| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/verify_name_match.h" | 5 #include "net/cert/internal/verify_name_match.h" |
| 6 | 6 |
| 7 #include "base/strings/string_number_conversions.h" | 7 #include "base/strings/string_number_conversions.h" |
| 8 #include "base/strings/string_util.h" | 8 #include "base/strings/string_util.h" |
| 9 #include "net/cert/internal/test_helpers.h" | 9 #include "net/cert/internal/test_helpers.h" |
| 10 #include "net/der/input.h" | |
| 11 #include "net/der/parser.h" | |
| 12 #include "testing/gtest/include/gtest/gtest.h" | 10 #include "testing/gtest/include/gtest/gtest.h" |
| 13 | 11 |
| 14 namespace net { | 12 namespace net { |
| 15 namespace { | 13 namespace { |
| 16 | 14 |
| 17 der::Input SequenceValueFromString(const std::string* s) { | |
| 18 der::Parser parser(InputFromString(s)); | |
| 19 der::Input data; | |
| 20 if (!parser.ReadTag(der::kSequence, &data)) { | |
| 21 ADD_FAILURE(); | |
| 22 return der::Input(); | |
| 23 } | |
| 24 if (parser.HasMore()) { | |
| 25 ADD_FAILURE(); | |
| 26 return der::Input(); | |
| 27 } | |
| 28 return data; | |
| 29 } | |
| 30 | |
| 31 // Loads test data from file. The filename is constructed from the parameters: | 15 // Loads test data from file. The filename is constructed from the parameters: |
| 32 // |prefix| describes the type of data being tested, e.g. "ascii", | 16 // |prefix| describes the type of data being tested, e.g. "ascii", |
| 33 // "unicode_bmp", "unicode_supplementary", and "invalid". | 17 // "unicode_bmp", "unicode_supplementary", and "invalid". |
| 34 // |value_type| indicates what ASN.1 type is used to encode the data. | 18 // |value_type| indicates what ASN.1 type is used to encode the data. |
| 35 // |suffix| indicates any additional modifications, such as caseswapping, | 19 // |suffix| indicates any additional modifications, such as caseswapping, |
| 36 // whitespace adding, etc. | 20 // whitespace adding, etc. |
| 37 ::testing::AssertionResult LoadTestData(const std::string& prefix, | 21 ::testing::AssertionResult LoadTestData(const std::string& prefix, |
| 38 const std::string& value_type, | 22 const std::string& value_type, |
| 39 const std::string& suffix, | 23 const std::string& suffix, |
| 40 std::string* result) { | 24 std::string* result) { |
| (...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 225 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); | 209 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); |
| 226 if (TypesAreComparable(value_type_1(), value_type_2())) { | 210 if (TypesAreComparable(value_type_1(), value_type_2())) { |
| 227 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1), | 211 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&der_1), |
| 228 SequenceValueFromString(&der_2))); | 212 SequenceValueFromString(&der_2))); |
| 229 } else { | 213 } else { |
| 230 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1), | 214 EXPECT_FALSE(VerifyNameMatch(SequenceValueFromString(&der_1), |
| 231 SequenceValueFromString(&der_2))); | 215 SequenceValueFromString(&der_2))); |
| 232 } | 216 } |
| 233 } | 217 } |
| 234 | 218 |
| 219 TEST_P(VerifyNameMatchDifferingTypesTest, NormalizableTypesInSubtrees) { |
| 220 std::string der_1; |
| 221 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled", &der_1)); |
| 222 std::string der_1_extra_rdn; |
| 223 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_rdn", |
| 224 &der_1_extra_rdn)); |
| 225 std::string der_1_extra_attr; |
| 226 ASSERT_TRUE(LoadTestData("ascii", value_type_1(), "unmangled-extra_attr", |
| 227 &der_1_extra_attr)); |
| 228 std::string der_2; |
| 229 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled", &der_2)); |
| 230 std::string der_2_extra_rdn; |
| 231 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_rdn", |
| 232 &der_2_extra_rdn)); |
| 233 std::string der_2_extra_attr; |
| 234 ASSERT_TRUE(LoadTestData("ascii", value_type_2(), "unmangled-extra_attr", |
| 235 &der_2_extra_attr)); |
| 236 |
| 237 if (TypesAreComparable(value_type_1(), value_type_2())) { |
| 238 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 239 SequenceValueFromString(&der_2))); |
| 240 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 241 SequenceValueFromString(&der_1))); |
| 242 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn), |
| 243 SequenceValueFromString(&der_2))); |
| 244 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn), |
| 245 SequenceValueFromString(&der_1))); |
| 246 } else { |
| 247 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 248 SequenceValueFromString(&der_2))); |
| 249 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 250 SequenceValueFromString(&der_1))); |
| 251 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_rdn), |
| 252 SequenceValueFromString(&der_2))); |
| 253 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_rdn), |
| 254 SequenceValueFromString(&der_1))); |
| 255 } |
| 256 |
| 257 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 258 SequenceValueFromString(&der_2_extra_rdn))); |
| 259 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 260 SequenceValueFromString(&der_1_extra_rdn))); |
| 261 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1_extra_attr), |
| 262 SequenceValueFromString(&der_2))); |
| 263 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2_extra_attr), |
| 264 SequenceValueFromString(&der_1))); |
| 265 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_1), |
| 266 SequenceValueFromString(&der_2_extra_attr))); |
| 267 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&der_2), |
| 268 SequenceValueFromString(&der_1_extra_attr))); |
| 269 } |
| 270 |
| 235 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in | 271 // Runs VerifyNameMatchDifferingTypesTest for all combinations of value types in |
| 236 // value_type1 and value_type_2. | 272 // value_type1 and value_type_2. |
| 237 INSTANTIATE_TEST_CASE_P(InstantiationName, | 273 INSTANTIATE_TEST_CASE_P(InstantiationName, |
| 238 VerifyNameMatchDifferingTypesTest, | 274 VerifyNameMatchDifferingTypesTest, |
| 239 ::testing::Combine(::testing::ValuesIn(kValueTypes), | 275 ::testing::Combine(::testing::ValuesIn(kValueTypes), |
| 240 ::testing::ValuesIn(kValueTypes))); | 276 ::testing::ValuesIn(kValueTypes))); |
| 241 | 277 |
| 242 class VerifyNameMatchUnicodeConversionTest | 278 class VerifyNameMatchUnicodeConversionTest |
| 243 : public ::testing::TestWithParam< | 279 : public ::testing::TestWithParam< |
| 244 ::testing::tuple<const char*, | 280 ::testing::tuple<const char*, |
| (...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 452 std::string a; | 488 std::string a; |
| 453 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a)); | 489 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_1", &a)); |
| 454 std::string b; | 490 std::string b; |
| 455 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b)); | 491 ASSERT_TRUE(LoadTestData("ascii", "mixed", "rdn_dupetype_sorting_2", &b)); |
| 456 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a), | 492 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&a), |
| 457 SequenceValueFromString(&b))); | 493 SequenceValueFromString(&b))); |
| 458 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b), | 494 EXPECT_TRUE(VerifyNameMatch(SequenceValueFromString(&b), |
| 459 SequenceValueFromString(&a))); | 495 SequenceValueFromString(&a))); |
| 460 } | 496 } |
| 461 | 497 |
| 498 TEST(VerifyNameInSubtreeInvalidDataTest, FailOnEmptyRdn) { |
| 499 std::string valid; |
| 500 ASSERT_TRUE(LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &valid)); |
| 501 std::string invalid; |
| 502 ASSERT_TRUE(LoadTestData("invalid", "RDN", "empty", &invalid)); |
| 503 // For both |name| and |parent|, a RelativeDistinguishedName must have at |
| 504 // least one AttributeTypeAndValue. |
| 505 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&valid), |
| 506 SequenceValueFromString(&invalid))); |
| 507 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid), |
| 508 SequenceValueFromString(&valid))); |
| 509 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&invalid), |
| 510 SequenceValueFromString(&invalid))); |
| 511 } |
| 512 |
| 513 TEST(VerifyNameInSubtreeTest, EmptyNameMatching) { |
| 514 std::string empty; |
| 515 ASSERT_TRUE(LoadTestData("valid", "Name", "empty", &empty)); |
| 516 std::string non_empty; |
| 517 ASSERT_TRUE( |
| 518 LoadTestData("ascii", "PRINTABLESTRING", "unmangled", &non_empty)); |
| 519 // Empty name is in the subtree defined by empty name. |
| 520 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&empty), |
| 521 SequenceValueFromString(&empty))); |
| 522 // Any non-empty name is in the subtree defined by empty name. |
| 523 EXPECT_TRUE(VerifyNameInSubtree(SequenceValueFromString(&non_empty), |
| 524 SequenceValueFromString(&empty))); |
| 525 // Empty name is not in the subtree defined by non-empty name. |
| 526 EXPECT_FALSE(VerifyNameInSubtree(SequenceValueFromString(&empty), |
| 527 SequenceValueFromString(&non_empty))); |
| 528 } |
| 529 |
| 462 } // namespace net | 530 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1214933009:
Class for parsing and evaluating RFC 5280 NameConstraints. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@compare_DN2