Add a function for parsing an RFC 5280 Extension.

net/cert/internal/parse_certificate_unittest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/internal/parse_certificate.h"
 
 #include "base/strings/stringprintf.h"
 #include "net/cert/internal/test_helpers.h"
 #include "net/der/input.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ skipping 308 matching lines @@
   EnsureParsingTbsSucceeds("tbs_validity_generalized_time_and_utc_time.pem",
                            CertificateVersion::V3);
 }
 
 // Parses a TBSCertificate whose "validity" field does not strictly follow
 // the DER rules (and fails to be parsed).
 TEST(ParseTbsCertificateTest, ValidityRelaxed) {
   EnsureParsingTbsFails("tbs_validity_relaxed.pem");
 }
 
+// Reads a PEM file containing a block "EXTENSION". This input will be
+// passed to ParseExtension, and the results filled in |out|.
+bool ParseExtensionFromFile(const std::string& file_name,
+                            ParsedExtension* out) {
+  std::string data;
+
+  const PemBlockMapping mappings[] = {
+      {"EXTENSION", &data},
+  };
+
+  EXPECT_TRUE(ReadTestDataFromPemFile(GetFilePath(file_name), mappings));
+  return ParseExtension(InputFromString(&data), out);
+}
+
+// Parses an Extension whose critical field is true (255).
+TEST(ParseExtensionTest, Critical) {
+  ParsedExtension extension;
+  ASSERT_TRUE(ParseExtensionFromFile("extension_critical.pem", &extension));
+
+  EXPECT_EQ(true, extension.critical);
+
+  const uint8_t kExpectedOid[] = {0x55, 0x1d, 0x13};
+  EXPECT_EQ(der::Input(kExpectedOid), extension.oid);
+
+  const uint8_t kExpectedValue[] = {0x30, 0x00};
+  EXPECT_EQ(der::Input(kExpectedValue), extension.value);
+}
+
+// Parses an Extension whose critical field is false (omitted).
+TEST(ParseExtensionTest, NotCritical) {
+  ParsedExtension extension;
+  ASSERT_TRUE(ParseExtensionFromFile("extension_not_critical.pem", &extension));
+
+  EXPECT_EQ(false, extension.critical);
+
+  const uint8_t kExpectedOid[] = {0x55, 0x1d, 0x13};
+  EXPECT_EQ(der::Input(kExpectedOid), extension.oid);
+
+  const uint8_t kExpectedValue[] = {0x30, 0x00};
+  EXPECT_EQ(der::Input(kExpectedValue), extension.value);
+}
+
+// Parses an Extension whose critical field is 0. This is in one sense FALSE,
+// however because critical has DEFAULT of false this is in fact invalid
+// DER-encoding.
+TEST(ParseExtensionTest, Critical0) {
+  ParsedExtension extension;
+  ASSERT_FALSE(ParseExtensionFromFile("extension_critical_0.pem", &extension));
+}
+
+// Parses an Extension whose critical field is 3. Under DER-encoding BOOLEAN
+// values must an octet of either all zero bits, or all 1 bits, so this is not
+// valid.
+TEST(ParseExtensionTest, Critical3) {
+  ParsedExtension extension;
+  ASSERT_FALSE(ParseExtensionFromFile("extension_critical_3.pem", &extension));
+}
+
 }  // namespace
 
 }  // namespace net