Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(354)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_signed_data_unittest.cc

Issue 1882433002: Removing NSS files and USE_OPENSSL flag (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Removing use_openssl (requires WebRTC change to compile) Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« crypto/crypto.gyp ('K') | « net/cert/internal/verify_signed_data.cc ('k') | net/cert/jwk_serializer_nss.cc » ('j') | net/cert/test_root_certs_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_signed_data.h" 5 #include "net/cert/internal/verify_signed_data.h"
6 6
7 #include <set> 7 #include <set>
8 8
9 #include "net/cert/internal/signature_algorithm.h" 9 #include "net/cert/internal/signature_algorithm.h"
10 #include "net/cert/internal/signature_policy.h" 10 #include "net/cert/internal/signature_policy.h"
11 #include "net/cert/internal/test_helpers.h" 11 #include "net/cert/internal/test_helpers.h"
12 #include "net/der/input.h" 12 #include "net/der/input.h"
13 #include "net/der/parse_values.h" 13 #include "net/der/parse_values.h"
14 #include "net/der/parser.h" 14 #include "net/der/parser.h"
15 #include "testing/gtest/include/gtest/gtest.h" 15 #include "testing/gtest/include/gtest/gtest.h"
16 16
17 #if defined(USE_OPENSSL)
18 #include <openssl/obj.h> 17 #include <openssl/obj.h>
19 #endif
20 18
21 namespace net { 19 namespace net {
22 20
23 namespace { 21 namespace {
24 22
25 enum VerifyResult { 23 enum VerifyResult {
26 SUCCESS, 24 SUCCESS,
27 FAILURE, 25 FAILURE,
28 }; 26 };
29 27
30 // Reads test data from |file_name| and runs VerifySignedData() over its 28 // Reads test data from |file_name| and runs VerifySignedData() over its
31 // inputs, using |policy|. 29 // inputs, using |policy|.
32 // 30 //
33 // If expected_result was SUCCESS then the test will only succeed if 31 // If expected_result was SUCCESS then the test will only succeed if
34 // VerifySignedData() returns true. 32 // VerifySignedData() returns true.
35 // 33 //
36 // If expected_result was FAILURE then the test will only succeed if 34 // If expected_result was FAILURE then the test will only succeed if
37 // VerifySignedData() returns false. 35 // VerifySignedData() returns false.
38 void RunTestCaseUsingPolicy(VerifyResult expected_result, 36 void RunTestCaseUsingPolicy(VerifyResult expected_result,
39 const char* file_name, 37 const char* file_name,
40 const SignaturePolicy* policy) { 38 const SignaturePolicy* policy) {
41 #if !defined(USE_OPENSSL)
42 LOG(INFO) << "Skipping test, only implemented for BoringSSL";
43 return;
44 #endif
45
46 std::string path = 39 std::string path =
47 std::string("net/data/verify_signed_data_unittest/") + file_name; 40 std::string("net/data/verify_signed_data_unittest/") + file_name;
48 41
49 std::string public_key; 42 std::string public_key;
50 std::string algorithm; 43 std::string algorithm;
51 std::string signed_data; 44 std::string signed_data;
52 std::string signature_value; 45 std::string signature_value;
53 46
54 const PemBlockMapping mappings[] = { 47 const PemBlockMapping mappings[] = {
55 {"PUBLIC KEY", &public_key}, 48 {"PUBLIC KEY", &public_key},
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after
215 } 208 }
216 209
217 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UnusedBitsSignature) { 210 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UnusedBitsSignature) {
218 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-unused-bits-signature.pem"); 211 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-unused-bits-signature.pem");
219 } 212 }
220 213
221 // This policy rejects specifically secp384r1 curves. 214 // This policy rejects specifically secp384r1 curves.
222 class RejectSecp384r1Policy : public SignaturePolicy { 215 class RejectSecp384r1Policy : public SignaturePolicy {
223 public: 216 public:
224 bool IsAcceptableCurveForEcdsa(int curve_nid) const override { 217 bool IsAcceptableCurveForEcdsa(int curve_nid) const override {
225 #if defined(USE_OPENSSL)
226 if (curve_nid == NID_secp384r1) 218 if (curve_nid == NID_secp384r1)
227 return false; 219 return false;
228 #endif
229 return true; 220 return true;
230 } 221 }
231 }; 222 };
232 223
233 TEST(VerifySignedDataTest, PolicyIsAcceptableCurveForEcdsa) { 224 TEST(VerifySignedDataTest, PolicyIsAcceptableCurveForEcdsa) {
234 // Using the regular policy both secp384r1 and secp256r1 should be accepted. 225 // Using the regular policy both secp384r1 and secp256r1 should be accepted.
235 RunTestCase(SUCCESS, "ecdsa-secp384r1-sha256.pem"); 226 RunTestCase(SUCCESS, "ecdsa-secp384r1-sha256.pem");
236 RunTestCase(SUCCESS, "ecdsa-prime256v1-sha512.pem"); 227 RunTestCase(SUCCESS, "ecdsa-prime256v1-sha512.pem");
237 228
238 // However when using a policy that specifically rejects secp384r1, only 229 // However when using a policy that specifically rejects secp384r1, only
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
296 RunTestCaseUsingPolicy(SUCCESS, "ecdsa-secp384r1-sha256.pem", &policy); 287 RunTestCaseUsingPolicy(SUCCESS, "ecdsa-secp384r1-sha256.pem", &policy);
297 RunTestCaseUsingPolicy(SUCCESS, "rsa-pkcs1-sha256.pem", &policy); 288 RunTestCaseUsingPolicy(SUCCESS, "rsa-pkcs1-sha256.pem", &policy);
298 RunTestCaseUsingPolicy(SUCCESS, "rsa-pss-sha256-salt10.pem", &policy); 289 RunTestCaseUsingPolicy(SUCCESS, "rsa-pss-sha256-salt10.pem", &policy);
299 RunTestCaseUsingPolicy(FAILURE, "rsa-pss-sha256-mgf1-sha512-salt33.pem", 290 RunTestCaseUsingPolicy(FAILURE, "rsa-pss-sha256-mgf1-sha512-salt33.pem",
300 &policy); 291 &policy);
301 } 292 }
302 293
303 } // namespace 294 } // namespace
304 295
305 } // namespace net 296 } // namespace net
OLDNEW
« crypto/crypto.gyp ('K') | « net/cert/internal/verify_signed_data.cc ('k') | net/cert/jwk_serializer_nss.cc » ('j') | net/cert/test_root_certs_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698