| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/verify_name_match.h" | 5 #include "net/cert/internal/verify_name_match.h" |
| 6 | 6 |
| 7 #include "base/strings/string_number_conversions.h" | 7 #include "base/strings/string_number_conversions.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "net/cert/internal/test_helpers.h" | 9 #include "net/cert/internal/test_helpers.h" |
| 10 #include "net/der/input.h" | |
| 11 #include "net/der/parser.h" | |
| 12 #include "testing/gtest/include/gtest/gtest.h" | 10 #include "testing/gtest/include/gtest/gtest.h" |
| 13 | 11 |
| 14 namespace net { | 12 namespace net { |
| 15 namespace { | 13 namespace { |
| 16 | 14 |
| 17 der::Input SequenceValueFromString(const std::string* s) { | |
| 18 der::Parser parser(InputFromString(s)); | |
| 19 der::Input data; | |
| 20 if (!parser.ReadTag(der::kSequence, &data)) { | |
| 21 ADD_FAILURE(); | |
| 22 return der::Input(); | |
| 23 } | |
| 24 if (parser.HasMore()) { | |
| 25 ADD_FAILURE(); | |
| 26 return der::Input(); | |
| 27 } | |
| 28 return data; | |
| 29 } | |
| 30 | |
| 31 // Loads test data from file. The filename is constructed from the parameters: | 15 // Loads test data from file. The filename is constructed from the parameters: |
| 32 // |prefix| describes the type of data being tested, e.g. "ascii", | 16 // |prefix| describes the type of data being tested, e.g. "ascii", |
| 33 // "unicode_bmp", "unicode_supplementary", and "invalid". | 17 // "unicode_bmp", "unicode_supplementary", and "invalid". |
| 34 // |value_type| indicates what ASN.1 type is used to encode the data. | 18 // |value_type| indicates what ASN.1 type is used to encode the data. |
| 35 // |suffix| indicates any additional modifications, such as caseswapping, | 19 // |suffix| indicates any additional modifications, such as caseswapping, |
| 36 // whitespace adding, etc. | 20 // whitespace adding, etc. |
| 37 ::testing::AssertionResult LoadTestData(const std::string& prefix, | 21 ::testing::AssertionResult LoadTestData(const std::string& prefix, |
| 38 const std::string& value_type, | 22 const std::string& value_type, |
| 39 const std::string& suffix, | 23 const std::string& suffix, |
| 40 std::string* result) { | 24 std::string* result) { |
| (...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 206 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); | 190 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); |
| 207 if (TypesAreComparable(value_type_1(), value_type_2())) { | 191 if (TypesAreComparable(value_type_1(), value_type_2())) { |
| 208 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1), | 192 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1), |
| 209 SequenceValueFromString(&der_2))); | 193 SequenceValueFromString(&der_2))); |
| 210 } else { | 194 } else { |
| 211 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1), | 195 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1), |
| 212 SequenceValueFromString(&der_2))); | 196 SequenceValueFromString(&der_2))); |
| 213 } | 197 } |
| 214 } | 198 } |
| 215 | 199 |
| 200 TEST_P(VerifyNameMatchDifferingTypesTest, NormalizableTypesInSubtrees) { |
| 201 std::string der_1; |
| 202 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled", &der_1)); |
| 203 std::string der_1_extra_rdn; |
| 204 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_rdn", |
| 205 &der_1_extra_rdn)); |
| 206 std::string der_1_extra_attr; |
| 207 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_attr", |
| 208 &der_1_extra_attr)); |
| 209 std::string der_2; |
| 210 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); |
| 211 std::string der_2_extra_rdn; |
| 212 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_rdn", |
| 213 &der_2_extra_rdn)); |
| 214 std::string der_2_extra_attr; |
| 215 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_attr", |
| 216 &der_2_extra_attr)); |
| 217 |
| 218 if (TypesAreComparable(value_type_1(), value_type_2())) { |
| 219 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 220 SequenceValueFromString(&der_2))); |
| 221 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 222 SequenceValueFromString(&der_1))); |
| 223 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn), |
| 224 SequenceValueFromString(&der_2))); |
| 225 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn), |
| 226 SequenceValueFromString(&der_1))); |
| 227 } else { |
| 228 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 229 SequenceValueFromString(&der_2))); |
| 230 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 231 SequenceValueFromString(&der_1))); |
| 232 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn), |
| 233 SequenceValueFromString(&der_2))); |
| 234 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn), |
| 235 SequenceValueFromString(&der_1))); |
| 236 } |
| 237 |
| 238 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 239 SequenceValueFromString(&der_2_extra_rdn))); |
| 240 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 241 SequenceValueFromString(&der_1_extra_rdn))); |
| 242 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_attr), |
| 243 SequenceValueFromString(&der_2))); |
| 244 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_attr), |
| 245 SequenceValueFromString(&der_1))); |
| 246 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 247 SequenceValueFromString(&der_2_extra_attr))); |
| 248 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 249 SequenceValueFromString(&der_1_extra_attr))); |
| 250 } |
| 251 |
| 216 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in | 252 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in |
| 217 // value_type1 and value_type_2. | 253 // value_type1 and value_type_2. |
| 218 INSTANTIATE_TEST_CASE_P(InstantiationName, | 254 INSTANTIATE_TEST_CASE_P(InstantiationName, |
| 219 VerifyNameMatchDifferingTypesTest, | 255 VerifyNameMatchDifferingTypesTest, |
| 220 ::testing::Combine(::testing::ValuesIn(kValueTypes), | 256 ::testing::Combine(::testing::ValuesIn(kValueTypes), |
| 221 ::testing::ValuesIn(kValueTypes))); | 257 ::testing::ValuesIn(kValueTypes))); |
| 222 | 258 |
| 223 class VerifyNameMatchUnicodeConversionTest | 259 class VerifyNameMatchUnicodeConversionTest |
| 224 : public ::testing::TestWithParam< | 260 : public ::testing::TestWithParam< |
| 225 ::testing::tuple<const char*, | 261 ::testing::tuple<const char*, |
| (...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 433 std::string a; | 469 std::string a; |
| 434 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a)); | 470 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a)); |
| 435 std::string b; | 471 std::string b; |
| 436 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b)); | 472 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b)); |
| 437 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a), | 473 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a), |
| 438 SequenceValueFromString(&b))); | 474 SequenceValueFromString(&b))); |
| 439 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b), | 475 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b), |
| 440 SequenceValueFromString(&a))); | 476 SequenceValueFromString(&a))); |
| 441 } | 477 } |
| 442 | 478 |
| 479 TEST(VerifyNameInSubtreeInvalidDataTest, FailOnEmptyRdn) { |
| 480 std::string valid; |
| 481 ASSERT_TRUE(LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &valid)); |
| 482 std::string invalid; |
| 483 ASSERT_TRUE(LoadTestData("invalid", "RDN", "empty", &invalid)); |
| 484 // For both |name| and |parent|, a RelativeDistinguishedName must have at |
| 485 // least one AttributeTypeAndValue. |
| 486 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&valid), |
| 487 SequenceValueFromString(&invalid))); |
| 488 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid), |
| 489 SequenceValueFromString(&valid))); |
| 490 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid), |
| 491 SequenceValueFromString(&invalid))); |
| 492 } |
| 493 |
| 494 TEST(VerifyNameInSubtreeTest, EmptyNameMatching) { |
| 495 std::string empty; |
| 496 ASSERT_TRUE(LoadTestData("valid", "Name", "empty", &empty)); |
| 497 std::string non_empty; |
| 498 ASSERT_TRUE( |
| 499 LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &non_empty)); |
| 500 // Empty name is in the subtree defined by empty name. |
| 501 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&empty), |
| 502 SequenceValueFromString(&empty))); |
| 503 // Any non-empty name is in the subtree defined by empty name. |
| 504 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&non_empty), |
| 505 SequenceValueFromString(&empty))); |
| 506 // Empty name is not in the subtree defined by non-empty name. |
| 507 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&empty), |
| 508 SequenceValueFromString(&non_empty))); |
| 509 } |
| 510 |
| 443 } // namespace net | 511 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1214933009:
Class for parsing and evaluating RFC 5280 NameConstraints. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@compare_DN2