feat(HttpsVerifierMac): renames the HttpsVerifier class for macOS to …

…HttpsVerifierMac. Adds a check for certificate utility pointers.
wazuh · Jan 21, 2025 · 9a14297 · 9a14297
1 parent bea3a8c
commit 9a14297
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 15 deletions.
diff --git a/src/agent/communicator/src/https_socket_verify_utils_mac.cpp b/src/agent/communicator/src/https_socket_verify_utils_mac.cpp
@@ -20,7 +20,7 @@ namespace https_socket_verify_utils
         std::unique_ptr<ICertificateX509Utils> x509Utils = std::make_unique<CertificateX509UtilsWrapper>();
         std::unique_ptr<ICertificateStoreUtilsMac> certStoreUtils = std::make_unique<CertificateStoreUtilsWrapperMac>();
 
-        HttpsVerifier verifier(mode, host, x509Utils, certStoreUtils);
+        HttpsVerifierMac verifier(mode, host, x509Utils, certStoreUtils);
 
         return verifier.Verify(ctx);
     }

diff --git a/src/agent/communicator/src/https_verifier_mac.cpp b/src/agent/communicator/src/https_verifier_mac.cpp
@@ -14,8 +14,14 @@
 
 namespace https_socket_verify_utils
 {
-    bool HttpsVerifier::Verify(boost::asio::ssl::verify_context& ctx)
+    bool HttpsVerifierMac::Verify(boost::asio::ssl::verify_context& ctx)
     {
+        if (!m_x509Utils || !m_certStoreUtils)
+        {
+            LogError("Invalid utils pointers");
+            return false;
+        }
+
         CFDataPtr certData;
         if (!ExtractCertificate(ctx, certData))
         {
@@ -45,7 +51,7 @@ namespace https_socket_verify_utils
         return true;
     }
 
-    bool HttpsVerifier::ExtractCertificate(boost::asio::ssl::verify_context& ctx, CFDataPtr& certData)
+    bool HttpsVerifierMac::ExtractCertificate(boost::asio::ssl::verify_context& ctx, CFDataPtr& certData)
     {
         STACK_OF(X509)* certChain = m_x509Utils->GetCertChain(ctx.native_handle());
         if (!certChain || m_x509Utils->GetCertificateCount(certChain) == 0)
@@ -75,7 +81,7 @@ namespace https_socket_verify_utils
         return certData != nullptr;
     }
 
-    bool HttpsVerifier::CreateTrustObject(const CFDataPtr& certData, SecTrustPtr& trust)
+    bool HttpsVerifierMac::CreateTrustObject(const CFDataPtr& certData, SecTrustPtr& trust)
     {
         SecCertificatePtr serverCert(m_certStoreUtils->CreateCertificate(certData.get()), m_deleter);
         if (!serverCert)
@@ -103,7 +109,7 @@ namespace https_socket_verify_utils
         return true;
     }
 
-    bool HttpsVerifier::EvaluateTrust(const SecTrustPtr& trust)
+    bool HttpsVerifierMac::EvaluateTrust(const SecTrustPtr& trust)
     {
         CFErrorRef errorRef = nullptr;
         const bool trustResult = m_certStoreUtils->EvaluateTrust(trust.get(), &errorRef);
@@ -120,7 +126,7 @@ namespace https_socket_verify_utils
         return trustResult;
     }
 
-    bool HttpsVerifier::ValidateHostname(const SecCertificatePtr& serverCert)
+    bool HttpsVerifierMac::ValidateHostname(const SecCertificatePtr& serverCert)
     {
         CFStringPtr sanString(m_certStoreUtils->CopySubjectSummary(serverCert.get()), m_deleter);
         if (!sanString)

diff --git a/src/agent/communicator/src/https_verifier_mac.hpp b/src/agent/communicator/src/https_verifier_mac.hpp
@@ -20,18 +20,18 @@ namespace https_socket_verify_utils
     using SecCertificatePtr = std::unique_ptr<__SecCertificate, std::function<void(CFTypeRef)>>;
     using SecPolicyPtr = std::unique_ptr<__SecPolicy, std::function<void(CFTypeRef)>>;
 
-    class HttpsVerifier
+    class HttpsVerifierMac
     {
     public:
         /// @brief Constructor to initialize the verifier object.
         /// @param mode The verification mode to use
         /// @param host The hostname to verify against
         /// @param x509Utils The x509 utilities object to use
         /// @param certStoreUtils The certificate store utilities object to use
-        HttpsVerifier(const std::string& mode,
-                      const std::string& host,
-                      std::unique_ptr<ICertificateX509Utils>& x509Utils,
-                      std::unique_ptr<ICertificateStoreUtilsMac>& certStoreUtils)
+        HttpsVerifierMac(const std::string& mode,
+                         const std::string& host,
+                         std::unique_ptr<ICertificateX509Utils>& x509Utils,
+                         std::unique_ptr<ICertificateStoreUtilsMac>& certStoreUtils)
             : m_mode(mode)
             , m_host(host)
             , m_x509Utils(std::move(x509Utils))

diff --git a/src/agent/communicator/tests/https_verifier_mac_test.cpp b/src/agent/communicator/tests/https_verifier_mac_test.cpp
@@ -40,7 +40,7 @@ class HttpsVerifierTest : public ::testing::Test
 protected:
     MockX509Utils* mockX509Ptr;
     MockCertStoreUtils* mockCertStorePtr;
-    std::unique_ptr<HttpsVerifier> verifier;
+    std::unique_ptr<HttpsVerifierMac> verifier;
     MockVerifyContext ctx;
 
     void SetUp() override
@@ -50,7 +50,7 @@ class HttpsVerifierTest : public ::testing::Test
 
         mockCertStorePtr = new MockCertStoreUtils();
         std::unique_ptr<ICertificateStoreUtilsMac> certStorePtr(mockCertStorePtr);
-        verifier = std::make_unique<HttpsVerifier>("full", "example.com", x509Ptr, certStorePtr);
+        verifier = std::make_unique<HttpsVerifierMac>("full", "example.com", x509Ptr, certStorePtr);
     }
 
     void TearDown() override
@@ -64,7 +64,7 @@ class HttpsVerifierTestModeCertificate : public ::testing::Test
 protected:
     MockX509Utils* mockX509Ptr;
     MockCertStoreUtils* mockCertStorePtr;
-    std::unique_ptr<HttpsVerifier> verifier;
+    std::unique_ptr<HttpsVerifierMac> verifier;
     MockVerifyContext ctx;
 
     void SetUp() override
@@ -74,7 +74,7 @@ class HttpsVerifierTestModeCertificate : public ::testing::Test
 
         mockCertStorePtr = new MockCertStoreUtils();
         std::unique_ptr<ICertificateStoreUtilsMac> certStorePtr(mockCertStorePtr);
-        verifier = std::make_unique<HttpsVerifier>("certificate", "example.com", x509Ptr, certStorePtr);
+        verifier = std::make_unique<HttpsVerifierMac>("certificate", "example.com", x509Ptr, certStorePtr);
     }
 
     void TearDown() override