Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(508)

Unified Diff: net/cert/internal/parse_ocsp_unittest.cc

Issue 1541213002: Adding OCSP Parser (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix more null checks. Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/internal/parse_ocsp.cc ('k') | net/cert/internal/signature_algorithm.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/internal/parse_ocsp_unittest.cc
diff --git a/net/cert/internal/parse_ocsp_unittest.cc b/net/cert/internal/parse_ocsp_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..12657e626952b1fb2b38ef93c0f72a6e06e93d75
--- /dev/null
+++ b/net/cert/internal/parse_ocsp_unittest.cc
@@ -0,0 +1,177 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/internal/parse_ocsp.h"
+
+#include "base/files/file_path.h"
+#include "base/logging.h"
+#include "net/base/test_data_directory.h"
+#include "net/cert/internal/test_helpers.h"
+#include "net/cert/x509_certificate.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace net {
+
+namespace {
+
+std::string GetFilePath(const std::string& file_name) {
+ return std::string("net/data/parse_ocsp_unittest/") + file_name;
+}
+
+enum OCSPFailure {
+ OCSP_SUCCESS,
+ PARSE_CERT,
+ PARSE_OCSP,
+ OCSP_NOT_SUCCESSFUL,
+ PARSE_OCSP_DATA,
+ PARSE_OCSP_SINGLE_RESPONSE,
+ VERIFY_OCSP,
+ OCSP_SUCCESS_REVOKED,
+ OCSP_SUCCESS_UNKNOWN,
+};
+
+OCSPFailure ParseOCSP(const std::string& file_name) {
+ std::string ocsp_data;
+ std::string ca_data;
+ std::string cert_data;
+ const PemBlockMapping mappings[] = {
+ {"OCSP RESPONSE", &ocsp_data},
+ {"CA CERTIFICATE", &ca_data},
+ {"CERTIFICATE", &cert_data},
+ };
+
+ if (!ReadTestDataFromPemFile(GetFilePath(file_name), mappings))
+ return PARSE_CERT;
+
+ der::Input ocsp_input(&ocsp_data);
+ der::Input ca_input(&ca_data);
+ der::Input cert_input(&cert_data);
+
+ ParsedCertificate issuer;
+ ParsedCertificate cert;
+ if (!ParseCertificate(ca_input, &issuer))
+ return PARSE_CERT;
+ if (!ParseCertificate(cert_input, &cert))
+ return PARSE_CERT;
+ OCSPResponse parsed_ocsp;
+ OCSPResponseData parsed_ocsp_data;
+ if (!ParseOCSPResponse(ocsp_input, &parsed_ocsp))
+ return PARSE_OCSP;
+ if (parsed_ocsp.status != OCSPResponse::ResponseStatus::SUCCESSFUL)
+ return OCSP_NOT_SUCCESSFUL;
+ if (!ParseOCSPResponseData(parsed_ocsp.data, &parsed_ocsp_data))
+ return PARSE_OCSP_DATA;
+
+ OCSPCertStatus status;
+
+ if (!GetOCSPCertStatus(parsed_ocsp_data, issuer, cert, &status))
+ return PARSE_OCSP_SINGLE_RESPONSE;
+
+ switch (status.status) {
+ case OCSPCertStatus::Status::GOOD:
+ return OCSP_SUCCESS;
+ case OCSPCertStatus::Status::REVOKED:
+ return OCSP_SUCCESS_REVOKED;
+ case OCSPCertStatus::Status::UNKNOWN:
+ return OCSP_SUCCESS_UNKNOWN;
+ }
+
+ return OCSP_SUCCESS_UNKNOWN;
+}
+
+} // namespace
+
+TEST(ParseOCSPTest, OCSPGoodResponse) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("good_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPNoResponse) {
+ ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("no_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPMalformedStatus) {
+ ASSERT_EQ(OCSP_NOT_SUCCESSFUL, ParseOCSP("malformed_status.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPBadStatus) {
+ ASSERT_EQ(PARSE_OCSP, ParseOCSP("bad_status.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPInvalidOCSPOid) {
+ ASSERT_EQ(PARSE_OCSP, ParseOCSP("bad_ocsp_type.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPBadSignature) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("bad_signature.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPDirectSignature) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_direct.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPIndirectSignature) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_indirect.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPMissingIndirectSignature) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_indirect_missing.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPInvalidSignature) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_sign_bad_indirect.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPExtraCerts) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("ocsp_extra_certs.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPIncludesVersion) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_version.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPResponderName) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("responder_name.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPResponderKeyHash) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("responder_id.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPOCSPExtension) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_extension.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPIncludeNextUpdate) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("good_response_next_update.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPRevokedResponse) {
+ ASSERT_EQ(OCSP_SUCCESS_REVOKED, ParseOCSP("revoke_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPRevokedResponseWithReason) {
+ ASSERT_EQ(OCSP_SUCCESS_REVOKED, ParseOCSP("revoke_response_reason.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPUnknownCertStatus) {
+ ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("unknown_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPMultipleCertStatus) {
+ ASSERT_EQ(OCSP_SUCCESS_UNKNOWN, ParseOCSP("multiple_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPWrongCertResponse) {
+ ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("other_response.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPOCSPSingleExtension) {
+ ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem"));
+}
+
+TEST(ParseOCSPTest, OCSPMissingResponse) {
+ ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("missing_response.pem"));
+}
+
+} // namespace net
« no previous file with comments | « net/cert/internal/parse_ocsp.cc ('k') | net/cert/internal/signature_algorithm.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698