| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/cast_certificate/cast_cert_validator.h" | 5 #include "components/cast_certificate/cast_cert_validator.h" |
| 6 | 6 |
| 7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h" | 7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h" |
| 8 #include "net/cert/internal/parsed_certificate.h" | 8 #include "net/cert/internal/parsed_certificate.h" |
| 9 #include "net/cert/internal/trust_store.h" | 9 #include "net/cert/internal/trust_store_in_memory.h" |
| 10 #include "testing/gtest/include/gtest/gtest.h" | 10 #include "testing/gtest/include/gtest/gtest.h" |
| 11 | 11 |
| 12 namespace cast_certificate { | 12 namespace cast_certificate { |
| 13 | 13 |
| 14 namespace { | 14 namespace { |
| 15 | 15 |
| 16 // Creates an std::string given a uint8_t array. | 16 // Creates an std::string given a uint8_t array. |
| 17 template <size_t N> | 17 template <size_t N> |
| 18 std::string CreateString(const uint8_t (&data)[N]) { | 18 std::string CreateString(const uint8_t (&data)[N]) { |
| 19 return std::string(reinterpret_cast<const char*>(data), N); | 19 return std::string(reinterpret_cast<const char*>(data), N); |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 void RunTest(TestResult expected_result, | 60 void RunTest(TestResult expected_result, |
| 61 const std::string& expected_common_name, | 61 const std::string& expected_common_name, |
| 62 CastDeviceCertPolicy expected_policy, | 62 CastDeviceCertPolicy expected_policy, |
| 63 const std::string& certs_file_name, | 63 const std::string& certs_file_name, |
| 64 const base::Time& time, | 64 const base::Time& time, |
| 65 TrustStoreDependency trust_store_dependency, | 65 TrustStoreDependency trust_store_dependency, |
| 66 const std::string& optional_signed_data_file_name) { | 66 const std::string& optional_signed_data_file_name) { |
| 67 auto certs = | 67 auto certs = |
| 68 cast_certificate::testing::ReadCertificateChainFromFile(certs_file_name); | 68 cast_certificate::testing::ReadCertificateChainFromFile(certs_file_name); |
| 69 | 69 |
| 70 std::unique_ptr<net::TrustStore> trust_store; | 70 std::unique_ptr<net::TrustStoreInMemory> trust_store; |
| 71 | 71 |
| 72 switch (trust_store_dependency) { | 72 switch (trust_store_dependency) { |
| 73 case TRUST_STORE_BUILTIN: | 73 case TRUST_STORE_BUILTIN: |
| 74 // Leave trust_store as nullptr. | 74 // Leave trust_store as nullptr. |
| 75 break; | 75 break; |
| 76 | 76 |
| 77 case TRUST_STORE_FROM_TEST_FILE: | 77 case TRUST_STORE_FROM_TEST_FILE: |
| 78 case TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED: { | 78 case TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED: { |
| 79 ASSERT_FALSE(certs.empty()); | 79 ASSERT_FALSE(certs.empty()); |
| 80 | 80 |
| 81 // Parse the root certificate of the chain. | 81 // Parse the root certificate of the chain. |
| 82 scoped_refptr<net::ParsedCertificate> root = | 82 scoped_refptr<net::ParsedCertificate> root = |
| 83 net::ParsedCertificate::CreateFromCertificateCopy(certs.back(), {}); | 83 net::ParsedCertificate::CreateFromCertificateCopy(certs.back(), {}); |
| 84 ASSERT_TRUE(root); | 84 ASSERT_TRUE(root); |
| 85 | 85 |
| 86 // Remove it from the chain. | 86 // Remove it from the chain. |
| 87 certs.pop_back(); | 87 certs.pop_back(); |
| 88 | 88 |
| 89 // Add it to the trust store as a trust anchor | 89 // Add it to the trust store as a trust anchor |
| 90 trust_store.reset(new net::TrustStore); | 90 trust_store.reset(new net::TrustStoreInMemory); |
| 91 | 91 |
| 92 if (trust_store_dependency == TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED) { | 92 if (trust_store_dependency == TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED) { |
| 93 // This is a test-only mode where anchor constraints are not enforced. | 93 // This is a test-only mode where anchor constraints are not enforced. |
| 94 trust_store->AddTrustAnchor( | 94 trust_store->AddTrustAnchor( |
| 95 net::TrustAnchor::CreateFromCertificateNoConstraints( | 95 net::TrustAnchor::CreateFromCertificateNoConstraints( |
| 96 std::move(root))); | 96 std::move(root))); |
| 97 } else { | 97 } else { |
| 98 // This is the regular mode used by the TrustAnchors for the built-in | 98 // This is the regular mode used by the TrustAnchors for the built-in |
| 99 // Cast store. | 99 // Cast store. |
| 100 trust_store->AddTrustAnchor( | 100 trust_store->AddTrustAnchor( |
| (...skipping 449 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 550 auto context = | 550 auto context = |
| 551 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki)); | 551 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki)); |
| 552 | 552 |
| 553 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature), | 553 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature), |
| 554 CreateString(kEx2Message))); | 554 CreateString(kEx2Message))); |
| 555 } | 555 } |
| 556 | 556 |
| 557 } // namespace | 557 } // namespace |
| 558 | 558 |
| 559 } // namespace cast_certificate | 559 } // namespace cast_certificate |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2252933002:
Make TrustStore into an interface, move impl to TrustStoreInMemory. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master