1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ev_root_ca_metadata.h"
7 #include "net/cert/x509_cert_types.h"
8 #include "net/test/cert_test_util.h"
9 #include "testing/gtest/include/gtest/gtest.h"
12 #include "crypto/scoped_nss_types.h"
19 #if defined(USE_NSS) || defined(OS_WIN)
20 const char kVerisignPolicy
[] = "2.16.840.1.113733.1.7.23.6";
21 const char kThawtePolicy
[] = "2.16.840.1.113733.1.7.48.1";
22 const char kFakePolicy
[] = "2.16.840.1.42";
23 const SHA1HashValue kVerisignFingerprint
=
24 { { 0x74, 0x2c, 0x31, 0x92, 0xe6, 0x07, 0xe4, 0x24, 0xeb, 0x45,
25 0x49, 0x54, 0x2b, 0xe1, 0xbb, 0xc5, 0x3e, 0x61, 0x74, 0xe2 } };
26 const SHA1HashValue kFakeFingerprint
=
27 { { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
28 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99 } };
35 EVRootCAMetadata::PolicyOID verisign_policy
;
36 EVRootCAMetadata::PolicyOID thawte_policy
;
37 EVRootCAMetadata::PolicyOID fake_policy
;
40 #endif // defined(USE_NSS) || defined(OS_WIN)
44 SECOidTag
RegisterOID(PLArenaPool
* arena
, const char* oid_string
) {
46 memset(&oid_data
, 0, sizeof(oid_data
));
47 oid_data
.offset
= SEC_OID_UNKNOWN
;
48 oid_data
.desc
= oid_string
;
49 oid_data
.mechanism
= CKM_INVALID_MECHANISM
;
50 oid_data
.supportedExtension
= INVALID_CERT_EXTENSION
;
52 SECStatus rv
= SEC_StringToOID(arena
, &oid_data
.oid
, oid_string
, 0);
54 return SEC_OID_UNKNOWN
;
56 return SECOID_AddEntry(&oid_data
);
59 EVOidData::EVOidData()
60 : verisign_policy(SEC_OID_UNKNOWN
),
61 thawte_policy(SEC_OID_UNKNOWN
),
62 fake_policy(SEC_OID_UNKNOWN
) {
65 bool EVOidData::Init() {
66 crypto::ScopedPLArenaPool
pool(PORT_NewArena(DER_DEFAULT_CHUNKSIZE
));
70 verisign_policy
= RegisterOID(pool
.get(), kVerisignPolicy
);
71 thawte_policy
= RegisterOID(pool
.get(), kThawtePolicy
);
72 fake_policy
= RegisterOID(pool
.get(), kFakePolicy
);
74 return verisign_policy
!= SEC_OID_UNKNOWN
&&
75 thawte_policy
!= SEC_OID_UNKNOWN
&&
76 fake_policy
!= SEC_OID_UNKNOWN
;
81 EVOidData::EVOidData()
82 : verisign_policy(kVerisignPolicy
),
83 thawte_policy(kThawtePolicy
),
84 fake_policy(kFakePolicy
) {
87 bool EVOidData::Init() {
93 #if defined(USE_NSS) || defined(OS_WIN)
95 class EVRootCAMetadataTest
: public testing::Test
{
97 virtual void SetUp() override
{
98 ASSERT_TRUE(ev_oid_data
.Init());
101 EVOidData ev_oid_data
;
104 TEST_F(EVRootCAMetadataTest
, Basic
) {
105 EVRootCAMetadata
* ev_metadata(EVRootCAMetadata::GetInstance());
107 EXPECT_TRUE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.verisign_policy
));
108 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
109 EXPECT_TRUE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
110 ev_oid_data
.verisign_policy
));
111 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
112 ev_oid_data
.verisign_policy
));
113 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
114 ev_oid_data
.fake_policy
));
115 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kVerisignFingerprint
,
116 ev_oid_data
.thawte_policy
));
119 TEST_F(EVRootCAMetadataTest
, AddRemove
) {
120 EVRootCAMetadata
* ev_metadata(EVRootCAMetadata::GetInstance());
122 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
123 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
124 ev_oid_data
.fake_policy
));
127 ScopedTestEVPolicy
test_ev_policy(ev_metadata
, kFakeFingerprint
,
130 EXPECT_TRUE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
131 EXPECT_TRUE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
132 ev_oid_data
.fake_policy
));
135 EXPECT_FALSE(ev_metadata
->IsEVPolicyOID(ev_oid_data
.fake_policy
));
136 EXPECT_FALSE(ev_metadata
->HasEVPolicyOID(kFakeFingerprint
,
137 ev_oid_data
.fake_policy
));
140 #endif // defined(USE_NSS) || defined(OS_WIN)