net/cert/internal/test_helpers.cc - Issue 2233233002: Refactor some certificate verification tests in preparation to adding

Side by Side Diff: net/cert/internal/test_helpers.cc

Issue 2233233002: Refactor some certificate verification tests in preparation to adding (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@trust_anchor

Patch Set: moar Created 4 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « net/cert/internal/test_helpers.h ('k') | net/cert/internal/verify_certificate_chain_typed_unittest.h » ('j') | net/data/verify_certificate_chain_unittest/README » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/internal/test_helpers.h"	5 #include "net/cert/internal/test_helpers.h"

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "base/base_paths.h"	8 #include "base/base_paths.h"

9 #include "base/files/file_util.h"	9 #include "base/files/file_util.h"

10 #include "base/path_service.h"	10 #include "base/path_service.h"

(...skipping 82 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
93 for (const auto& mapping : mappings_copy) {	93 for (const auto& mapping : mappings_copy) {

94 if (mapping.value && !mapping.optional) {	94 if (mapping.value && !mapping.optional) {

95 return ::testing::AssertionFailure() << "PEM block missing: "	95 return ::testing::AssertionFailure() << "PEM block missing: "

96 << mapping.block_name;	96 << mapping.block_name;

97 }	97 }

98 }	98 }

99	99

100 return ::testing::AssertionSuccess();	100 return ::testing::AssertionSuccess();

101 }	101 }

102	102

	103 void ReadVerifyCertChainTestFromFile(const std::string& file_name,
	eroman 2016/08/11 01:02:29 This is basically unchanged from the earlier defin This is basically unchanged from the earlier definition, except for: * Recognizes TRUST_ANCHOR_UNCONSTRAINED instead of TRUSTED_CERTIFICATE * Outputs to a TrustAnchor rather than ParsedCertificate * Asserts that the input contained a trust anchor (before it was optional)
	104 ParsedCertificateList* chain,

	105 scoped_refptr<TrustAnchor>* trust_anchor,

	106 der::GeneralizedTime* time,

	107 bool* verify_result) {

	108 chain->clear();

	109

	110 std::string file_data = ReadTestFileToString(

	111 std::string("net/data/verify_certificate_chain_unittest/") + file_name);

	112

	113 std::vector<std::string> pem_headers;

	114

	115 // For details on the file format refer to:

	116 // net/data/verify_certificate_chain_unittest/README.

	117 const char kCertificateHeader[] = "CERTIFICATE";

	118 const char kTrustAnchorUnconstrained[] = "TRUST_ANCHOR_UNCONSTRAINED";

	119 const char kTimeHeader[] = "TIME";

	120 const char kResultHeader[] = "VERIFY_RESULT";

	121

	122 pem_headers.push_back(kCertificateHeader);

	123 pem_headers.push_back(kTrustAnchorUnconstrained);

	124 pem_headers.push_back(kTimeHeader);

	125 pem_headers.push_back(kResultHeader);

	126

	127 bool has_time = false;

	128 bool has_result = false;

	129 bool has_trust_anchor = false;

	130

	131 PEMTokenizer pem_tokenizer(file_data, pem_headers);

	132 while (pem_tokenizer.GetNext()) {

	133 const std::string& block_type = pem_tokenizer.block_type();

	134 const std::string& block_data = pem_tokenizer.data();

	135

	136 if (block_type == kCertificateHeader) {

	137 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(

	138 reinterpret_cast<const uint8_t*>(block_data.data()),

	139 block_data.size(), net::ParsedCertificate::DataSource::INTERNAL_COPY,

	140 {}, chain));

	141 } else if (block_type == kTrustAnchorUnconstrained) {

	142 scoped_refptr<ParsedCertificate> root =

	143 net::ParsedCertificate::CreateFromCertificateData(

	144 reinterpret_cast<const uint8_t*>(block_data.data()),

	145 block_data.size(),

	146 net::ParsedCertificate::DataSource::INTERNAL_COPY, {});

	147 ASSERT_TRUE(root);

	148 *trust_anchor =

	149 TrustAnchor::CreateFromCertificateNoConstraints(std::move(root));

	150 has_trust_anchor = true;

	151 } else if (block_type == kTimeHeader) {

	152 ASSERT_FALSE(has_time) << "Duplicate " << kTimeHeader;

	153 has_time = true;

	154 ASSERT_TRUE(der::ParseUTCTime(der::Input(&block_data), time));

	155 } else if (block_type == kResultHeader) {

	156 ASSERT_FALSE(has_result) << "Duplicate " << kResultHeader;

	157 ASSERT_TRUE(block_data == "SUCCESS" \|\| block_data == "FAIL")

	158 << "Unrecognized result: " << block_data;

	159 has_result = true;

	160 *verify_result = block_data == "SUCCESS";

	161 }

	162 }

	163

	164 ASSERT_TRUE(has_time);

	165 ASSERT_TRUE(has_result);

	166 ASSERT_TRUE(has_trust_anchor);

	167 }

	168

	169 std::string ReadTestFileToString(const std::string& file_name) {

	170 // Compute the full path, relative to the src/ directory.

	171 base::FilePath src_root;

	172 PathService::Get(base::DIR_SOURCE_ROOT, &src_root);

	173 base::FilePath filepath = src_root.AppendASCII(file_name);

	174

	175 // Read the full contents of the file.

	176 std::string file_data;

	177 if (!base::ReadFileToString(filepath, &file_data)) {

	178 ADD_FAILURE() << "Couldn't read file: " << filepath.value();

	179 return std::string();

	180 }

	181

	182 return file_data;

	183 }

	184

103 } // namespace net	185 } // namespace net

OLD	NEW