| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_objects_extractor.h" | 5 #include "net/cert/ct_objects_extractor.h" |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "net/base/test_data_directory.h" | 8 #include "net/base/test_data_directory.h" |
| 9 #include "net/cert/ct_log_verifier.h" | 9 #include "net/cert/ct_log_verifier.h" |
| 10 #include "net/cert/ct_serialization.h" | 10 #include "net/cert/ct_serialization.h" |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 123 EXPECT_TRUE(log_->Verify(entry, *sct)); | 123 EXPECT_TRUE(log_->Verify(entry, *sct)); |
| 124 } | 124 } |
| 125 | 125 |
| 126 // Test that the extractor can parse OCSP responses. | 126 // Test that the extractor can parse OCSP responses. |
| 127 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponse) { | 127 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponse) { |
| 128 std::string der_subject_cert(ct::GetDerEncodedFakeOCSPResponseCert()); | 128 std::string der_subject_cert(ct::GetDerEncodedFakeOCSPResponseCert()); |
| 129 scoped_refptr<X509Certificate> subject_cert = | 129 scoped_refptr<X509Certificate> subject_cert = |
| 130 X509Certificate::CreateFromBytes(der_subject_cert.data(), | 130 X509Certificate::CreateFromBytes(der_subject_cert.data(), |
| 131 der_subject_cert.length()); | 131 der_subject_cert.length()); |
| 132 std::string der_issuer_cert(ct::GetDerEncodedFakeOCSPResponseIssuerCert()); | 132 std::string der_issuer_cert(ct::GetDerEncodedFakeOCSPResponseIssuerCert()); |
| 133 scoped_refptr<X509Certificate> issuer_cert = | 133 scoped_refptr<X509Certificate> issuer_cert = X509Certificate::CreateFromBytes( |
| 134 X509Certificate::CreateFromBytes(der_issuer_cert.data(), | 134 der_issuer_cert.data(), der_issuer_cert.length()); |
| 135 der_issuer_cert.length()); | |
| 136 | 135 |
| 137 std::string fake_sct_list = ct::GetFakeOCSPExtensionValue(); | 136 std::string fake_sct_list = ct::GetFakeOCSPExtensionValue(); |
| 138 ASSERT_FALSE(fake_sct_list.empty()); | 137 ASSERT_FALSE(fake_sct_list.empty()); |
| 139 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); | 138 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); |
| 140 | 139 |
| 141 std::string extracted_sct_list; | 140 std::string extracted_sct_list; |
| 142 EXPECT_TRUE(ct::ExtractSCTListFromOCSPResponse( | 141 EXPECT_TRUE(ct::ExtractSCTListFromOCSPResponse(issuer_cert->os_cert_handle(), |
| 143 issuer_cert->os_cert_handle(), subject_cert->serial_number(), | 142 subject_cert->serial_number(), |
| 144 ocsp_response, &extracted_sct_list)); | 143 ocsp_response, |
| 144 &extracted_sct_list)); |
| 145 EXPECT_EQ(extracted_sct_list, fake_sct_list); | 145 EXPECT_EQ(extracted_sct_list, fake_sct_list); |
| 146 } | 146 } |
| 147 | 147 |
| 148 // Test that the extractor honours serial number. | 148 // Test that the extractor honours serial number. |
| 149 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponseMatchesSerial) { | 149 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponseMatchesSerial) { |
| 150 std::string der_issuer_cert(ct::GetDerEncodedFakeOCSPResponseIssuerCert()); | 150 std::string der_issuer_cert(ct::GetDerEncodedFakeOCSPResponseIssuerCert()); |
| 151 scoped_refptr<X509Certificate> issuer_cert = | 151 scoped_refptr<X509Certificate> issuer_cert = X509Certificate::CreateFromBytes( |
| 152 X509Certificate::CreateFromBytes(der_issuer_cert.data(), | 152 der_issuer_cert.data(), der_issuer_cert.length()); |
| 153 der_issuer_cert.length()); | |
| 154 | 153 |
| 155 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); | 154 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); |
| 156 | 155 |
| 157 std::string extracted_sct_list; | 156 std::string extracted_sct_list; |
| 158 EXPECT_FALSE(ct::ExtractSCTListFromOCSPResponse( | 157 EXPECT_FALSE(ct::ExtractSCTListFromOCSPResponse(issuer_cert->os_cert_handle(), |
| 159 issuer_cert->os_cert_handle(), test_cert_->serial_number(), | 158 test_cert_->serial_number(), |
| 160 ocsp_response, &extracted_sct_list)); | 159 ocsp_response, |
| 160 &extracted_sct_list)); |
| 161 } | 161 } |
| 162 | 162 |
| 163 // Test that the extractor honours issuer ID. | 163 // Test that the extractor honours issuer ID. |
| 164 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponseMatchesIssuer) { | 164 TEST_F(CTObjectsExtractorTest, ExtractSCTListFromOCSPResponseMatchesIssuer) { |
| 165 std::string der_subject_cert(ct::GetDerEncodedFakeOCSPResponseCert()); | 165 std::string der_subject_cert(ct::GetDerEncodedFakeOCSPResponseCert()); |
| 166 scoped_refptr<X509Certificate> subject_cert = | 166 scoped_refptr<X509Certificate> subject_cert = |
| 167 X509Certificate::CreateFromBytes(der_subject_cert.data(), | 167 X509Certificate::CreateFromBytes(der_subject_cert.data(), |
| 168 der_subject_cert.length()); | 168 der_subject_cert.length()); |
| 169 | 169 |
| 170 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); | 170 std::string ocsp_response = ct::GetDerEncodedFakeOCSPResponse(); |
| 171 | 171 |
| 172 std::string extracted_sct_list; | 172 std::string extracted_sct_list; |
| 173 // Use test_cert_ for issuer - it is not the correct issuer of |subject_cert|. | 173 // Use test_cert_ for issuer - it is not the correct issuer of |subject_cert|. |
| 174 EXPECT_FALSE(ct::ExtractSCTListFromOCSPResponse( | 174 EXPECT_FALSE(ct::ExtractSCTListFromOCSPResponse(test_cert_->os_cert_handle(), |
| 175 test_cert_->os_cert_handle(), subject_cert->serial_number(), | 175 subject_cert->serial_number(), |
| 176 ocsp_response, &extracted_sct_list)); | 176 ocsp_response, |
| 177 &extracted_sct_list)); |
| 177 } | 178 } |
| 178 | 179 |
| 179 } // namespace ct | 180 } // namespace ct |
| 180 | 181 |
| 181 } // namespace net | 182 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
