Refactor VerifyCertificateChain test data to include a key purpose

net/cert/internal/test_helpers.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/internal/test_helpers.h"
 
 #include "base/base64.h"
 #include "base/base_paths.h"
 #include "base/files/file_util.h"
 #include "base/path_service.h"
@@ skipping 84 matching lines @@
   for (const auto& mapping : mappings_copy) {
     if (mapping.value && !mapping.optional) {
       return ::testing::AssertionFailure() << "PEM block missing: "
                                            << mapping.block_name;
     }
   }
 
   return ::testing::AssertionSuccess();
 }
 
+VerifyCertChainTest::VerifyCertChainTest() = default;
+VerifyCertChainTest::~VerifyCertChainTest() = default;
+
 void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,
-                                     ParsedCertificateList* chain,
-                                     scoped_refptr<TrustAnchor>* trust_anchor,
-                                     der::GeneralizedTime* time,
-                                     bool* verify_result,
-                                     std::string* expected_errors) {
-  chain->clear();
-  *trust_anchor = nullptr;
-  expected_errors->clear();
+                                     VerifyCertChainTest* test) {
+  // Reset all the out parameters to their defaults.
+  *test = {};
 
   std::string file_data = ReadTestFileToString(file_path_ascii);
 
   std::vector<std::string> pem_headers;
 
   // For details on the file format refer to:
   // net/data/verify_certificate_chain_unittest/README.
   const char kCertificateHeader[] = "CERTIFICATE";
   const char kTrustAnchorUnconstrained[] = "TRUST_ANCHOR_UNCONSTRAINED";
   const char kTrustAnchorConstrained[] = "TRUST_ANCHOR_CONSTRAINED";
   const char kTimeHeader[] = "TIME";
   const char kResultHeader[] = "VERIFY_RESULT";
   const char kErrorsHeader[] = "ERRORS";
+  const char kKeyPurpose[] = "KEY_PURPOSE";
 
   pem_headers.push_back(kCertificateHeader);
   pem_headers.push_back(kTrustAnchorUnconstrained);
   pem_headers.push_back(kTrustAnchorConstrained);
   pem_headers.push_back(kTimeHeader);
   pem_headers.push_back(kResultHeader);
   pem_headers.push_back(kErrorsHeader);
+  pem_headers.push_back(kKeyPurpose);
 
   bool has_time = false;
   bool has_result = false;
   bool has_errors = false;
+  bool has_key_purpose = false;
 
   PEMTokenizer pem_tokenizer(file_data, pem_headers);
   while (pem_tokenizer.GetNext()) {
     const std::string& block_type = pem_tokenizer.block_type();
     const std::string& block_data = pem_tokenizer.data();
 
     if (block_type == kCertificateHeader) {
       CertErrors errors;
       ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(
           bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(
               reinterpret_cast<const uint8_t*>(block_data.data()),
               block_data.size(), nullptr)),
-          {}, chain, &errors))
+          {}, &test->chain, &errors))
           << errors.ToDebugString();
     } else if (block_type == kTrustAnchorUnconstrained ||
                block_type == kTrustAnchorConstrained) {
-      ASSERT_FALSE(*trust_anchor) << "Duplicate trust anchor";
+      ASSERT_FALSE(test->trust_anchor) << "Duplicate trust anchor";
       CertErrors errors;
       scoped_refptr<ParsedCertificate> root = net::ParsedCertificate::Create(
           bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(
               reinterpret_cast<const uint8_t*>(block_data.data()),
               block_data.size(), nullptr)),
           {}, &errors);
       ASSERT_TRUE(root) << errors.ToDebugString();
-      *trust_anchor =
+      test->trust_anchor =
           block_type == kTrustAnchorUnconstrained
               ? TrustAnchor::CreateFromCertificateNoConstraints(std::move(root))
               : TrustAnchor::CreateFromCertificateWithConstraints(
                     std::move(root));
     } else if (block_type == kTimeHeader) {
       ASSERT_FALSE(has_time) << "Duplicate " << kTimeHeader;
       has_time = true;
-      ASSERT_TRUE(der::ParseUTCTime(der::Input(&block_data), time));
+      ASSERT_TRUE(der::ParseUTCTime(der::Input(&block_data), &test->time));
+    } else if (block_type == kKeyPurpose) {
+      ASSERT_FALSE(has_key_purpose) << "Duplicate " << kKeyPurpose;
+      has_key_purpose = true;
+
+      if (block_data == "anyExtendedKeyUsage") {
+        // TODO(eroman): test->key_purpose = ....
+      } else if (block_data == "serverAuth") {
+        // TODO(eroman): test->key_purpose = ....
+      } else if (block_data == "clientAuth") {
+        // TODO(eroman): test->key_purpose = ....
+      } else {
+        ADD_FAILURE() << "Unrecognized " << block_type << ": " << block_data;
+      }
     } else if (block_type == kResultHeader) {
       ASSERT_FALSE(has_result) << "Duplicate " << kResultHeader;
       ASSERT_TRUE(block_data == "SUCCESS" || block_data == "FAIL")
           << "Unrecognized result: " << block_data;
       has_result = true;
-      *verify_result = block_data == "SUCCESS";
+      test->expected_result = block_data == "SUCCESS";
     } else if (block_type == kErrorsHeader) {
       ASSERT_FALSE(has_errors) << "Duplicate " << kErrorsHeader;
       has_errors = true;
-      *expected_errors = block_data;
+      test->expected_errors = block_data;
     }
   }
 
   ASSERT_TRUE(has_time);
   ASSERT_TRUE(has_result);
-  ASSERT_TRUE(*trust_anchor);
+  ASSERT_TRUE(test->trust_anchor);
+  ASSERT_TRUE(has_key_purpose);
 }
 
 std::string ReadTestFileToString(const std::string& file_path_ascii) {
   // Compute the full path, relative to the src/ directory.
   base::FilePath src_root;
   PathService::Get(base::DIR_SOURCE_ROOT, &src_root);
   base::FilePath filepath = src_root.AppendASCII(file_path_ascii);
 
   // Read the full contents of the file.
   std::string file_data;
   if (!base::ReadFileToString(filepath, &file_data)) {
     ADD_FAILURE() << "Couldn't read file: " << filepath.value();
     return std::string();
   }
 
   return file_data;
 }
 
 }  // namespace net