return false;
+        if (!subjectName.isEmpty() && subjectName != cert->getSubjectName())
+            return false;
+        return true;
+    }
+};
+}
+
 bool MacrosTest::IsValid(const css::uno::Reference<css::security::XCertificate>& cert)
 {
-    return DateTime(DateTime::SYSTEM)
-        .IsBetween(cert->getNotValidBefore(), cert->getNotValidAfter());
+    const Valid test({});
+    return test(cert);
 }
 
 css::uno::Reference<css::security::XCertificate> MacrosTest::GetValidCertificate(
-    const css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>& certs)
+    const css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>& certs,
+    const css::uno::Sequence<css::beans::PropertyValue>& rFilterData)
 {
-    if (auto it = std::find_if(certs.begin(), certs.end(), IsValid); it != certs.end())
+    if (auto it = std::find_if(certs.begin(), certs.end(), Valid(rFilterData)); it != certs.end())
         return *it;
     return {};
 }
-- 
cgit