Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(38)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_name_match_unittest.cc

Issue 1214933009: Class for parsing and evaluating RFC 5280 NameConstraints. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@compare_DN2
Patch Set: use test_helpers.h Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/verify_name_match.cc ('K') | « net/cert/internal/verify_name_match.cc ('k') | net/data/name_constraints_unittest/name_constraints/directoryname.pem » ('j') | net/data/name_constraints_unittest/name_constraints/directoryname.pem » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_name_match.h" 5 #include "net/cert/internal/verify_name_match.h"
6 6
7 #include "base/strings/string_number_conversions.h" 7 #include "base/strings/string_number_conversions.h"
8 #include "base/strings/string_util.h" 8 #include "base/strings/string_util.h"
9 #include "net/cert/internal/test_helpers.h" 9 #include "net/cert/internal/test_helpers.h"
10 #include "net/der/input.h" 10 #include "net/der/input.h"
(...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after
206 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); 206 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2));
207 if (TypesAreComparable(value_type_1(), value_type_2())) { 207 if (TypesAreComparable(value_type_1(), value_type_2())) {
208 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1), 208 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1),
209 SequenceValueFromString(&der_2))); 209 SequenceValueFromString(&der_2)));
210 } else { 210 } else {
211 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1), 211 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1),
212 SequenceValueFromString(&der_2))); 212 SequenceValueFromString(&der_2)));
213 } 213 }
214 } 214 }
215 215
216 TEST_P(VerifyNameMatchDifferingTypesTest, NormalizableTypesInSubtrees) {
217 std::string der_1;
218 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled", &der_1));
219 std::string der_1_extra_rdn;
220 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_rdn",
221 &der_1_extra_rdn));
222 std::string der_1_extra_attr;
223 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_attr",
224 &der_1_extra_attr));
225 std::string der_2;
226 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2));
227 std::string der_2_extra_rdn;
228 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_rdn",
229 &der_2_extra_rdn));
230 std::string der_2_extra_attr;
231 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_attr",
232 &der_2_extra_attr));
233
234 if (TypesAreComparable(value_type_1(), value_type_2())) {
235 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1),
236 SequenceValueFromString(&der_2)));
237 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2),
238 SequenceValueFromString(&der_1)));
239 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn),
240 SequenceValueFromString(&der_2)));
241 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn),
242 SequenceValueFromString(&der_1)));
243 } else {
244 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1),
245 SequenceValueFromString(&der_2)));
246 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2),
247 SequenceValueFromString(&der_1)));
248 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn),
249 SequenceValueFromString(&der_2)));
250 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn),
251 SequenceValueFromString(&der_1)));
252 }
253
254 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1),
255 SequenceValueFromString(&der_2_extra_rdn)));
256 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2),
257 SequenceValueFromString(&der_1_extra_rdn)));
258 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_attr),
259 SequenceValueFromString(&der_2)));
260 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_attr),
261 SequenceValueFromString(&der_1)));
262 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1),
263 SequenceValueFromString(&der_2_extra_attr)));
264 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2),
265 SequenceValueFromString(&der_1_extra_attr)));
266 }
267
216 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in 268 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in
217 // value_type1 and value_type_2. 269 // value_type1 and value_type_2.
218 INSTANTIATE_TEST_CASE_P(InstantiationName, 270 INSTANTIATE_TEST_CASE_P(InstantiationName,
219 VerifyNameMatchDifferingTypesTest, 271 VerifyNameMatchDifferingTypesTest,
220 ::testing::Combine(::testing::ValuesIn(kValueTypes), 272 ::testing::Combine(::testing::ValuesIn(kValueTypes),
221 ::testing::ValuesIn(kValueTypes))); 273 ::testing::ValuesIn(kValueTypes)));
222 274
223 class VerifyNameMatchUnicodeConversionTest 275 class VerifyNameMatchUnicodeConversionTest
224 : public ::testing::TestWithParam< 276 : public ::testing::TestWithParam<
225 ::testing::tuple<const char*, 277 ::testing::tuple<const char*,
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
433 std::string a; 485 std::string a;
434 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a)); 486 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a));
435 std::string b; 487 std::string b;
436 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b)); 488 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b));
437 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a), 489 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a),
438 SequenceValueFromString(&b))); 490 SequenceValueFromString(&b)));
439 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b), 491 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b),
440 SequenceValueFromString(&a))); 492 SequenceValueFromString(&a)));
441 } 493 }
442 494
495 TEST(VerifyNameInSubtreeInvalidDataTest, FailOnEmptyRdn) {
496 std::string valid;
497 ASSERT_TRUE(LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &valid));
498 std::string invalid;
499 ASSERT_TRUE(LoadTestData("invalid", "RDN", "empty", &invalid));
500 // For both |name| and |parent|, a RelativeDistinguishedName must have at
501 // least one AttributeTypeAndValue.
502 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&valid),
503 SequenceValueFromString(&invalid)));
504 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid),
505 SequenceValueFromString(&valid)));
506 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid),
507 SequenceValueFromString(&invalid)));
508 }
509
510 TEST(VerifyNameInSubtreeTest, EmptyNameMatching) {
511 std::string empty;
512 ASSERT_TRUE(LoadTestData("valid", "Name", "empty", &empty));
513 std::string non_empty;
514 ASSERT_TRUE(
515 LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &non_empty));
516 // Empty name is in the subtree defined by empty name.
517 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&empty),
518 SequenceValueFromString(&empty)));
519 // Any non-empty name is in the subtree defined by empty name.
520 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&non_empty),
521 SequenceValueFromString(&empty)));
522 // Empty name is not in the subtree defined by non-empty name.
523 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&empty),
524 SequenceValueFromString(&non_empty)));
525 }
526
443 } // namespace net 527 } // namespace net
OLDNEW
« net/cert/internal/verify_name_match.cc ('K') | « net/cert/internal/verify_name_match.cc ('k') | net/data/name_constraints_unittest/name_constraints/directoryname.pem » ('j') | net/data/name_constraints_unittest/name_constraints/directoryname.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698