Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(307)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/parse_ocsp_unittest.cc

Issue 1541213002: Adding OCSP Parser (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix serial number parsing. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/parse_ocsp.cc ('k') | net/cert/internal/signature_algorithm.h » ('j') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/internal/parse_ocsp.h"
6
7 #include "base/files/file_path.h"
8 #include "base/logging.h"
9 #include "net/base/test_data_directory.h"
10 #include "net/cert/internal/test_helpers.h"
11 #include "net/cert/x509_certificate.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13
14 namespace net {
15
16 namespace {
17
18 std::string GetFilePath(const std::string& file_name) {
19 return std::string("net/data/parse_ocsp_unittest/") + file_name;
20 }
21
22 void ReadOCSPFromFile(const std::string& file_name,
23 std::string* ocsp_data,
24 std::string* ca_data,
25 std::string* cert_data) {
26 const PemBlockMapping mappings[] = {
27 {"OCSP RESPONSE", ocsp_data},
28 {"CA CERTIFICATE", ca_data},
29 {"CERTIFICATE", cert_data},
30 };
31
32 ASSERT_TRUE(ReadTestDataFromPemFile(GetFilePath(file_name), mappings));
33 }
34
35 enum OCSPFailure {
36 PARSE_CERT,
37 PARSE_OCSP,
38 OCSP_NOT_SUCCESSFUL,
39 PARSE_OCSP_DATA,
40 PARSE_OCSP_SINGLE_RESPONSE,
41 VERIFY_OCSP,
42 OCSP_SUCCESS,
43 OCSP_SUCCESS_REVOKED,
44 OCSP_SUCCESS_UNKNOWN,
45 };
46
47 OCSPFailure ParseOCSP(const std::string& file_name) {
48 std::string ocsp_data;
49 std::string ca_data;
50 std::string cert_data;
51 ReadOCSPFromFile(file_name, &ocsp_data, &ca_data, &cert_data);
52 der::Input ocsp_input(&ocsp_data);
53 der::Input ca_input(&ca_data);
54 der::Input cert_input(&cert_data);
55
56 ParsedCertificate issuer;
57 ParsedCertificate cert;
58 if (!ParseCertificate(ca_input, &issuer))
59 return PARSE_CERT;
60 if (!ParseCertificate(cert_input, &cert))
61 return PARSE_CERT;
62 OCSPResponse parsed_ocsp;
63 OCSPResponseData parsed_ocsp_data;
64 if (!ParseOCSPResponse(ocsp_input, &parsed_ocsp))
65 return PARSE_OCSP;
66 if (parsed_ocsp.status != OCSPResponse::ResponseStatus::SUCCESSFUL)
67 return OCSP_NOT_SUCCESSFUL;
68 if (!ParseOCSPResponseData(parsed_ocsp.data, &parsed_ocsp_data))
69 return PARSE_OCSP_DATA;
70 if (!VerifyOCSPResponse(&parsed_ocsp, &issuer))
71 return VERIFY_OCSP;
72
73 OCSPCertStatus status;
74
75 if (!GetOCSPCertStatus(&parsed_ocsp_data, &issuer, &cert, &status))
76 return PARSE_OCSP_SINGLE_RESPONSE;
77
78 switch (status.status) {
79 case OCSPCertStatus::Status::GOOD:
80 return OCSP_SUCCESS;
81 case OCSPCertStatus::Status::REVOKED:
82 return OCSP_SUCCESS_REVOKED;
83 case OCSPCertStatus::Status::UNKNOWN:
84 return OCSP_SUCCESS_UNKNOWN;
85 }
86 }
87
88 } // namespace
89
90 TEST(ParseOCSPTest, OCSPGoodResponse) {
91 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("good_response.pem"));
92 }
93
94 TEST(ParseOCSPTest, OCSPNoResponse) {
95 ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("no_response.pem"));
96 }
97
98 TEST(ParseOCSPTest, OCSPMalformedResponse) {
99 ASSERT_EQ(OCSP_NOT_SUCCESSFUL, ParseOCSP("malformed.pem"));
100 }
101
102 TEST(ParseOCSPTest, OCSPBadStatus) {
103 ASSERT_EQ(PARSE_OCSP, ParseOCSP("bad_status.pem"));
104 }
105
106 TEST(ParseOCSPTest, OCSPInvalidOCSPOid) {
107 ASSERT_EQ(PARSE_OCSP, ParseOCSP("bad_ocsp_type.pem"));
108 }
109
110 TEST(ParseOCSPTest, OCSPBadSignature) {
111 ASSERT_EQ(VERIFY_OCSP, ParseOCSP("bad_signature.pem"));
112 }
113
114 TEST(ParseOCSPTest, OCSPDirectSignature) {
115 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_direct.pem"));
116 }
117
118 TEST(ParseOCSPTest, OCSPIndirectSignature) {
119 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_indirect.pem"));
120 }
121
122 TEST(ParseOCSPTest, OCSPMissingIndirectSignature) {
123 ASSERT_EQ(VERIFY_OCSP, ParseOCSP("ocsp_sign_indirect_missing.pem"));
124 }
125
126 TEST(ParseOCSPTest, OCSPInvalidSignature) {
127 ASSERT_EQ(VERIFY_OCSP, ParseOCSP("ocsp_sign_bad_indirect.pem"));
128 }
129
130 TEST(ParseOCSPTest, OCSPExtraCerts) {
131 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_extra_certs.pem"));
132 }
133
134 TEST(ParseOCSPTest, OCSPIncludesVersion) {
135 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_version.pem"));
136 }
137
138 TEST(ParseOCSPTest, OCSPResponderName) {
139 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("responder_name.pem"));
140 }
141
142 TEST(ParseOCSPTest, OCSPResponderKeyHash) {
143 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("responder_id.pem"));
144 }
145
146 TEST(ParseOCSPTest, OCSPOCSPExtension) {
147 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_extension.pem"));
148 }
149
150 TEST(ParseOCSPTest, OCSPIncludeNextUpdate) {
151 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("good_response_next_update.pem"));
152 }
153
154 TEST(ParseOCSPTest, OCSPRevokedResponse) {
155 ASSERT_EQ(OCSP_SUCCESS_REVOKED, ParseOCSP("revoke_response.pem"));
156 }
157
158 TEST(ParseOCSPTest, OCSPRevokedResponseWithReason) {
159 ASSERT_EQ(OCSP_SUCCESS_REVOKED, ParseOCSP("revoke_response_reason.pem"));
160 }
161
162 TEST(ParseOCSPTest, OCSPUnknownCertStatus) {
163 ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("unknown_response.pem"));
164 }
165
166 TEST(ParseOCSPTest, OCSPMultipleCertStatus) {
167 ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("multiple_response.pem"));
168 }
169
170 TEST(ParseOCSPTest, OCSPWrongCertResponse) {
171 ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("other_response.pem"));
172 }
173
174 TEST(ParseOCSPTest, OCSPOCSPSingleExtension) {
175 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem"));
176 }
177
178 TEST(ParseOCSPTest, OCSPMissingResponse) {
179 ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("missing_response.pem"));
180 }
181
182 } // namespace net
OLDNEW
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/parse_ocsp.cc ('k') | net/cert/internal/signature_algorithm.h » ('j') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698