1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ev_root_ca_metadata.h"
7 #include "net/cert/x509_cert_types.h"
8 #include "net/test/cert_test_util.h"
9 #include "testing/gtest/include/gtest/gtest.h"
12 #include "crypto/scoped_nss_types.h"
19 #if defined(USE_NSS) || defined(OS_WIN)
20 const char kVerisignPolicy
[] = "2.16.840.1.113733.1.7.23.6";
21 const char kThawtePolicy
[] = "2.16.840.1.113733.1.7.48.1";
22 const char kFakePolicy
[] = "2.16.840.1.42";
23 const SHA1HashValue kVerisignFingerprint
=
24 { { 0x74, 0x2c, 0x31, 0x92, 0xe6, 0x07, 0xe4, 0x24, 0xeb, 0x45,
25 0x49, 0x54, 0x2b, 0xe1, 0xbb, 0xc5, 0x3e, 0x61, 0x74, 0xe2 } };
26 const SHA1HashValue kFakeFingerprint
=
27 { { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
28 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 } };
35 EVRootCAMetadata::PolicyOID verisign_policy
;
36 EVRootCAMetadata::PolicyOID thawte_policy
;
37 EVRootCAMetadata::PolicyOID fake_policy
;
40 #endif // defined(USE_NSS) || defined(OS_WIN)
44 SECOidTag
RegisterOID(PLArenaPool
* arena
, const char* oid_string
) {
46 memset(&oid_data
, 0, sizeof(oid_data
));
47 oid_data
.offset
= SEC_OID_UNKNOWN
;
48 oid_data
.desc
= oid_string
;
49 oid_data
.mechanism
= CKM_INVALID_MECHANISM
;
50 oid_data
.supportedExtension
= INVALID_CERT_EXTENSION
;
52 SECStatus rv
= SEC_StringToOID(arena
, &oid_data
.oid
, oid_string
, 0);
54 return SEC_OID_UNKNOWN
;
56 return SECOID_AddEntry(&oid_data
);
59 EVOidData::EVOidData()
60 : verisign_policy(SEC_OID_UNKNOWN
),
61 thawte_policy(SEC_OID_UNKNOWN
),
62 fake_policy(SEC_OID_UNKNOWN
) {
65 bool EVOidData::Init() {
66 crypto::ScopedPLArenaPool
pool(PORT_NewArena(DER_DEFAULT_CHUNKSIZE
));
70 verisign_policy
= RegisterOID(pool
.get(), kVerisignPolicy
);
71 thawte_policy
= RegisterOID(pool
.get(), kThawtePolicy
);
72 fake_policy
= RegisterOID(pool
.get(), kFakePolicy
);
74 return verisign_policy
!= SEC_OID_UNKNOWN
&&
75 thawte_policy
!= SEC_OID_UNKNOWN
&&
76 fake_policy
!= SEC_OID_UNKNOWN
;
81 EVOidData::EVOidData()
82 : verisign_policy(kVerisignPolicy
),
83 thawte_policy(kThawtePolicy
),
84 fake_policy(kFakePolicy
) {
87 bool EVOidData::Init() {
93 #if defined(USE_NSS) || defined(OS_WIN)
95 class EVRootCAMetadataTest
: public testing::Test
{
97 void SetUp() override
{ ASSERT_TRUE(ev_oid_data
.Init()); }
99 EVOidData ev_oid_data
;
102 TEST_F(EVRootCAMetadataTest
, Basic
) {
103 EVRootCAMetadata
* ev_metadata(EVRootCAMetadata::GetInstance());
105 EXPECT_TRUE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.verisign_policy
));
106 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
107 EXPECT_TRUE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
108 ev_oid_data
.verisign_policy
));
109 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
110 ev_oid_data
.verisign_policy
));
111 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
112 ev_oid_data
.fake_policy
));
113 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
114 ev_oid_data
.thawte_policy
));
117 TEST_F(EVRootCAMetadataTest
, AddRemove
) {
118 EVRootCAMetadata
* ev_metadata(EVRootCAMetadata::GetInstance());
120 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
121 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
122 ev_oid_data
.fake_policy
));
125 ScopedTestEVPolicy
test_ev_policy(ev_metadata
, kFakeFingerprint
,
128 EXPECT_TRUE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
129 EXPECT_TRUE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
130 ev_oid_data
.fake_policy
));
133 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
134 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
135 ev_oid_data
.fake_policy
));
138 #endif // defined(USE_NSS) || defined(OS_WIN)