OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ | 5 #ifndef NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ |
6 #define NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ | 6 #define NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ |
7 | 7 |
8 #include "base/base_paths.h" | |
9 #include "base/files/file_util.h" | |
10 #include "base/path_service.h" | |
11 #include "net/cert/internal/parsed_certificate.h" | 8 #include "net/cert/internal/parsed_certificate.h" |
12 #include "net/cert/internal/test_helpers.h" | 9 #include "net/cert/internal/test_helpers.h" |
13 #include "net/cert/pem_tokenizer.h" | |
14 #include "net/der/input.h" | 10 #include "net/der/input.h" |
15 #include "testing/gtest/include/gtest/gtest.h" | 11 #include "testing/gtest/include/gtest/gtest.h" |
16 | 12 |
17 namespace net { | 13 namespace net { |
18 | 14 |
19 template <typename TestDelegate> | 15 template <typename TestDelegate> |
20 class VerifyCertificateChainTest : public ::testing::Test { | 16 class VerifyCertificateChainTest : public ::testing::Test { |
21 public: | 17 public: |
22 void RunTest(const char* file_name) { | 18 void RunTest(const char* file_name) { |
23 ParsedCertificateList chain; | 19 ParsedCertificateList chain; |
24 ParsedCertificateList roots; | 20 ParsedCertificateList roots; |
25 der::GeneralizedTime time; | 21 der::GeneralizedTime time; |
26 bool expected_result; | 22 bool expected_result; |
27 | 23 |
28 ReadTestFromFile(file_name, &chain, &roots, &time, &expected_result); | 24 ReadCertChainTestFromFile( |
| 25 std::string("net/data/verify_certificate_chain_unittest/") + file_name, |
| 26 &chain, &roots, &time, &expected_result); |
29 | 27 |
30 TestDelegate::Verify(chain, roots, time, expected_result); | 28 TestDelegate::Verify(chain, roots, time, expected_result); |
31 } | 29 } |
32 | |
33 private: | |
34 // Reads a data file from the unit-test data. | |
35 std::string ReadTestFileToString(const std::string& file_name) { | |
36 // Compute the full path, relative to the src/ directory. | |
37 base::FilePath src_root; | |
38 PathService::Get(base::DIR_SOURCE_ROOT, &src_root); | |
39 base::FilePath filepath = src_root.AppendASCII( | |
40 std::string("net/data/verify_certificate_chain_unittest/") + file_name); | |
41 | |
42 // Read the full contents of the file. | |
43 std::string file_data; | |
44 if (!base::ReadFileToString(filepath, &file_data)) { | |
45 ADD_FAILURE() << "Couldn't read file: " << filepath.value(); | |
46 return std::string(); | |
47 } | |
48 | |
49 return file_data; | |
50 } | |
51 | |
52 // Reads a test case from |file_name|. Test cases are comprised of a | |
53 // certificate chain, trust store, a timestamp to validate at, and the | |
54 // expected result of verification. | |
55 void ReadTestFromFile(const std::string& file_name, | |
56 ParsedCertificateList* chain, | |
57 ParsedCertificateList* roots, | |
58 der::GeneralizedTime* time, | |
59 bool* verify_result) { | |
60 chain->clear(); | |
61 roots->clear(); | |
62 | |
63 std::string file_data = ReadTestFileToString(file_name); | |
64 | |
65 std::vector<std::string> pem_headers; | |
66 | |
67 const char kCertificateHeader[] = "CERTIFICATE"; | |
68 const char kTrustedCertificateHeader[] = "TRUSTED_CERTIFICATE"; | |
69 const char kTimeHeader[] = "TIME"; | |
70 const char kResultHeader[] = "VERIFY_RESULT"; | |
71 | |
72 pem_headers.push_back(kCertificateHeader); | |
73 pem_headers.push_back(kTrustedCertificateHeader); | |
74 pem_headers.push_back(kTimeHeader); | |
75 pem_headers.push_back(kResultHeader); | |
76 | |
77 bool has_time = false; | |
78 bool has_result = false; | |
79 | |
80 PEMTokenizer pem_tokenizer(file_data, pem_headers); | |
81 while (pem_tokenizer.GetNext()) { | |
82 const std::string& block_type = pem_tokenizer.block_type(); | |
83 const std::string& block_data = pem_tokenizer.data(); | |
84 | |
85 if (block_type == kCertificateHeader) { | |
86 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector( | |
87 reinterpret_cast<const uint8_t*>(block_data.data()), | |
88 block_data.size(), | |
89 net::ParsedCertificate::DataSource::INTERNAL_COPY, {}, chain)); | |
90 } else if (block_type == kTrustedCertificateHeader) { | |
91 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector( | |
92 reinterpret_cast<const uint8_t*>(block_data.data()), | |
93 block_data.size(), | |
94 net::ParsedCertificate::DataSource::INTERNAL_COPY, {}, roots)); | |
95 } else if (block_type == kTimeHeader) { | |
96 ASSERT_FALSE(has_time) << "Duplicate " << kTimeHeader; | |
97 has_time = true; | |
98 ASSERT_TRUE(der::ParseUTCTime(der::Input(&block_data), time)); | |
99 } else if (block_type == kResultHeader) { | |
100 ASSERT_FALSE(has_result) << "Duplicate " << kResultHeader; | |
101 ASSERT_TRUE(block_data == "SUCCESS" || block_data == "FAIL") | |
102 << "Unrecognized result: " << block_data; | |
103 has_result = true; | |
104 *verify_result = block_data == "SUCCESS"; | |
105 } | |
106 } | |
107 | |
108 ASSERT_TRUE(has_time); | |
109 ASSERT_TRUE(has_result); | |
110 } | |
111 }; | 30 }; |
112 | 31 |
113 // Tests that have only one root. These can be tested without requiring any | 32 // Tests that have only one root. These can be tested without requiring any |
114 // path-building ability. | 33 // path-building ability. |
115 template <typename TestDelegate> | 34 template <typename TestDelegate> |
116 class VerifyCertificateChainSingleRootTest | 35 class VerifyCertificateChainSingleRootTest |
117 : public VerifyCertificateChainTest<TestDelegate> {}; | 36 : public VerifyCertificateChainTest<TestDelegate> {}; |
118 | 37 |
119 TYPED_TEST_CASE_P(VerifyCertificateChainSingleRootTest); | 38 TYPED_TEST_CASE_P(VerifyCertificateChainSingleRootTest); |
120 | 39 |
(...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
296 TYPED_TEST_P(VerifyCertificateChainNonSingleRootTest, UnknownRoot) { | 215 TYPED_TEST_P(VerifyCertificateChainNonSingleRootTest, UnknownRoot) { |
297 this->RunTest("unknown-root.pem"); | 216 this->RunTest("unknown-root.pem"); |
298 } | 217 } |
299 | 218 |
300 REGISTER_TYPED_TEST_CASE_P(VerifyCertificateChainNonSingleRootTest, | 219 REGISTER_TYPED_TEST_CASE_P(VerifyCertificateChainNonSingleRootTest, |
301 UnknownRoot); | 220 UnknownRoot); |
302 | 221 |
303 } // namespace net | 222 } // namespace net |
304 | 223 |
305 #endif // NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ | 224 #endif // NET_CERT_INTERNAL_VERIFY_CERTIFICATE_CHAIN_TYPED_UNITTEST_H_ |
OLD | NEW |