| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/parsed_certificate.h" | 5 #include "net/cert/internal/parsed_certificate.h" |
| 6 | 6 |
| 7 #include "net/cert/internal/cert_errors.h" | 7 #include "net/cert/internal/cert_errors.h" |
| 8 #include "net/cert/internal/parse_certificate.h" | 8 #include "net/cert/internal/parse_certificate.h" |
| 9 #include "net/cert/internal/test_helpers.h" | 9 #include "net/cert/internal/test_helpers.h" |
| 10 #include "net/der/input.h" | 10 #include "net/der/input.h" |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 } | 61 } |
| 62 | 62 |
| 63 // Parses an Extension whose critical field is true (255). | 63 // Parses an Extension whose critical field is true (255). |
| 64 TEST(ParsedCertificateTest, ExtensionCritical) { | 64 TEST(ParsedCertificateTest, ExtensionCritical) { |
| 65 scoped_refptr<ParsedCertificate> cert = | 65 scoped_refptr<ParsedCertificate> cert = |
| 66 ParseCertificateFromFile("extension_critical.pem"); | 66 ParseCertificateFromFile("extension_critical.pem"); |
| 67 ASSERT_TRUE(cert); | 67 ASSERT_TRUE(cert); |
| 68 | 68 |
| 69 const uint8_t kExpectedValue[] = {0x30, 0x00}; | 69 const uint8_t kExpectedValue[] = {0x30, 0x00}; |
| 70 | 70 |
| 71 auto it = cert->unparsed_extensions().find(DavidBenOid()); | 71 ParsedExtension extension; |
| 72 ASSERT_NE(cert->unparsed_extensions().end(), it); | 72 ASSERT_TRUE(cert->GetExtension(DavidBenOid(), &extension)); |
| 73 const auto& extension = it->second; | |
| 74 | 73 |
| 75 EXPECT_TRUE(extension.critical); | 74 EXPECT_TRUE(extension.critical); |
| 76 EXPECT_EQ(DavidBenOid(), extension.oid); | 75 EXPECT_EQ(DavidBenOid(), extension.oid); |
| 77 EXPECT_EQ(der::Input(kExpectedValue), extension.value); | 76 EXPECT_EQ(der::Input(kExpectedValue), extension.value); |
| 78 } | 77 } |
| 79 | 78 |
| 80 // Parses an Extension whose critical field is false (omitted). | 79 // Parses an Extension whose critical field is false (omitted). |
| 81 TEST(ParsedCertificateTest, ExtensionNotCritical) { | 80 TEST(ParsedCertificateTest, ExtensionNotCritical) { |
| 82 scoped_refptr<ParsedCertificate> cert = | 81 scoped_refptr<ParsedCertificate> cert = |
| 83 ParseCertificateFromFile("extension_not_critical.pem"); | 82 ParseCertificateFromFile("extension_not_critical.pem"); |
| 84 ASSERT_TRUE(cert); | 83 ASSERT_TRUE(cert); |
| 85 | 84 |
| 86 const uint8_t kExpectedValue[] = {0x30, 0x00}; | 85 const uint8_t kExpectedValue[] = {0x30, 0x00}; |
| 87 | 86 |
| 88 auto it = cert->unparsed_extensions().find(DavidBenOid()); | 87 ParsedExtension extension; |
| 89 ASSERT_NE(cert->unparsed_extensions().end(), it); | 88 ASSERT_TRUE(cert->GetExtension(DavidBenOid(), &extension)); |
| 90 const auto& extension = it->second; | |
| 91 | 89 |
| 92 EXPECT_FALSE(extension.critical); | 90 EXPECT_FALSE(extension.critical); |
| 93 EXPECT_EQ(DavidBenOid(), extension.oid); | 91 EXPECT_EQ(DavidBenOid(), extension.oid); |
| 94 EXPECT_EQ(der::Input(kExpectedValue), extension.value); | 92 EXPECT_EQ(der::Input(kExpectedValue), extension.value); |
| 95 } | 93 } |
| 96 | 94 |
| 97 // Parses an Extension whose critical field is 0. This is in one sense FALSE, | 95 // Parses an Extension whose critical field is 0. This is in one sense FALSE, |
| 98 // however because critical has DEFAULT of false this is in fact invalid | 96 // however because critical has DEFAULT of false this is in fact invalid |
| 99 // DER-encoding. | 97 // DER-encoding. |
| 100 TEST(ParsedCertificateTest, ExtensionCritical0) { | 98 TEST(ParsedCertificateTest, ExtensionCritical0) { |
| (...skipping 26 matching lines...) Expand all Loading... |
| 127 TEST(ParsedCertificateTest, ExtensionsDuplicateKeyUsage) { | 125 TEST(ParsedCertificateTest, ExtensionsDuplicateKeyUsage) { |
| 128 ASSERT_FALSE(ParseCertificateFromFile("extensions_duplicate_key_usage.pem")); | 126 ASSERT_FALSE(ParseCertificateFromFile("extensions_duplicate_key_usage.pem")); |
| 129 } | 127 } |
| 130 | 128 |
| 131 // Parses an Extensions that contains an extended key usages. | 129 // Parses an Extensions that contains an extended key usages. |
| 132 TEST(ParsedCertificateTest, ExtendedKeyUsage) { | 130 TEST(ParsedCertificateTest, ExtendedKeyUsage) { |
| 133 scoped_refptr<ParsedCertificate> cert = | 131 scoped_refptr<ParsedCertificate> cert = |
| 134 ParseCertificateFromFile("extended_key_usage.pem"); | 132 ParseCertificateFromFile("extended_key_usage.pem"); |
| 135 ASSERT_TRUE(cert); | 133 ASSERT_TRUE(cert); |
| 136 | 134 |
| 137 const auto& extensions = cert->unparsed_extensions(); | 135 ASSERT_EQ(4u, cert->extensions().size()); |
| 138 ASSERT_EQ(3u, extensions.size()); | |
| 139 | 136 |
| 140 auto iter = extensions.find(ExtKeyUsageOid()); | 137 ParsedExtension extension; |
| 141 ASSERT_TRUE(iter != extensions.end()); | 138 ASSERT_TRUE(cert->GetExtension(ExtKeyUsageOid(), &extension)); |
| 142 EXPECT_FALSE(iter->second.critical); | 139 |
| 143 EXPECT_EQ(45u, iter->second.value.Length()); | 140 EXPECT_FALSE(extension.critical); |
| 141 EXPECT_EQ(45u, extension.value.Length()); |
| 142 |
| 143 EXPECT_TRUE(cert->has_extended_key_usage()); |
| 144 EXPECT_EQ(4u, cert->extended_key_usage().size()); |
| 144 } | 145 } |
| 145 | 146 |
| 146 // Parses an Extensions that contains a key usage. | 147 // Parses an Extensions that contains a key usage. |
| 147 TEST(ParsedCertificateTest, KeyUsage) { | 148 TEST(ParsedCertificateTest, KeyUsage) { |
| 148 scoped_refptr<ParsedCertificate> cert = | 149 scoped_refptr<ParsedCertificate> cert = |
| 149 ParseCertificateFromFile("key_usage.pem"); | 150 ParseCertificateFromFile("key_usage.pem"); |
| 150 ASSERT_TRUE(cert); | 151 ASSERT_TRUE(cert); |
| 151 | 152 |
| 152 ASSERT_TRUE(cert->has_key_usage()); | 153 ASSERT_TRUE(cert->has_key_usage()); |
| 153 | 154 |
| 154 EXPECT_EQ(5u, cert->key_usage().unused_bits()); | 155 EXPECT_EQ(5u, cert->key_usage().unused_bits()); |
| 155 const uint8_t kExpectedBytes[] = {0xA0}; | 156 const uint8_t kExpectedBytes[] = {0xA0}; |
| 156 EXPECT_EQ(der::Input(kExpectedBytes), cert->key_usage().bytes()); | 157 EXPECT_EQ(der::Input(kExpectedBytes), cert->key_usage().bytes()); |
| 157 | 158 |
| 158 EXPECT_TRUE(cert->key_usage().AssertsBit(0)); | 159 EXPECT_TRUE(cert->key_usage().AssertsBit(0)); |
| 159 EXPECT_FALSE(cert->key_usage().AssertsBit(1)); | 160 EXPECT_FALSE(cert->key_usage().AssertsBit(1)); |
| 160 EXPECT_TRUE(cert->key_usage().AssertsBit(2)); | 161 EXPECT_TRUE(cert->key_usage().AssertsBit(2)); |
| 161 } | 162 } |
| 162 | 163 |
| 163 // Parses an Extensions that contains a policies extension. | 164 // Parses an Extensions that contains a policies extension. |
| 164 TEST(ParsedCertificateTest, Policies) { | 165 TEST(ParsedCertificateTest, Policies) { |
| 165 scoped_refptr<ParsedCertificate> cert = | 166 scoped_refptr<ParsedCertificate> cert = |
| 166 ParseCertificateFromFile("policies.pem"); | 167 ParseCertificateFromFile("policies.pem"); |
| 167 ASSERT_TRUE(cert); | 168 ASSERT_TRUE(cert); |
| 168 | 169 |
| 169 const auto& extensions = cert->unparsed_extensions(); | 170 ASSERT_EQ(4u, cert->extensions().size()); |
| 170 ASSERT_EQ(3u, extensions.size()); | |
| 171 | 171 |
| 172 auto iter = extensions.find(CertificatePoliciesOid()); | 172 ParsedExtension extension; |
| 173 ASSERT_TRUE(iter != extensions.end()); | 173 ASSERT_TRUE(cert->GetExtension(CertificatePoliciesOid(), &extension)); |
| 174 EXPECT_FALSE(iter->second.critical); | 174 |
| 175 EXPECT_EQ(95u, iter->second.value.Length()); | 175 EXPECT_FALSE(extension.critical); |
| 176 EXPECT_EQ(95u, extension.value.Length()); |
| 177 |
| 178 EXPECT_TRUE(cert->has_policy_oids()); |
| 179 EXPECT_EQ(2u, cert->policy_oids().size()); |
| 176 } | 180 } |
| 177 | 181 |
| 178 // Parses an Extensions that contains a subjectaltname extension. | 182 // Parses an Extensions that contains a subjectaltname extension. |
| 179 TEST(ParsedCertificateTest, SubjectAltName) { | 183 TEST(ParsedCertificateTest, SubjectAltName) { |
| 180 scoped_refptr<ParsedCertificate> cert = | 184 scoped_refptr<ParsedCertificate> cert = |
| 181 ParseCertificateFromFile("subject_alt_name.pem"); | 185 ParseCertificateFromFile("subject_alt_name.pem"); |
| 182 ASSERT_TRUE(cert); | 186 ASSERT_TRUE(cert); |
| 183 | 187 |
| 184 ASSERT_TRUE(cert->has_subject_alt_names()); | 188 ASSERT_TRUE(cert->has_subject_alt_names()); |
| 185 } | 189 } |
| 186 | 190 |
| 187 // Parses an Extensions that contains multiple extensions, sourced from a | 191 // Parses an Extensions that contains multiple extensions, sourced from a |
| 188 // real-world certificate. | 192 // real-world certificate. |
| 189 TEST(ParsedCertificateTest, ExtensionsReal) { | 193 TEST(ParsedCertificateTest, ExtensionsReal) { |
| 190 scoped_refptr<ParsedCertificate> cert = | 194 scoped_refptr<ParsedCertificate> cert = |
| 191 ParseCertificateFromFile("extensions_real.pem"); | 195 ParseCertificateFromFile("extensions_real.pem"); |
| 192 ASSERT_TRUE(cert); | 196 ASSERT_TRUE(cert); |
| 193 | 197 |
| 194 const auto& extensions = cert->unparsed_extensions(); | 198 ASSERT_EQ(7u, cert->extensions().size()); |
| 195 ASSERT_EQ(4u, extensions.size()); | |
| 196 | 199 |
| 197 EXPECT_TRUE(cert->has_key_usage()); | 200 EXPECT_TRUE(cert->has_key_usage()); |
| 198 EXPECT_TRUE(cert->has_basic_constraints()); | 201 EXPECT_TRUE(cert->has_basic_constraints()); |
| 202 EXPECT_TRUE(cert->has_policy_oids()); |
| 199 | 203 |
| 200 auto iter = extensions.find(CertificatePoliciesOid()); | 204 ParsedExtension extension; |
| 201 ASSERT_TRUE(iter != extensions.end()); | 205 ASSERT_TRUE(cert->GetExtension(CertificatePoliciesOid(), &extension)); |
| 202 EXPECT_FALSE(iter->second.critical); | 206 |
| 203 EXPECT_EQ(16u, iter->second.value.Length()); | 207 EXPECT_FALSE(extension.critical); |
| 208 EXPECT_EQ(16u, extension.value.Length()); |
| 204 | 209 |
| 205 // TODO(eroman): Verify the other 4 extensions' values. | 210 // TODO(eroman): Verify the other 4 extensions' values. |
| 206 } | 211 } |
| 207 | 212 |
| 208 // Parses a BasicConstraints with no CA or pathlen. | 213 // Parses a BasicConstraints with no CA or pathlen. |
| 209 TEST(ParsedCertificateTest, BasicConstraintsNotCa) { | 214 TEST(ParsedCertificateTest, BasicConstraintsNotCa) { |
| 210 scoped_refptr<ParsedCertificate> cert = | 215 scoped_refptr<ParsedCertificate> cert = |
| 211 ParseCertificateFromFile("basic_constraints_not_ca.pem"); | 216 ParseCertificateFromFile("basic_constraints_not_ca.pem"); |
| 212 ASSERT_TRUE(cert); | 217 ASSERT_TRUE(cert); |
| 213 | 218 |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 297 | 302 |
| 298 EXPECT_TRUE(cert->has_basic_constraints()); | 303 EXPECT_TRUE(cert->has_basic_constraints()); |
| 299 EXPECT_FALSE(cert->basic_constraints().is_ca); | 304 EXPECT_FALSE(cert->basic_constraints().is_ca); |
| 300 EXPECT_TRUE(cert->basic_constraints().has_path_len); | 305 EXPECT_TRUE(cert->basic_constraints().has_path_len); |
| 301 EXPECT_EQ(1u, cert->basic_constraints().path_len); | 306 EXPECT_EQ(1u, cert->basic_constraints().path_len); |
| 302 } | 307 } |
| 303 | 308 |
| 304 } // namespace | 309 } // namespace |
| 305 | 310 |
| 306 } // namespace net | 311 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2803513003:
Remove ParsedCertificate::unparsed_extensions(). (Closed)
