| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/parse_ocsp.h" | 5 #include "net/cert/internal/parse_ocsp.h" |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "net/cert/internal/test_helpers.h" | 9 #include "net/cert/internal/test_helpers.h" |
| 10 #include "net/cert/x509_certificate.h" | 10 #include "net/cert/x509_certificate.h" |
| 11 #include "net/der/encode_values.h" | |
| 12 #include "net/test/test_data_directory.h" | 11 #include "net/test/test_data_directory.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" | 12 #include "testing/gtest/include/gtest/gtest.h" |
| 14 | 13 |
| 15 namespace net { | 14 namespace net { |
| 16 | 15 |
| 17 namespace { | 16 namespace { |
| 18 | 17 |
| 19 const base::TimeDelta kOCSPAgeOneWeek = base::TimeDelta::FromDays(7); | |
| 20 | |
| 21 std::string GetFilePath(const std::string& file_name) { | 18 std::string GetFilePath(const std::string& file_name) { |
| 22 return std::string("net/data/parse_ocsp_unittest/") + file_name; | 19 return std::string("net/data/parse_ocsp_unittest/") + file_name; |
| 23 } | 20 } |
| 24 | 21 |
| 25 enum OCSPFailure { | 22 enum OCSPFailure { |
| 26 OCSP_SUCCESS, | 23 OCSP_SUCCESS, |
| 27 PARSE_CERT, | 24 PARSE_CERT, |
| 28 PARSE_OCSP, | 25 PARSE_OCSP, |
| 29 OCSP_NOT_SUCCESSFUL, | 26 OCSP_NOT_SUCCESSFUL, |
| 30 PARSE_OCSP_DATA, | 27 PARSE_OCSP_DATA, |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 178 } | 175 } |
| 179 | 176 |
| 180 TEST(ParseOCSPTest, OCSPOCSPSingleExtension) { | 177 TEST(ParseOCSPTest, OCSPOCSPSingleExtension) { |
| 181 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem")); | 178 ASSERT_EQ(OCSP_SUCCESS, ParseOCSP("has_single_extension.pem")); |
| 182 } | 179 } |
| 183 | 180 |
| 184 TEST(ParseOCSPTest, OCSPMissingResponse) { | 181 TEST(ParseOCSPTest, OCSPMissingResponse) { |
| 185 ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("missing_response.pem")); | 182 ASSERT_EQ(PARSE_OCSP_SINGLE_RESPONSE, ParseOCSP("missing_response.pem")); |
| 186 } | 183 } |
| 187 | 184 |
| 188 TEST(OCSPDateTest, Valid) { | |
| 189 OCSPSingleResponse response; | |
| 190 | |
| 191 base::Time now = base::Time::Now(); | |
| 192 base::Time this_update = now - base::TimeDelta::FromHours(1); | |
| 193 ASSERT_TRUE( | |
| 194 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 195 response.has_next_update = false; | |
| 196 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 197 | |
| 198 base::Time next_update = this_update + base::TimeDelta::FromDays(7); | |
| 199 ASSERT_TRUE( | |
| 200 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 201 response.has_next_update = true; | |
| 202 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 203 } | |
| 204 | |
| 205 TEST(OCSPDateTest, ThisUpdateInTheFuture) { | |
| 206 OCSPSingleResponse response; | |
| 207 | |
| 208 base::Time now = base::Time::Now(); | |
| 209 base::Time this_update = now + base::TimeDelta::FromHours(1); | |
| 210 ASSERT_TRUE( | |
| 211 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 212 response.has_next_update = false; | |
| 213 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 214 | |
| 215 base::Time next_update = this_update + base::TimeDelta::FromDays(7); | |
| 216 ASSERT_TRUE( | |
| 217 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 218 response.has_next_update = true; | |
| 219 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 220 } | |
| 221 | |
| 222 TEST(OCSPDateTest, NextUpdatePassed) { | |
| 223 OCSPSingleResponse response; | |
| 224 | |
| 225 base::Time now = base::Time::Now(); | |
| 226 base::Time this_update = now - base::TimeDelta::FromDays(6); | |
| 227 ASSERT_TRUE( | |
| 228 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 229 response.has_next_update = false; | |
| 230 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 231 | |
| 232 base::Time next_update = now - base::TimeDelta::FromHours(1); | |
| 233 ASSERT_TRUE( | |
| 234 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 235 response.has_next_update = true; | |
| 236 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 237 } | |
| 238 | |
| 239 TEST(OCSPDateTest, NextUpdateBeforeThisUpdate) { | |
| 240 OCSPSingleResponse response; | |
| 241 | |
| 242 base::Time now = base::Time::Now(); | |
| 243 base::Time this_update = now - base::TimeDelta::FromDays(1); | |
| 244 ASSERT_TRUE( | |
| 245 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 246 response.has_next_update = false; | |
| 247 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 248 | |
| 249 base::Time next_update = this_update - base::TimeDelta::FromDays(1); | |
| 250 ASSERT_TRUE( | |
| 251 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 252 response.has_next_update = true; | |
| 253 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 254 } | |
| 255 | |
| 256 TEST(OCSPDateTest, ThisUpdateOlderThanMaxAge) { | |
| 257 OCSPSingleResponse response; | |
| 258 | |
| 259 base::Time now = base::Time::Now(); | |
| 260 base::Time this_update = now - kOCSPAgeOneWeek; | |
| 261 ASSERT_TRUE( | |
| 262 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 263 response.has_next_update = false; | |
| 264 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 265 | |
| 266 base::Time next_update = now + base::TimeDelta::FromHours(1); | |
| 267 ASSERT_TRUE( | |
| 268 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 269 response.has_next_update = true; | |
| 270 EXPECT_TRUE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 271 | |
| 272 ASSERT_TRUE(der::EncodeTimeAsGeneralizedTime( | |
| 273 this_update - base::TimeDelta::FromSeconds(1), &response.this_update)); | |
| 274 response.has_next_update = false; | |
| 275 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 276 response.has_next_update = true; | |
| 277 EXPECT_FALSE(CheckOCSPDateValid(response, now, kOCSPAgeOneWeek)); | |
| 278 } | |
| 279 | |
| 280 TEST(OCSPDateTest, VerifyTimeFromBeforeWindowsEpoch) { | |
| 281 OCSPSingleResponse response; | |
| 282 base::Time windows_epoch; | |
| 283 base::Time verify_time = windows_epoch - base::TimeDelta::FromDays(1); | |
| 284 | |
| 285 base::Time now = base::Time::Now(); | |
| 286 base::Time this_update = now - base::TimeDelta::FromHours(1); | |
| 287 ASSERT_TRUE( | |
| 288 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 289 response.has_next_update = false; | |
| 290 EXPECT_FALSE(CheckOCSPDateValid(response, verify_time, kOCSPAgeOneWeek)); | |
| 291 | |
| 292 base::Time next_update = this_update + kOCSPAgeOneWeek; | |
| 293 ASSERT_TRUE( | |
| 294 der::EncodeTimeAsGeneralizedTime(next_update, &response.next_update)); | |
| 295 response.has_next_update = true; | |
| 296 EXPECT_FALSE(CheckOCSPDateValid(response, verify_time, kOCSPAgeOneWeek)); | |
| 297 } | |
| 298 | |
| 299 TEST(OCSPDateTest, VerifyTimeMinusAgeFromBeforeWindowsEpoch) { | |
| 300 OCSPSingleResponse response; | |
| 301 base::Time windows_epoch; | |
| 302 base::Time verify_time = windows_epoch + base::TimeDelta::FromDays(1); | |
| 303 | |
| 304 base::Time this_update = windows_epoch; | |
| 305 ASSERT_TRUE( | |
| 306 der::EncodeTimeAsGeneralizedTime(this_update, &response.this_update)); | |
| 307 response.has_next_update = false; | |
| 308 #ifdef OS_WIN | |
| 309 EXPECT_FALSE(CheckOCSPDateValid(response, verify_time, kOCSPAgeOneWeek)); | |
| 310 #else | |
| 311 EXPECT_TRUE(CheckOCSPDateValid(response, verify_time, kOCSPAgeOneWeek)); | |
| 312 #endif | |
| 313 } | |
| 314 | |
| 315 } // namespace net | 185 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2138413002:
Revert of Add CheckOCSPDateValid() to net/cert/internal (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master