net/cert/internal/parse_ocsp_unittest.cc - Issue 2091103002: Add CheckOCSPDateValid() to net/cert/internal

Side by Side Diff: net/cert/internal/parse_ocsp_unittest.cc

Issue 2091103002: Add CheckOCSPDateValid() to net/cert/internal (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Address comments from rsleevi@ Created 4 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/internal/parse_ocsp.h"	5 #include "net/cert/internal/parse_ocsp.h"

6	6

7 #include "base/files/file_path.h"	7 #include "base/files/file_path.h"

8 #include "base/logging.h"	8 #include "base/logging.h"

9 #include "net/cert/internal/test_helpers.h"	9 #include "net/cert/internal/test_helpers.h"

10 #include "net/cert/x509_certificate.h"	10 #include "net/cert/x509_certificate.h"

	11 #include "net/der/encode_values.h"

11 #include "net/test/test_data_directory.h"	12 #include "net/test/test_data_directory.h"

12 #include "testing/gtest/include/gtest/gtest.h"	13 #include "testing/gtest/include/gtest/gtest.h"

13	14

14 namespace net {	15 namespace net {

15	16

16 namespace {	17 namespace {

17	18

	19 const base::TimeDelta kOCSPAgeOneWeek = base::TimeDelta::FromDays(7);

	20

18 std::string GetFilePath(const std::string& file_name) {	21 std::string GetFilePath(const std::string& file_name) {

19 return std::string("net/data/parse_ocsp_unittest/") + file_name;	22 return std::string("net/data/parse_ocsp_unittest/") + file_name;

20 }	23 }

21	24

22 enum OCSPFailure {	25 enum OCSPFailure {

23 OCSP_SUCCESS,	26 OCSP_SUCCESS,

24 PARSE_CERT,	27 PARSE_CERT,

25 PARSE_OCSP,	28 PARSE_OCSP,

26 OCSP_NOT_SUCCESSFUL,	29 OCSP_NOT_SUCCESSFUL,

27 PARSE_OCSP_DATA,	30 PARSE_OCSP_DATA,

(...skipping 147 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
175 }	178 }

176	179

177 TEST(ParseOCSPTest, OCSPOCSPSingleExtension) {	180 TEST(ParseOCSPTest, OCSPOCSPSingleExtension) {

178 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem"));	181 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem"));

179 }	182 }

180	183

181 TEST(ParseOCSPTest, OCSPMissingResponse) {	184 TEST(ParseOCSPTest, OCSPMissingResponse) {

182 ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("missing_response.pem"));	185 ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("missing_response.pem"));

183 }	186 }

184	187

	188 TEST(OCSPDateTest, Valid) {

	189 OCSPSingleResponse response;

	190 base::Time now = base::Time::Now();

	191 base::Time this_update = now - base::TimeDelta::FromHours(1);

	192 base::Time next_update = this_update + base::TimeDelta::FromDays(7);

	193 response.this_update = der::EncodeTimeAsGeneralizedTime(this_update);

	194 response.has_next_update = false;

	195 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	196 response.has_next_update = true;

	197 response.next_update = der::EncodeTimeAsGeneralizedTime(next_update);

	198 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));
	Ryan Sleevi 2016/07/01 00:49:53 Reading each of these tests, I find it visually cl Reading each of these tests, I find it visually cluttered to try to figure out what's being tested and the core logic and checking that the expectations match what's claimed (and the claim is in the description) Concrete structural suggestions: - Declare your variables close to the first usage ( see https://google.github.io/styleguide/cppguide.html#Local_Variables ) In particular, next_update isn't used until 197, so it's declaration ideally would be before 196 or before 197 - Make use of vertical whitespace ( https://google.github.io/styleguide/cppguide.html#Vertical_Whitespace ) There's a tension here between min/maxing whitespace, but the goal should be readability. When I look at these tests in the codereview screen, they're same font, same color - assume no syntax-highlighting. So are they all one big test? Well, no, they tend to be testing in two lumps - without NextUpdate and with NextUpdate. To me, this seems to suggest that there should be a line-break between 195 and 196 (and 208/209, 221/222, etc)
	199 }

	200

	201 TEST(OCSPDateTest, ThisUpdateInTheFuture) {

	202 OCSPSingleResponse response;

	203 base::Time now = base::Time::Now();

	204 base::Time this_update = now + base::TimeDelta::FromHours(1);

	205 base::Time next_update = this_update + base::TimeDelta::FromDays(7);

	206 response.this_update = der::EncodeTimeAsGeneralizedTime(this_update);

	207 response.has_next_update = false;

	208 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	209 response.has_next_update = true;

	210 response.next_update = der::EncodeTimeAsGeneralizedTime(next_update);

	211 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	212 }

	213

	214 TEST(OCSPDateTest, NextUpdatePassed) {

	215 OCSPSingleResponse response;

	216 base::Time now = base::Time::Now();

	217 base::Time this_update = now - base::TimeDelta::FromDays(6);

	218 base::Time next_update = now - base::TimeDelta::FromHours(1);

	219 response.this_update = der::EncodeTimeAsGeneralizedTime(this_update);

	220 response.has_next_update = false;

	221 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	222 response.has_next_update = true;

	223 response.next_update = der::EncodeTimeAsGeneralizedTime(next_update);

	224 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	225 }

	226

	227 TEST(OCSPDateTest, NextUpdateBeforeThisUpdate) {

	228 OCSPSingleResponse response;

	229 base::Time now = base::Time::Now();

	230 base::Time next_update = now - base::TimeDelta::FromHours(1);

	231 base::Time this_update = next_update + base::TimeDelta::FromDays(7);

	232 response.this_update = der::EncodeTimeAsGeneralizedTime(this_update);

	233 response.has_next_update = false;

	234 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));
	Ryan Sleevi 2016/07/01 00:49:52 When visually scanning, this tripped me up. That' When visually scanning, this tripped me up. That's because you've swapped your declaration order and dependency relationship, and thus the pattern matching I acquired on the above lines is now broken. That's because I thought your \|this_update\| was now - base::TimeDelta::FromHours(1) - but no, you swapped their definitions (because you made them relative to eachother) You then swap back in the next test (243-244) My concrete suggestion would be: base::Time now = base::Time::Now(); base::Time this_update = now + base::TimeDelta::FromDays(7); response.this_update = ... response.has_next_update = false; EXPECT_FALSE(...); base::Time next_update = this_update - base::TimeDelta::FromHours(1); response ... ... EXPECT_FALSE(...) Ryan Sleevi 2016/07/01 00:49:53 This seems like it's testing something other than This seems like it's testing something other than what the description says - is that the case? Why should this be false? AFAICT, you're testing ThisUpdateOlderThanMaxAge here - shouldn't this be a valid this_update, but an earlier next_update, in line with the description, since you have the ThisUpdate test on line 240? dadrian 2016/07/01 17:47:38 Done. Show quoted text On 2016/07/01 00:49:53, Ryan Sleevi wrote: > This seems like it's testing something other than what the description says - is > that the case? Why should this be false? > > AFAICT, you're testing ThisUpdateOlderThanMaxAge here - shouldn't this be a > valid this_update, but an earlier next_update, in line with the description, > since you have the ThisUpdate test on line 240? Done.
	235 response.has_next_update = true;

	236 response.next_update = der::EncodeTimeAsGeneralizedTime(next_update);

	237 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	238 }

	239

	240 TEST(OCSPDateTest, ThisUpdateOlderThanMaxAge) {

	241 OCSPSingleResponse response;

	242 base::Time now = base::Time::Now();

	243 base::Time this_update = now - kOCSPAgeOneWeek;

	244 base::Time next_update = now + base::TimeDelta::FromHours(1);

	245 response.has_next_update = false;

	246 response.this_update = der::EncodeTimeAsGeneralizedTime(this_update);

	247 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	248 response.this_update = der::EncodeTimeAsGeneralizedTime(

	249 this_update - base::TimeDelta::FromSeconds(1));

	250 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	251 response.has_next_update = true;

	252 response.next_update = der::EncodeTimeAsGeneralizedTime(next_update);

	253 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek));

	254 }

	255

185 } // namespace net	256 } // namespace net

OLD	NEW

« no previous file with comments | « net/cert/internal/parse_ocsp.cc ('k') | net/der/encode_values.h » ('j') | net/der/encode_values.cc » ('J')