| Index: net/cert/internal/name_constraints_unittest.cc
|
| diff --git a/net/cert/internal/name_constraints_unittest.cc b/net/cert/internal/name_constraints_unittest.cc
|
| index f79d7c352781f5e6d93d2cd561cf20bfed733033..8b550f7fc948188ec347e00d7b3c03fac6ee2761 100644
|
| --- a/net/cert/internal/name_constraints_unittest.cc
|
| +++ b/net/cert/internal/name_constraints_unittest.cc
|
| @@ -56,7 +56,7 @@ TEST_P(ParseNameConstraints, DNSNames) {
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| EXPECT_TRUE(name_constraints->IsPermittedDNSName("permitted.example.com"));
|
| @@ -123,19 +123,19 @@ TEST_P(ParseNameConstraints, DNSNames) {
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-permitted.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-dnsname.pem", &san));
|
| EXPECT_FALSE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-directoryname.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-ipaddress.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints,
|
| @@ -143,7 +143,7 @@ TEST_P(ParseNameConstraints,
|
| std::string a;
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname2.pem", &a));
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // Matches permitted exactly.
|
| @@ -173,7 +173,7 @@ TEST_P(ParseNameConstraints, DNSNamesWithLeadingDot) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("dnsname-permitted_with_leading_dot.pem", &a));
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // dNSName constraints should be specified as a host. A dNSName constraint
|
| @@ -190,7 +190,7 @@ TEST_P(ParseNameConstraints, DNSNamesExcludeOnly) {
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-excluded.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // Only "excluded.permitted.example.com" is excluded, but since no dNSNames
|
| @@ -209,7 +209,7 @@ TEST_P(ParseNameConstraints, DNSNamesExcludeAll) {
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-excludeall.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // "permitted.example.com" is in the permitted section, but since "" is
|
| @@ -226,7 +226,7 @@ TEST_P(ParseNameConstraints, DNSNamesExcludeDot) {
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-exclude_dot.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // "." is excluded, which should match nothing.
|
| @@ -244,8 +244,7 @@ TEST_P(ParseNameConstraints, DNSNamesFailOnInvalidIA5String) {
|
| ASSERT_NE(std::string::npos, replace_location);
|
| a.replace(replace_location, 1, 1, -1);
|
|
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, DirectoryNames) {
|
| @@ -271,7 +270,7 @@ TEST_P(ParseNameConstraints, DirectoryNames) {
|
| ASSERT_TRUE(LoadTestName("name-ca.pem", &name_ca));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // Not in any permitted subtree.
|
| @@ -317,19 +316,19 @@ TEST_P(ParseNameConstraints, DirectoryNames) {
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-permitted.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-dnsname.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-directoryname.pem", &san));
|
| EXPECT_FALSE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-ipaddress.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, DirectoryNamesExcludeOnly) {
|
| @@ -337,7 +336,7 @@ TEST_P(ParseNameConstraints, DirectoryNamesExcludeOnly) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("directoryname-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_empty;
|
| @@ -367,7 +366,7 @@ TEST_P(ParseNameConstraints, DirectoryNamesExcludeAll) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("directoryname-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_empty;
|
| @@ -399,7 +398,7 @@ TEST_P(ParseNameConstraints, IPAdresses) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // IPv4 tests:
|
| @@ -545,19 +544,19 @@ TEST_P(ParseNameConstraints, IPAdresses) {
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-permitted.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-dnsname.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-directoryname.pem", &san));
|
| EXPECT_TRUE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
|
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-excluded-ipaddress.pem", &san));
|
| EXPECT_FALSE(
|
| - name_constraints->IsPermittedCert(der::Input(), InputFromString(&san)));
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, IPAdressesExcludeOnly) {
|
| @@ -565,7 +564,7 @@ TEST_P(ParseNameConstraints, IPAdressesExcludeOnly) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-excluded.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // Only 192.168.5.0/255.255.255.0 is excluded, but since no iPAddresses
|
| @@ -592,7 +591,7 @@ TEST_P(ParseNameConstraints, IPAdressesExcludeAll) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-excludeall.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| // 192.168.0.0/255.255.0.0 and
|
| @@ -625,7 +624,7 @@ TEST_P(ParseNameConstraints, IPAdressesNetmaskPermitSingleHost) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-permit_singlehost.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| {
|
| @@ -665,7 +664,7 @@ TEST_P(ParseNameConstraints, IPAdressesNetmaskPermitPrefixLen31) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-permit_prefix31.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| {
|
| @@ -710,7 +709,7 @@ TEST_P(ParseNameConstraints, IPAdressesNetmaskPermitPrefixLen1) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-permit_prefix1.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| {
|
| @@ -740,7 +739,7 @@ TEST_P(ParseNameConstraints, IPAdressesNetmaskPermitAll) {
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-permit_all.pem", &a));
|
|
|
| scoped_ptr<NameConstraints> name_constraints(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| {
|
| @@ -764,31 +763,26 @@ TEST_P(ParseNameConstraints, IPAdressesFailOnInvalidAddr) {
|
| std::string a;
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress-invalid_addr.pem", &a));
|
|
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, IPAdressesFailOnInvalidMaskNotContiguous) {
|
| std::string a;
|
| ASSERT_TRUE(LoadTestNameConstraint(
|
| "ipaddress-invalid_mask_not_contiguous_1.pem", &a));
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
|
|
| ASSERT_TRUE(LoadTestNameConstraint(
|
| "ipaddress-invalid_mask_not_contiguous_2.pem", &a));
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
|
|
| ASSERT_TRUE(LoadTestNameConstraint(
|
| "ipaddress-invalid_mask_not_contiguous_3.pem", &a));
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
|
|
| ASSERT_TRUE(LoadTestNameConstraint(
|
| "ipaddress-invalid_mask_not_contiguous_4.pem", &a));
|
| - EXPECT_FALSE(
|
| - NameConstraints::CreateFromDer(InputFromString(&a), is_critical()));
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&a), is_critical()));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, OtherNamesInPermitted) {
|
| @@ -796,7 +790,7 @@ TEST_P(ParseNameConstraints, OtherNamesInPermitted) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("othername-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -808,8 +802,8 @@ TEST_P(ParseNameConstraints, OtherNamesInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-othername.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, OtherNamesInExcluded) {
|
| @@ -817,7 +811,7 @@ TEST_P(ParseNameConstraints, OtherNamesInExcluded) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("othername-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -829,8 +823,8 @@ TEST_P(ParseNameConstraints, OtherNamesInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-othername.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, Rfc822NamesInPermitted) {
|
| @@ -838,7 +832,7 @@ TEST_P(ParseNameConstraints, Rfc822NamesInPermitted) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("rfc822name-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -850,8 +844,8 @@ TEST_P(ParseNameConstraints, Rfc822NamesInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-rfc822name.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, Rfc822NamesInExcluded) {
|
| @@ -859,7 +853,7 @@ TEST_P(ParseNameConstraints, Rfc822NamesInExcluded) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("rfc822name-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -871,8 +865,8 @@ TEST_P(ParseNameConstraints, Rfc822NamesInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-rfc822name.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, X400AddresssInPermitted) {
|
| @@ -880,7 +874,7 @@ TEST_P(ParseNameConstraints, X400AddresssInPermitted) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("x400address-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -892,8 +886,8 @@ TEST_P(ParseNameConstraints, X400AddresssInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-x400address.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, X400AddresssInExcluded) {
|
| @@ -901,7 +895,7 @@ TEST_P(ParseNameConstraints, X400AddresssInExcluded) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("x400address-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -913,8 +907,8 @@ TEST_P(ParseNameConstraints, X400AddresssInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-x400address.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, EdiPartyNamesInPermitted) {
|
| @@ -922,7 +916,7 @@ TEST_P(ParseNameConstraints, EdiPartyNamesInPermitted) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("edipartyname-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -934,8 +928,8 @@ TEST_P(ParseNameConstraints, EdiPartyNamesInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-edipartyname.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, EdiPartyNamesInExcluded) {
|
| @@ -943,7 +937,7 @@ TEST_P(ParseNameConstraints, EdiPartyNamesInExcluded) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("edipartyname-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -955,15 +949,15 @@ TEST_P(ParseNameConstraints, EdiPartyNamesInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-edipartyname.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, URIsInPermitted) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("uri-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -975,15 +969,15 @@ TEST_P(ParseNameConstraints, URIsInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-uri.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, URIsInExcluded) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("uri-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -995,8 +989,8 @@ TEST_P(ParseNameConstraints, URIsInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-uri.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, RegisteredIDsInPermitted) {
|
| @@ -1004,7 +998,7 @@ TEST_P(ParseNameConstraints, RegisteredIDsInPermitted) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("registeredid-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -1016,8 +1010,8 @@ TEST_P(ParseNameConstraints, RegisteredIDsInPermitted) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-registeredid.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, RegisteredIDsInExcluded) {
|
| @@ -1025,7 +1019,7 @@ TEST_P(ParseNameConstraints, RegisteredIDsInExcluded) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("registeredid-excluded.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| if (is_critical()) {
|
| @@ -1037,8 +1031,8 @@ TEST_P(ParseNameConstraints, RegisteredIDsInExcluded) {
|
|
|
| std::string san;
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-registeredid.pem", &san));
|
| - EXPECT_EQ(!is_critical(), name_constraints->IsPermittedCert(
|
| - der::Input(), InputFromString(&san)));
|
| + EXPECT_EQ(!is_critical(),
|
| + name_constraints->IsPermittedCert(der::Input(), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints,
|
| @@ -1049,7 +1043,7 @@ TEST_P(ParseNameConstraints,
|
| // The value should not be in the DER encoding if it is the default. But this
|
| // could be changed to allowed if there are buggy encoders out there that
|
| // include it anyway.
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1057,7 +1051,7 @@ TEST_P(ParseNameConstraints, FailsOnGeneralSubtreeWithMinimum) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("dnsname-with_min_1.pem", &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1066,7 +1060,7 @@ TEST_P(ParseNameConstraints,
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_min_0_and_max.pem",
|
| &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1074,20 +1068,20 @@ TEST_P(ParseNameConstraints, FailsOnGeneralSubtreeWithMinimumAndMaximum) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_min_1_and_max.pem",
|
| &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, FailsOnGeneralSubtreeWithMaximum) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname-with_max.pem", &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, FailsOnEmptyExtensionValue) {
|
| std::string constraints_der = "";
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1095,7 +1089,7 @@ TEST_P(ParseNameConstraints, FailsOnNoPermittedAndExcluded) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("invalid-no_subtrees.pem", &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1103,7 +1097,7 @@ TEST_P(ParseNameConstraints, FailsOnEmptyPermitted) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("invalid-empty_permitted_subtree.pem",
|
| &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1111,7 +1105,7 @@ TEST_P(ParseNameConstraints, FailsOnEmptyExcluded) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("invalid-empty_excluded_subtree.pem",
|
| &constraints_der));
|
| - EXPECT_FALSE(NameConstraints::CreateFromDer(InputFromString(&constraints_der),
|
| + EXPECT_FALSE(NameConstraints::CreateFromDer(der::Input(&constraints_der),
|
| is_critical()));
|
| }
|
|
|
| @@ -1119,7 +1113,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertSubjectEmailAddressIsOk) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("directoryname.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_arizona_email;
|
| @@ -1137,7 +1131,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertSubjectEmailAddressIsNotOk) {
|
| ASSERT_TRUE(
|
| LoadTestNameConstraint("rfc822name-permitted.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_arizona_email;
|
| @@ -1159,7 +1153,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertSubjectDnsNames) {
|
| ASSERT_TRUE(LoadTestNameConstraint("directoryname_and_dnsname.pem",
|
| &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_az_foocom;
|
| @@ -1197,7 +1191,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertSubjectIpAddresses) {
|
| ASSERT_TRUE(LoadTestNameConstraint(
|
| "directoryname_and_dnsname_and_ipaddress.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_az_1_1_1_1;
|
| @@ -1239,7 +1233,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertFailsOnEmptySubjectAltName) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("dnsname.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_az;
|
| @@ -1254,14 +1248,14 @@ TEST_P(ParseNameConstraints, IsPermittedCertFailsOnEmptySubjectAltName) {
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-invalid-empty.pem", &san));
|
| // Should fail if subjectAltName is present but empty.
|
| EXPECT_FALSE(name_constraints->IsPermittedCert(
|
| - SequenceValueFromString(&name_us_az), InputFromString(&san)));
|
| + SequenceValueFromString(&name_us_az), der::Input(&san)));
|
| }
|
|
|
| TEST_P(ParseNameConstraints, IsPermittedCertFailsOnInvalidIpInSubjectAltName) {
|
| std::string constraints_der;
|
| ASSERT_TRUE(LoadTestNameConstraint("ipaddress.pem", &constraints_der));
|
| scoped_ptr<NameConstraints> name_constraints(NameConstraints::CreateFromDer(
|
| - InputFromString(&constraints_der), is_critical()));
|
| + der::Input(&constraints_der), is_critical()));
|
| ASSERT_TRUE(name_constraints);
|
|
|
| std::string name_us_az_192_168_1_1;
|
| @@ -1276,7 +1270,7 @@ TEST_P(ParseNameConstraints, IsPermittedCertFailsOnInvalidIpInSubjectAltName) {
|
| ASSERT_TRUE(LoadTestSubjectAltName("san-invalid-ipaddress.pem", &san));
|
| // Should fail if subjectAltName contains an invalid ip address.
|
| EXPECT_FALSE(name_constraints->IsPermittedCert(
|
| - SequenceValueFromString(&name_us_az_192_168_1_1), InputFromString(&san)));
|
| + SequenceValueFromString(&name_us_az_192_168_1_1), der::Input(&san)));
|
| }
|
|
|
| } // namespace net
|
|
|
Chromium Code Reviews
Issue 1573243011:
Refactor der::Input helper methods into new constructors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master