Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(277)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_signed_data_unittest.cc

Issue 1882433002: Removing NSS files and USE_OPENSSL flag (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase. Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/verify_signed_data.cc ('k') | net/cert/jwk_serializer_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_signed_data.h" 5 #include "net/cert/internal/verify_signed_data.h"
6 6
7 #include <memory> 7 #include <memory>
8 #include <set> 8 #include <set>
9 9
10 #include "net/cert/internal/signature_algorithm.h" 10 #include "net/cert/internal/signature_algorithm.h"
11 #include "net/cert/internal/signature_policy.h" 11 #include "net/cert/internal/signature_policy.h"
12 #include "net/cert/internal/test_helpers.h" 12 #include "net/cert/internal/test_helpers.h"
13 #include "net/der/input.h" 13 #include "net/der/input.h"
14 #include "net/der/parse_values.h" 14 #include "net/der/parse_values.h"
15 #include "net/der/parser.h" 15 #include "net/der/parser.h"
16 #include "testing/gtest/include/gtest/gtest.h" 16 #include "testing/gtest/include/gtest/gtest.h"
17 17
18 #if defined(USE_OPENSSL)
19 #include <openssl/obj.h> 18 #include <openssl/obj.h>
20 #endif
21 19
22 namespace net { 20 namespace net {
23 21
24 namespace { 22 namespace {
25 23
26 enum VerifyResult { 24 enum VerifyResult {
27 SUCCESS, 25 SUCCESS,
28 FAILURE, 26 FAILURE,
29 }; 27 };
30 28
31 // Reads test data from |file_name| and runs VerifySignedData() over its 29 // Reads test data from |file_name| and runs VerifySignedData() over its
32 // inputs, using |policy|. 30 // inputs, using |policy|.
33 // 31 //
34 // If expected_result was SUCCESS then the test will only succeed if 32 // If expected_result was SUCCESS then the test will only succeed if
35 // VerifySignedData() returns true. 33 // VerifySignedData() returns true.
36 // 34 //
37 // If expected_result was FAILURE then the test will only succeed if 35 // If expected_result was FAILURE then the test will only succeed if
38 // VerifySignedData() returns false. 36 // VerifySignedData() returns false.
39 void RunTestCaseUsingPolicy(VerifyResult expected_result, 37 void RunTestCaseUsingPolicy(VerifyResult expected_result,
40 const char* file_name, 38 const char* file_name,
41 const SignaturePolicy* policy) { 39 const SignaturePolicy* policy) {
42 #if !defined(USE_OPENSSL)
43 LOG(INFO) << "Skipping test, only implemented for BoringSSL";
44 return;
45 #endif
46
47 std::string path = 40 std::string path =
48 std::string("net/data/verify_signed_data_unittest/") + file_name; 41 std::string("net/data/verify_signed_data_unittest/") + file_name;
49 42
50 std::string public_key; 43 std::string public_key;
51 std::string algorithm; 44 std::string algorithm;
52 std::string signed_data; 45 std::string signed_data;
53 std::string signature_value; 46 std::string signature_value;
54 47
55 const PemBlockMapping mappings[] = { 48 const PemBlockMapping mappings[] = {
56 {"PUBLIC KEY", &public_key}, 49 {"PUBLIC KEY", &public_key},
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after
216 } 209 }
217 210
218 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UnusedBitsSignature) { 211 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UnusedBitsSignature) {
219 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-unused-bits-signature.pem"); 212 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-unused-bits-signature.pem");
220 } 213 }
221 214
222 // This policy rejects specifically secp384r1 curves. 215 // This policy rejects specifically secp384r1 curves.
223 class RejectSecp384r1Policy : public SignaturePolicy { 216 class RejectSecp384r1Policy : public SignaturePolicy {
224 public: 217 public:
225 bool IsAcceptableCurveForEcdsa(int curve_nid) const override { 218 bool IsAcceptableCurveForEcdsa(int curve_nid) const override {
226 #if defined(USE_OPENSSL)
227 if (curve_nid == NID_secp384r1) 219 if (curve_nid == NID_secp384r1)
228 return false; 220 return false;
229 #endif
230 return true; 221 return true;
231 } 222 }
232 }; 223 };
233 224
234 TEST(VerifySignedDataTest, PolicyIsAcceptableCurveForEcdsa) { 225 TEST(VerifySignedDataTest, PolicyIsAcceptableCurveForEcdsa) {
235 // Using the regular policy both secp384r1 and secp256r1 should be accepted. 226 // Using the regular policy both secp384r1 and secp256r1 should be accepted.
236 RunTestCase(SUCCESS, "ecdsa-secp384r1-sha256.pem"); 227 RunTestCase(SUCCESS, "ecdsa-secp384r1-sha256.pem");
237 RunTestCase(SUCCESS, "ecdsa-prime256v1-sha512.pem"); 228 RunTestCase(SUCCESS, "ecdsa-prime256v1-sha512.pem");
238 229
239 // However when using a policy that specifically rejects secp384r1, only 230 // However when using a policy that specifically rejects secp384r1, only
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
297 RunTestCaseUsingPolicy(SUCCESS, "ecdsa-secp384r1-sha256.pem", &policy); 288 RunTestCaseUsingPolicy(SUCCESS, "ecdsa-secp384r1-sha256.pem", &policy);
298 RunTestCaseUsingPolicy(SUCCESS, "rsa-pkcs1-sha256.pem", &policy); 289 RunTestCaseUsingPolicy(SUCCESS, "rsa-pkcs1-sha256.pem", &policy);
299 RunTestCaseUsingPolicy(SUCCESS, "rsa-pss-sha256-salt10.pem", &policy); 290 RunTestCaseUsingPolicy(SUCCESS, "rsa-pss-sha256-salt10.pem", &policy);
300 RunTestCaseUsingPolicy(FAILURE, "rsa-pss-sha256-mgf1-sha512-salt33.pem", 291 RunTestCaseUsingPolicy(FAILURE, "rsa-pss-sha256-mgf1-sha512-salt33.pem",
301 &policy); 292 &policy);
302 } 293 }
303 294
304 } // namespace 295 } // namespace
305 296
306 } // namespace net 297 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/verify_signed_data.cc ('k') | net/cert/jwk_serializer_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698