Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(399)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/internal/parse_certificate_unittest.cc

Issue 1285593003: Add parsing code for TBSCertificate's "validity" field. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert_parsing
Patch Set: rebase Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/internal/parse_certificate.cc ('k') | net/data/parse_certificate_unittest/tbs_explicit_v1.pem » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/internal/parse_certificate_unittest.cc
diff --git a/net/cert/internal/parse_certificate_unittest.cc b/net/cert/internal/parse_certificate_unittest.cc
index f6c047b9604e64e5f5bf19582c5b50afbc4d6dd2..7089d458e04169ddbed9c2d69dd5a108c3c99867 100644
--- a/net/cert/internal/parse_certificate_unittest.cc
+++ b/net/cert/internal/parse_certificate_unittest.cc
@@ -4,6 +4,7 @@
#include "net/cert/internal/parse_certificate.h"
+#include "base/strings/stringprintf.h"
#include "net/cert/internal/test_helpers.h"
#include "net/der/input.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -12,6 +13,15 @@ namespace net {
namespace {
+// Pretty-prints a GeneralizedTime as a human-readable string for use in test
+// expectations (it is more readable to specify the expected results as a
+// string).
+std::string ToString(const der::GeneralizedTime& time) {
+ return base::StringPrintf(
+ "year=%d, month=%d, day=%d, hours=%d, minutes=%d, seconds=%d", time.year,
+ time.month, time.day, time.hours, time.minutes, time.seconds);
+}
+
std::string GetFilePath(const std::string file_name) {
return std::string("net/data/parse_certificate_unittest/") + file_name;
}
@@ -117,7 +127,8 @@ void EnsureParsingTbsSucceeds(const std::string& file_name,
std::string expected_serial_number;
std::string expected_signature_algorithm;
std::string expected_issuer;
- std::string expected_validity;
+ std::string expected_validity_not_before;
+ std::string expected_validity_not_after;
std::string expected_subject;
std::string expected_spki;
std::string expected_issuer_unique_id;
@@ -130,7 +141,8 @@ void EnsureParsingTbsSucceeds(const std::string& file_name,
{"SIGNATURE ALGORITHM", &expected_signature_algorithm},
{"SERIAL NUMBER", &expected_serial_number},
{"ISSUER", &expected_issuer},
- {"VALIDITY", &expected_validity},
+ {"VALIDITY NOTBEFORE", &expected_validity_not_before},
+ {"VALIDITY NOTAFTER", &expected_validity_not_after},
{"SUBJECT", &expected_subject},
{"SPKI", &expected_spki},
{"ISSUER UNIQUE ID", &expected_issuer_unique_id, true},
@@ -151,7 +163,12 @@ void EnsureParsingTbsSucceeds(const std::string& file_name,
parsed.signature_algorithm_tlv);
EXPECT_EQ(InputFromString(&expected_issuer), parsed.issuer_tlv);
- EXPECT_EQ(InputFromString(&expected_validity), parsed.validity_tlv);
+
+ // In the test expectations PEM file, validity is described as a
+ // textual string of the parsed value (rather than as DER).
+ EXPECT_EQ(expected_validity_not_before, ToString(parsed.validity_not_before));
+ EXPECT_EQ(expected_validity_not_after, ToString(parsed.validity_not_after));
+
EXPECT_EQ(InputFromString(&expected_subject), parsed.subject_tlv);
EXPECT_EQ(InputFromString(&expected_spki), parsed.spki_tlv);
@@ -274,6 +291,41 @@ TEST(ParseTbsCertificateTest, Version3Real) {
EnsureParsingTbsSucceeds("tbs_v3_real.pem", CertificateVersion::V3);
}
+// Parses a TBSCertificate whose "validity" field expresses both notBefore
+// and notAfter using UTCTime.
+TEST(ParseTbsCertificateTest, ValidityBothUtcTime) {
+ EnsureParsingTbsSucceeds("tbs_validity_both_utc_time.pem",
+ CertificateVersion::V3);
+}
+
+// Parses a TBSCertificate whose "validity" field expresses both notBefore
+// and notAfter using GeneralizedTime.
+TEST(ParseTbsCertificateTest, ValidityBothGeneralizedTime) {
+ EnsureParsingTbsSucceeds("tbs_validity_both_generalized_time.pem",
+ CertificateVersion::V3);
+}
+
+// Parses a TBSCertificate whose "validity" field expresses notBefore using
+// UTCTime and notAfter using GeneralizedTime.
+TEST(ParseTbsCertificateTest, ValidityUTCTimeAndGeneralizedTime) {
+ EnsureParsingTbsSucceeds("tbs_validity_utc_time_and_generalized_time.pem",
+ CertificateVersion::V3);
+}
+
+// Parses a TBSCertificate whose validity" field expresses notBefore using
+// GeneralizedTime and notAfter using UTCTime. Also of interest, notBefore >
+// notAfter. Parsing will succeed, however no time can satisfy this constraint.
+TEST(ParseTbsCertificateTest, ValidityGeneralizedTimeAndUTCTime) {
+ EnsureParsingTbsSucceeds("tbs_validity_generalized_time_and_utc_time.pem",
+ CertificateVersion::V3);
+}
+
+// Parses a TBSCertificate whose "validity" field does not strictly follow
+// the DER rules (and fails to be parsed).
+TEST(ParseTbsCertificateTest, ValidityRelaxed) {
+ EnsureParsingTbsFails("tbs_validity_relaxed.pem");
+}
+
} // namespace
} // namespace net
« no previous file with comments | « net/cert/internal/parse_certificate.cc ('k') | net/data/parse_certificate_unittest/tbs_explicit_v1.pem » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698