net/cert/internal/verify_name_match_unittest.cc - Issue 1125333005: RFC 2459 name comparison.

Side by Side Diff: net/cert/internal/verify_name_match_unittest.cc

Issue 1125333005: RFC 2459 name comparison. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: . Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« net/cert/internal/verify_name_match.cc ('K') | « net/cert/internal/verify_name_match.cc ('k') | net/data/verify_name_match_unittest/names/ascii-BMPSTRING-case_swap.der » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/internal/verify_name_match.h"	5 #include "net/cert/internal/verify_name_match.h"

6	6

	7 #include "base/base_paths.h"

	8 #include "base/files/file_path.h"

	9 #include "base/files/file_util.h"

	10 #include "base/path_service.h"

7 #include "net/der/input.h"	11 #include "net/der/input.h"

8 #include "testing/gtest/include/gtest/gtest.h"	12 #include "testing/gtest/include/gtest/gtest.h"

9	13

10 namespace net {	14 namespace net {

	15 namespace {

11	16

12 TEST(VerifyNameMatchTest, Simple) {	17 std::string LoadTestData(const std::string& prefix,

13 // TODO(mattm): Use valid Names.	18 const std::string& value_type,

14 EXPECT_TRUE(VerifyNameMatch(der::Input("hello"), der::Input("hello")));	19 const std::string& suffix) {

15 EXPECT_FALSE(VerifyNameMatch(der::Input("aello"), der::Input("hello")));	20 base::FilePath src_root;

16 EXPECT_FALSE(VerifyNameMatch(der::Input("hello"), der::Input("hello1")));	21 PathService::Get(base::DIR_SOURCE_ROOT, &src_root);

17 EXPECT_FALSE(VerifyNameMatch(der::Input("hello1"), der::Input("hello")));	22 std::string filename = prefix + "-" + value_type + "-" + suffix + ".der";

	23 base::FilePath filepath =

	24 src_root.Append("net/data/verify_name_match_unittest/names")

	25 .Append(filename);

	26 std::string result;

	27 bool success = base::ReadFileToString(filepath, &result);

	28 EXPECT_TRUE(success);

	29 return result;

18 }	30 }

19	31

	32 static const char* kValueTypes[] = {"PRINTABLESTRING",

	33 "T61STRING",

	34 "UTF8",

	35 "BMPSTRING",

	36 "UNIVERSALSTRING"};

	37 static const char* kMangleTypes[] = {"unmangled",

	38 "case_swap",

	39 "extra_whitespace"};

	40

	41 } // namespace

	42

	43 class VerifyNameMatchSimpleTest

	44 : public ::testing::TestWithParam<

	45 std::tr1::tuple<const char, const char>> {
	Ryan Sleevi 2015/05/13 01:27:53 use ::testing::tuple, not std::str1::tuple use ::testing::tuple, not std::str1::tuple mattm 2015/05/13 03:24:06 Done. Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > use ::testing::tuple, not std::str1::tuple Done.
	46 public:

	47 std::string value_type() const { return std::tr1::get<0>(GetParam()); }
	Ryan Sleevi 2015/05/13 01:27:53 ::testing::get<0> ::testing::get<0> mattm 2015/05/13 03:24:06 Done. Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > ::testing::get<0> Done.
	48 std::string suffix() const { return std::tr1::get<1>(GetParam()); }

	49 };

	50

	51 TEST_P(VerifyNameMatchSimpleTest, ExactEquality) {
	Ryan Sleevi 2015/05/13 01:27:53 Document each of these tests Document each of these tests mattm 2015/05/13 03:24:06 Done. Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > Document each of these tests Done.
	52 std::string der = LoadTestData("ascii", value_type(), suffix());

	53 EXPECT_TRUE(VerifyNameMatch(der::Input(der), der::Input(der)));

	54

	55 std::string der_extra_attr =
	Ryan Sleevi 2015/05/13 01:27:53 document what you're testing document what you're testing mattm 2015/05/13 03:24:06 Acknowledged. (I think the test comment addresses Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > document what you're testing Acknowledged. (I think the test comment addresses this, but I can explicitly document these parts if you still think it needs more clarification.)
	56 LoadTestData("ascii", value_type(), suffix() + "-extra_attr");

	57 EXPECT_TRUE(

	58 VerifyNameMatch(der::Input(der_extra_attr), der::Input(der_extra_attr)));

	59

	60 std::string der_extra_rdn =
	Ryan Sleevi 2015/05/13 01:27:53 Document Document mattm 2015/05/13 03:24:06 Acknowledged. Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > Document Acknowledged.
	61 LoadTestData("ascii", value_type(), suffix() + "-extra_rdn");

	62 EXPECT_TRUE(

	63 VerifyNameMatch(der::Input(der_extra_rdn), der::Input(der_extra_rdn)));

	64 }

	65

	66 TEST_P(VerifyNameMatchSimpleTest, ExtraAttrDoesNotMatch) {

	67 std::string der = LoadTestData("ascii", value_type(), suffix());

	68 std::string der_extra_attr =

	69 LoadTestData("ascii", value_type(), suffix() + "-extra_attr");

	70 EXPECT_FALSE(VerifyNameMatch(der::Input(der), der::Input(der_extra_attr)));

	71 EXPECT_FALSE(VerifyNameMatch(der::Input(der_extra_attr), der::Input(der)));

	72 }

	73

	74 TEST_P(VerifyNameMatchSimpleTest, ExtraRdnDoesNotMatch) {

	75 std::string der = LoadTestData("ascii", value_type(), suffix());

	76 std::string der_extra_rdn =

	77 LoadTestData("ascii", value_type(), suffix() + "-extra_rdn");

	78 EXPECT_FALSE(VerifyNameMatch(der::Input(der), der::Input(der_extra_rdn)));

	79 EXPECT_FALSE(VerifyNameMatch(der::Input(der_extra_rdn), der::Input(der)));

	80 }

	81

	82 INSTANTIATE_TEST_CASE_P(InstantiationName,

	83 VerifyNameMatchSimpleTest,

	84 ::testing::Combine(::testing::ValuesIn(kValueTypes),

	85 ::testing::ValuesIn(kMangleTypes)));

	86

	87 class VerifyNameMatchNormalizationTest

	88 : public ::testing::TestWithParam<std::tr1::tuple<bool, const char*>> {

	89 public:

	90 bool expected_result() const { return std::tr1::get<0>(GetParam()); }

	91 std::string value_type() const { return std::tr1::get<1>(GetParam()); }

	92 };

	93

	94 TEST_P(VerifyNameMatchNormalizationTest, CaseInsensitivity) {

	95 std::string normal = LoadTestData("ascii", value_type(), "unmangled");

	96 std::string case_swap = LoadTestData("ascii", value_type(), "case_swap");

	97 EXPECT_EQ(expected_result(),

	98 VerifyNameMatch(der::Input(normal), der::Input(case_swap)));

	99 EXPECT_EQ(expected_result(),

	100 VerifyNameMatch(der::Input(case_swap), der::Input(normal)));

	101 }

	102

	103 TEST_P(VerifyNameMatchNormalizationTest, CollapseWhitespace) {

	104 std::string normal = LoadTestData("ascii", value_type(), "unmangled");

	105 std::string whitespace =

	106 LoadTestData("ascii", value_type(), "extra_whitespace");

	107 EXPECT_EQ(expected_result(),

	108 VerifyNameMatch(der::Input(normal), der::Input(whitespace)));

	109 EXPECT_EQ(expected_result(),

	110 VerifyNameMatch(der::Input(whitespace), der::Input(normal)));

	111 }

	112

	113 // TODO(mattm): Current implementation uses RFC 2459 rules, where only

	114 // PRINTABLESTRING is normalized. Change the false values below to true when

	115 // updating to RFC 5280 (at least for UTF8, handling the others is optional).

	116 INSTANTIATE_TEST_CASE_P(

	117 InstantiationName,

	118 VerifyNameMatchNormalizationTest,

	119 ::testing::Values(std::tr1::make_tuple(true, "PRINTABLESTRING"),

	120 std::tr1::make_tuple(false, "T61STRING"),

	121 std::tr1::make_tuple(false, "UTF8"),

	122 std::tr1::make_tuple(false, "BMPSTRING"),

	123 std::tr1::make_tuple(false, "UNIVERSALSTRING")));

	124

	125 class VerifyNameMatchDifferingTypesTest

	126 : public ::testing::TestWithParam<

	127 std::tr1::tuple<const char, const char>> {

	128 public:

	129 std::string value_type_1() const { return std::tr1::get<0>(GetParam()); }

	130 std::string value_type_2() const { return std::tr1::get<1>(GetParam()); }

	131 };

	132

	133 // TODO(mattm): in RFC 2459, different value types are assumed unequal. In RFC

	134 // 5280, different types are transcoded to unicode, so this will need to be
	Ryan Sleevi 2015/05/13 01:27:53 s/unicode/Unicode/ s/unicode/Unicode/ mattm 2015/05/13 03:24:06 Done. Show quoted text On 2015/05/13 01:27:53, Ryan Sleevi wrote: > s/unicode/Unicode/ Done.
	135 // updated.

	136 TEST_P(VerifyNameMatchDifferingTypesTest, DifferentTypesAreNonEqual) {

	137 std::string der_1 = LoadTestData("ascii", value_type_1(), "unmangled");

	138 std::string der_2 = LoadTestData("ascii", value_type_2(), "unmangled");

	139 if (value_type_1() == value_type_2())

	140 EXPECT_TRUE(VerifyNameMatch(der::Input(der_1), der::Input(der_2)));

	141 else

	142 EXPECT_FALSE(VerifyNameMatch(der::Input(der_1), der::Input(der_2)));

	143 }

	144

	145 INSTANTIATE_TEST_CASE_P(InstantiationName,

	146 VerifyNameMatchDifferingTypesTest,

	147 ::testing::Combine(::testing::ValuesIn(kValueTypes),

	148 ::testing::ValuesIn(kValueTypes)));

	149

20 } // namespace net	150 } // namespace net

OLD	NEW