Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / net / cert / ev_root_ca_metadata_unittest.cc
blob9da006483fd697d2f18fdfac1e475c272f03edd3
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ev_root_ca_metadata.h"
7 #include "net/cert/x509_cert_types.h"
8 #include "net/test/cert_test_util.h"
9 #include "testing/gtest/include/gtest/gtest.h"
11 #if defined(USE_NSS_CERTS)
12 #include "crypto/nss_util.h"
13 #include "crypto/scoped_nss_types.h"
14 #endif
16 namespace net {
18 namespace {
20 #if defined(USE_NSS_CERTS) || defined(OS_WIN)
21 const char kVerisignPolicy[] = "2.16.840.1.113733.1.7.23.6";
22 const char kThawtePolicy[] = "2.16.840.1.113733.1.7.48.1";
23 const char kFakePolicy[] = "2.16.840.1.42";
24 const SHA1HashValue kVerisignFingerprint =
25 { { 0x74, 0x2c, 0x31, 0x92, 0xe6, 0x07, 0xe4, 0x24, 0xeb, 0x45,
26 0x49, 0x54, 0x2b, 0xe1, 0xbb, 0xc5, 0x3e, 0x61, 0x74, 0xe2 } };
27 const SHA1HashValue kFakeFingerprint =
28 { { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
29 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 } };
31 class EVOidData {
32 public:
33 EVOidData();
34 bool Init();
36 EVRootCAMetadata::PolicyOID verisign_policy;
37 EVRootCAMetadata::PolicyOID thawte_policy;
38 EVRootCAMetadata::PolicyOID fake_policy;
41 #endif // defined(USE_NSS_CERTS) || defined(OS_WIN)
43 #if defined(USE_NSS_CERTS)
45 SECOidTag RegisterOID(PLArenaPool* arena, const char* oid_string) {
46 SECOidData oid_data;
47 memset(&oid_data, 0, sizeof(oid_data));
48 oid_data.offset = SEC_OID_UNKNOWN;
49 oid_data.desc = oid_string;
50 oid_data.mechanism = CKM_INVALID_MECHANISM;
51 oid_data.supportedExtension = INVALID_CERT_EXTENSION;
53 SECStatus rv = SEC_StringToOID(arena, &oid_data.oid, oid_string, 0);
54 if (rv != SECSuccess)
55 return SEC_OID_UNKNOWN;
57 return SECOID_AddEntry(&oid_data);
60 EVOidData::EVOidData()
61 : verisign_policy(SEC_OID_UNKNOWN),
62 thawte_policy(SEC_OID_UNKNOWN),
63 fake_policy(SEC_OID_UNKNOWN) {
66 bool EVOidData::Init() {
67 crypto::EnsureNSSInit();
68 crypto::ScopedPLArenaPool pool(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
69 if (!pool.get())
70 return false;
72 verisign_policy = RegisterOID(pool.get(), kVerisignPolicy);
73 thawte_policy = RegisterOID(pool.get(), kThawtePolicy);
74 fake_policy = RegisterOID(pool.get(), kFakePolicy);
76 return verisign_policy != SEC_OID_UNKNOWN &&
77 thawte_policy != SEC_OID_UNKNOWN &&
78 fake_policy != SEC_OID_UNKNOWN;
81 #elif defined(OS_WIN)
83 EVOidData::EVOidData()
84 : verisign_policy(kVerisignPolicy),
85 thawte_policy(kThawtePolicy),
86 fake_policy(kFakePolicy) {
89 bool EVOidData::Init() {
90 return true;
93 #endif
95 #if defined(USE_NSS_CERTS) || defined(OS_WIN)
97 class EVRootCAMetadataTest : public testing::Test {
98 protected:
99 void SetUp() override { ASSERT_TRUE(ev_oid_data.Init()); }
101 EVOidData ev_oid_data;
104 TEST_F(EVRootCAMetadataTest, Basic) {
105 EVRootCAMetadata* ev_metadata(EVRootCAMetadata::GetInstance());
107 EXPECT_TRUE(ev_metadata->IsEVPolicyOID(ev_oid_data.verisign_policy));
108 EXPECT_FALSE(ev_metadata->IsEVPolicyOID(ev_oid_data.fake_policy));
109 EXPECT_TRUE(ev_metadata->HasEVPolicyOID(kVerisignFingerprint,
110 ev_oid_data.verisign_policy));
111 EXPECT_FALSE(ev_metadata->HasEVPolicyOID(kFakeFingerprint,
112 ev_oid_data.verisign_policy));
113 EXPECT_FALSE(ev_metadata->HasEVPolicyOID(kVerisignFingerprint,
114 ev_oid_data.fake_policy));
115 EXPECT_FALSE(ev_metadata->HasEVPolicyOID(kVerisignFingerprint,
116 ev_oid_data.thawte_policy));
119 TEST_F(EVRootCAMetadataTest, AddRemove) {
120 EVRootCAMetadata* ev_metadata(EVRootCAMetadata::GetInstance());
122 EXPECT_FALSE(ev_metadata->IsEVPolicyOID(ev_oid_data.fake_policy));
123 EXPECT_FALSE(ev_metadata->HasEVPolicyOID(kFakeFingerprint,
124 ev_oid_data.fake_policy));
127 ScopedTestEVPolicy test_ev_policy(ev_metadata, kFakeFingerprint,
128 kFakePolicy);
130 EXPECT_TRUE(ev_metadata->IsEVPolicyOID(ev_oid_data.fake_policy));
131 EXPECT_TRUE(ev_metadata->HasEVPolicyOID(kFakeFingerprint,
132 ev_oid_data.fake_policy));
135 EXPECT_FALSE(ev_metadata->IsEVPolicyOID(ev_oid_data.fake_policy));
136 EXPECT_FALSE(ev_metadata->HasEVPolicyOID(kFakeFingerprint,
137 ev_oid_data.fake_policy));
140 #endif // defined(USE_NSS_CERTS) || defined(OS_WIN)
142 } // namespace
144 } // namespace net