Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(851)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/cast_certificate/cast_cert_validator_unittest.cc

Issue 2918233002: Add tests for Cast certificate interpretation of policies. (Closed)
Patch Set: Add more tests, and use less restrictive approach Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/cast_certificate/cast_cert_validator.cc ('k') | components/test/data/cast_certificate/certificates/generate_policies_tests.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/cast_certificate/cast_cert_validator.h" 5 #include "components/cast_certificate/cast_cert_validator.h"
6 6
7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h" 7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h"
8 #include "net/cert/internal/cert_errors.h" 8 #include "net/cert/internal/cert_errors.h"
9 #include "net/cert/internal/parsed_certificate.h" 9 #include "net/cert/internal/parsed_certificate.h"
10 #include "net/cert/internal/trust_store_in_memory.h" 10 #include "net/cert/internal/trust_store_in_memory.h"
(...skipping 398 matching lines...) Expand 10 before | Expand all | Expand 10 after
409 "certificates/violates_root_pathlen_constraint.pem", AprilFirst2016(), 409 "certificates/violates_root_pathlen_constraint.pem", AprilFirst2016(),
410 TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED, ""); 410 TRUST_STORE_FROM_TEST_FILE_UNCONSTRAINED, "");
411 411
412 // Now do the real test and verify validation fails when using a TrustAncho 412 // Now do the real test and verify validation fails when using a TrustAncho
413 // with pathlen constraint. 413 // with pathlen constraint.
414 RunTest(RESULT_FAIL, "Target", CastDeviceCertPolicy::NONE, 414 RunTest(RESULT_FAIL, "Target", CastDeviceCertPolicy::NONE,
415 "certificates/violates_root_pathlen_constraint.pem", AprilFirst2016(), 415 "certificates/violates_root_pathlen_constraint.pem", AprilFirst2016(),
416 TRUST_STORE_FROM_TEST_FILE, ""); 416 TRUST_STORE_FROM_TEST_FILE, "");
417 } 417 }
418 418
419 // Tests verifying a certificate chain with the policies:
420 //
421 // Root: policies={}
422 // Intermediate: policies={anyPolicy}
423 // Leaf: policies={anyPolicy}
424 TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAnypolicy) {
425 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
426 "certificates/policies_ica_anypolicy_leaf_anypolicy.pem",
427 AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, "");
428 }
429
430 // Test verifying a certificate chain with the policies:
431 //
432 // Root: policies={}
433 // Intermediate: policies={anyPolicy}
434 // Leaf: policies={audioOnly}
435 TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAudioonly) {
436 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
437 "certificates/policies_ica_anypolicy_leaf_audioonly.pem",
438 AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, "");
439 }
440
441 // Test verifying a certificate chain with the policies:
442 //
443 // Root: policies={}
444 // Intermediate: policies={anyPolicy}
445 // Leaf: policies={foo}
446 TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafFoo) {
447 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
448 "certificates/policies_ica_anypolicy_leaf_foo.pem", AprilFirst2016(),
449 TRUST_STORE_FROM_TEST_FILE, "");
450 }
451
452 // Test verifying a certificate chain with the policies:
453 //
454 // Root: policies={}
455 // Intermediate: policies={anyPolicy}
456 // Leaf: policies={}
457 TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafNone) {
458 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
459 "certificates/policies_ica_anypolicy_leaf_none.pem", AprilFirst2016(),
460 TRUST_STORE_FROM_TEST_FILE, "");
461 }
462
463 // Test verifying a certificate chain with the policies:
464 //
465 // Root: policies={}
466 // Intermediate: policies={audioOnly}
467 // Leaf: policies={anyPolicy}
468 TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAnypolicy) {
469 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
470 "certificates/policies_ica_audioonly_leaf_anypolicy.pem",
471 AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, "");
472 }
473
474 // Test verifying a certificate chain with the policies:
475 //
476 // Root: policies={}
477 // Intermediate: policies={audioOnly}
478 // Leaf: policies={audioOnly}
479 TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAudioonly) {
480 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
481 "certificates/policies_ica_audioonly_leaf_audioonly.pem",
482 AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, "");
483 }
484
485 // Test verifying a certificate chain with the policies:
486 //
487 // Root: policies={}
488 // Intermediate: policies={audioOnly}
489 // Leaf: policies={foo}
490 TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafFoo) {
491 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
492 "certificates/policies_ica_audioonly_leaf_foo.pem", AprilFirst2016(),
493 TRUST_STORE_FROM_TEST_FILE, "");
494 }
495
496 // Test verifying a certificate chain with the policies:
497 //
498 // Root: policies={}
499 // Intermediate: policies={audioOnly}
500 // Leaf: policies={}
501 TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafNone) {
502 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
503 "certificates/policies_ica_audioonly_leaf_none.pem", AprilFirst2016(),
504 TRUST_STORE_FROM_TEST_FILE, "");
505 }
506
507 // Test verifying a certificate chain with the policies:
508 //
509 // Root: policies={}
510 // Intermediate: policies={}
511 // Leaf: policies={anyPolicy}
512 TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAnypolicy) {
513 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
514 "certificates/policies_ica_none_leaf_anypolicy.pem", AprilFirst2016(),
515 TRUST_STORE_FROM_TEST_FILE, "");
516 }
517
518 // Test verifying a certificate chain with the policies:
519 //
520 // Root: policies={}
521 // Intermediate: policies={}
522 // Leaf: policies={audioOnly}
523 TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAudioonly) {
524 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::AUDIO_ONLY,
525 "certificates/policies_ica_none_leaf_audioonly.pem", AprilFirst2016(),
526 TRUST_STORE_FROM_TEST_FILE, "");
527 }
528
529 // Test verifying a certificate chain with the policies:
530 //
531 // Root: policies={}
532 // Intermediate: policies={}
533 // Leaf: policies={foo}
534 TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafFoo) {
535 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
536 "certificates/policies_ica_none_leaf_foo.pem", AprilFirst2016(),
537 TRUST_STORE_FROM_TEST_FILE, "");
538 }
539
540 // Test verifying a certificate chain with the policies:
541 //
542 // Root: policies={}
543 // Intermediate: policies={}
544 // Leaf: policies={}
545 TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafNone) {
546 RunTest(RESULT_SUCCESS, "Leaf", CastDeviceCertPolicy::NONE,
547 "certificates/policies_ica_none_leaf_none.pem", AprilFirst2016(),
548 TRUST_STORE_FROM_TEST_FILE, "");
549 }
550
419 // ------------------------------------------------------ 551 // ------------------------------------------------------
420 // Valid signature using 1024-bit RSA key 552 // Valid signature using 1024-bit RSA key
421 // ------------------------------------------------------ 553 // ------------------------------------------------------
422 554
423 // This test vector comes from the NIST test vectors (pkcs1v15sign-vectors.txt), 555 // This test vector comes from the NIST test vectors (pkcs1v15sign-vectors.txt),
424 // PKCS#1 v1.5 Signature Example 1.2. 556 // PKCS#1 v1.5 Signature Example 1.2.
425 // 557 //
426 // It is a valid signature using a 1024 bit key and SHA-1. 558 // It is a valid signature using a 1024 bit key and SHA-1.
427 559
428 const uint8_t kEx1Message[] = { 560 const uint8_t kEx1Message[] = {
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after
544 auto context = 676 auto context =
545 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki)); 677 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki));
546 678
547 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature), 679 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature),
548 CreateString(kEx2Message))); 680 CreateString(kEx2Message)));
549 } 681 }
550 682
551 } // namespace 683 } // namespace
552 684
553 } // namespace cast_certificate 685 } // namespace cast_certificate
OLDNEW
« no previous file with comments | « components/cast_certificate/cast_cert_validator.cc ('k') | components/test/data/cast_certificate/certificates/generate_policies_tests.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698