| Index: net/cert/internal/nist_pkits_unittest.h
|
| diff --git a/net/cert/internal/nist_pkits_unittest.h b/net/cert/internal/nist_pkits_unittest.h
|
| index 265f332bbd94ca3ccf8d368741d718dfc8a55771..026f517469c2944e2301934988067a0a4e8b6ff7 100644
|
| --- a/net/cert/internal/nist_pkits_unittest.h
|
| +++ b/net/cert/internal/nist_pkits_unittest.h
|
| @@ -8,22 +8,36 @@
|
| #include <set>
|
|
|
| #include "net/cert/internal/test_helpers.h"
|
| +#include "net/der/parse_values.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
|
|
| namespace net {
|
|
|
| -// Describes additional inputs to verification in the PKITS tests
|
| -// (which are referred to as "settings" in that document).
|
| -struct PkitsTestSettings {
|
| +// Describes the inputs and outputs (other than the certificates) for
|
| +// the PKITS tests.
|
| +struct PkitsTestInfo {
|
| // Default construction results in the "default settings".
|
| - PkitsTestSettings();
|
| - ~PkitsTestSettings();
|
| + PkitsTestInfo();
|
| + ~PkitsTestInfo();
|
|
|
| // Sets |initial_policy_set| to the specified policies. The
|
| // policies are described as comma-separated symbolic strings like
|
| // "anyPolicy" and "NIST-test-policy-1".
|
| void SetInitialPolicySet(const char* const policy_names);
|
|
|
| + // Sets |user_constrained_policy_set| to the specified policies. The
|
| + // policies are described as comma-separated symbolic strings like
|
| + // "anyPolicy" and "NIST-test-policy-1".
|
| + void SetUserConstrainedPolicySet(const char* const policy_names);
|
| +
|
| + void SetInitialExplicitPolicy(bool b);
|
| + void SetInitialPolicyMappingInhibit(bool b);
|
| + void SetInitialInhibitAnyPolicy(bool b);
|
| +
|
| + // ----------------
|
| + // Inputs
|
| + // ----------------
|
| +
|
| // A set of policy OIDs to use for "initial-policy-set".
|
| std::set<der::Input> initial_policy_set;
|
|
|
| @@ -35,19 +49,31 @@ struct PkitsTestSettings {
|
|
|
| // The value of "initial-inhibit-any-policy".
|
| bool initial_inhibit_any_policy = false;
|
| +
|
| + // This is the time when PKITS was published.
|
| + der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0};
|
| +
|
| + // ----------------
|
| + // Expected outputs
|
| + // ----------------
|
| +
|
| + // Whether path validation should succeed.
|
| + bool should_validate = false;
|
| +
|
| + std::set<der::Input> user_constrained_policy_set;
|
| };
|
|
|
| // Parameterized test class for PKITS tests.
|
| // The instantiating code should define a PkitsTestDelegate with an appropriate
|
| -// static Verify method, and then INSTANTIATE_TYPED_TEST_CASE_P for each
|
| +// static RunTest method, and then INSTANTIATE_TYPED_TEST_CASE_P for each
|
| // testcase (each TYPED_TEST_CASE_P in pkits_testcases-inl.h).
|
| template <typename PkitsTestDelegate>
|
| class PkitsTest : public ::testing::Test {
|
| public:
|
| template <size_t num_certs, size_t num_crls>
|
| - bool Verify(const char* const (&cert_names)[num_certs],
|
| - const char* const (&crl_names)[num_crls],
|
| - const PkitsTestSettings& settings) {
|
| + void RunTest(const char* const (&cert_names)[num_certs],
|
| + const char* const (&crl_names)[num_crls],
|
| + const PkitsTestInfo& info) {
|
| std::vector<std::string> cert_ders;
|
| for (const std::string& s : cert_names)
|
| cert_ders.push_back(net::ReadTestFileToString(
|
| @@ -56,7 +82,7 @@ class PkitsTest : public ::testing::Test {
|
| for (const std::string& s : crl_names)
|
| crl_ders.push_back(net::ReadTestFileToString(
|
| "net/third_party/nist-pkits/crls/" + s + ".crl"));
|
| - return PkitsTestDelegate::Verify(cert_ders, crl_ders, settings);
|
| + PkitsTestDelegate::RunTest(cert_ders, crl_ders, info);
|
| }
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 2907353002:
Update PKITs test data to include "user_constrained_policy_set". (Closed)
