Convert iOS to use X509CertificateBytes.

net/cert/x509_util_ios_and_mac_unittest.cc

+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/x509_util_ios_and_mac.h"
+
+#include "net/cert/x509_certificate.h"
+#include "net/test/cert_test_util.h"
+#include "net/test/test_data_directory.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+#if defined(OS_IOS)
+#include "net/cert/x509_util_ios.h"
+#else
+#include "net/cert/x509_util_mac.h"
+#endif
+
+namespace net {
+
+namespace x509_util {
+
+namespace {
+
+std::string BytesForSecCert(SecCertificateRef sec_cert) {
+  std::string result;
+  base::ScopedCFTypeRef<CFDataRef> der_data(SecCertificateCopyData(sec_cert));
+  if (!der_data) {
+    ADD_FAILURE();
+    return result;
+  }
+  result.assign(reinterpret_cast<const char*>(CFDataGetBytePtr(der_data)),
+                CFDataGetLength(der_data));
+  return result;
+}
+
+std::string BytesForSecCert(const void* sec_cert) {
+  return BytesForSecCert(
+      reinterpret_cast<SecCertificateRef>(const_cast<void*>(sec_cert)));
+}
+
+std::string BytesForX509CertHandle(X509Certificate::OSCertHandle handle) {
+  std::string result;
+  if (!X509Certificate::GetDEREncoded(handle, &result))
+    ADD_FAILURE();
+  return result;
+}
+
+std::string BytesForX509Cert(X509Certificate* cert) {
+  return BytesForX509CertHandle(cert->os_cert_handle());
+}
+
+}  // namespace
+
+TEST(X509UtilTest, CreateSecCertificateArrayForX509Certificate) {
+  scoped_refptr<X509Certificate> cert = CreateCertificateChainFromFile(
+      GetTestCertsDirectory(), "multi-root-chain1.pem",
+      X509Certificate::FORMAT_PEM_CERT_SEQUENCE);
+  ASSERT_TRUE(cert);
+  EXPECT_EQ(3U, cert->GetIntermediateCertificates().size());
+
+  base::ScopedCFTypeRef<CFMutableArrayRef> sec_certs(
+      CreateSecCertificateArrayForX509Certificate(cert.get()));
+  ASSERT_TRUE(sec_certs);
+  ASSERT_EQ(4, CFArrayGetCount(sec_certs.get()));
+  for (int i = 0; i < 4; ++i)
+    ASSERT_TRUE(CFArrayGetValueAtIndex(sec_certs.get(), i));
+
+  EXPECT_EQ(BytesForX509Cert(cert.get()),
+            BytesForSecCert(CFArrayGetValueAtIndex(sec_certs.get(), 0)));
+  EXPECT_EQ(BytesForX509CertHandle(cert->GetIntermediateCertificates()[0]),
+            BytesForSecCert(CFArrayGetValueAtIndex(sec_certs.get(), 1)));
+  EXPECT_EQ(BytesForX509CertHandle(cert->GetIntermediateCertificates()[1]),
+            BytesForSecCert(CFArrayGetValueAtIndex(sec_certs.get(), 2)));
+  EXPECT_EQ(BytesForX509CertHandle(cert->GetIntermediateCertificates()[2]),
+            BytesForSecCert(CFArrayGetValueAtIndex(sec_certs.get(), 3)));
+}
+
+TEST(X509UtilTest,
+     CreateSecCertificateFromBytesAndCreateX509CertificateFromSecCertificate) {
+  CertificateList certs = CreateCertificateListFromFile(
+      GetTestCertsDirectory(), "multi-root-chain1.pem",
+      X509Certificate::FORMAT_PEM_CERT_SEQUENCE);
+  ASSERT_EQ(4u, certs.size());
+
+  std::string bytes_cert0 = BytesForX509CertHandle(certs[0]->os_cert_handle());
+  std::string bytes_cert1 = BytesForX509CertHandle(certs[1]->os_cert_handle());
+  std::string bytes_cert2 = BytesForX509CertHandle(certs[2]->os_cert_handle());
+  std::string bytes_cert3 = BytesForX509CertHandle(certs[3]->os_cert_handle());
+
+  base::ScopedCFTypeRef<SecCertificateRef> sec_cert0(
+      CreateSecCertificateFromBytes(
+          reinterpret_cast<const uint8_t*>(bytes_cert0.data()),
+          bytes_cert0.length()));
+  ASSERT_TRUE(sec_cert0);
+  EXPECT_EQ(bytes_cert0, BytesForSecCert(sec_cert0));
+
+  base::ScopedCFTypeRef<SecCertificateRef> sec_cert1(
+      CreateSecCertificateFromBytes(
+          reinterpret_cast<const uint8_t*>(bytes_cert1.data()),
+          bytes_cert1.length()));
+  ASSERT_TRUE(sec_cert1);
+  EXPECT_EQ(bytes_cert1, BytesForSecCert(sec_cert1));
+
+  base::ScopedCFTypeRef<SecCertificateRef> sec_cert2(
+      CreateSecCertificateFromX509Certificate(certs[2].get()));
+  ASSERT_TRUE(sec_cert2);
+  EXPECT_EQ(bytes_cert2, BytesForSecCert(sec_cert2));
+
+  base::ScopedCFTypeRef<SecCertificateRef> sec_cert3(
+      CreateSecCertificateFromX509Certificate(certs[3].get()));
+  ASSERT_TRUE(sec_cert3);
+  EXPECT_EQ(bytes_cert3, BytesForSecCert(sec_cert3));
+
+  scoped_refptr<X509Certificate> x509_cert_no_intermediates =
+      CreateX509CertificateFromSecCertificate(sec_cert0.get(), {});
+  ASSERT_TRUE(x509_cert_no_intermediates);
+  EXPECT_EQ(0U,
+            x509_cert_no_intermediates->GetIntermediateCertificates().size());
+  EXPECT_EQ(bytes_cert0, BytesForX509CertHandle(
+                             x509_cert_no_intermediates->os_cert_handle()));
+
+  scoped_refptr<X509Certificate> x509_cert_one_intermediate =
+      CreateX509CertificateFromSecCertificate(sec_cert0.get(),
+                                              {sec_cert1.get()});
+  ASSERT_TRUE(x509_cert_one_intermediate);
+  EXPECT_EQ(bytes_cert0, BytesForX509CertHandle(
+                             x509_cert_one_intermediate->os_cert_handle()));
+  ASSERT_EQ(1U,
+            x509_cert_one_intermediate->GetIntermediateCertificates().size());
+  EXPECT_EQ(bytes_cert1,
+            BytesForX509CertHandle(
+                x509_cert_one_intermediate->GetIntermediateCertificates()[0]));
+
+  scoped_refptr<X509Certificate> x509_cert_two_intermediates =
+      CreateX509CertificateFromSecCertificate(
+          sec_cert0.get(), {sec_cert1.get(), sec_cert2.get()});
+  ASSERT_TRUE(x509_cert_two_intermediates);
+  EXPECT_EQ(bytes_cert0, BytesForX509CertHandle(
+                             x509_cert_two_intermediates->os_cert_handle()));
+  ASSERT_EQ(2U,
+            x509_cert_two_intermediates->GetIntermediateCertificates().size());
+  EXPECT_EQ(bytes_cert1,
+            BytesForX509CertHandle(
+                x509_cert_two_intermediates->GetIntermediateCertificates()[0]));
+  EXPECT_EQ(bytes_cert2,
+            BytesForX509CertHandle(
+                x509_cert_two_intermediates->GetIntermediateCertificates()[1]));
+}
+
+}  // namespace x509_util
+
+}  // namespace net