mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1018642: Factor out reusable NSS GTest infrastructure into a new NSSTest class, r=cviecco 

--HG--
extra : rebase_source : 101c316c1ea54f5092a21af4d7a1be349c504800
This commit is contained in:
Brian Smith 2014-05-30 16:46:49 -07:00
Родитель efadae2e83
Коммит e508e0ac8a
5 изменённых файлов: 77 добавлений и 35 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

27
security/pkix/test/gtest/nssgtest.cpp
Просмотреть файл

@ -23,6 +23,9 @@
*/
#include "nssgtest.h"
#include "nss.h"
#include "pkixtestutil.h"
#include "prinit.h"
using namespace std;
using namespace testing;
@ -75,4 +78,28 @@ Pred_SECFailure(const char* expectedExpr, const char* actualExpr,
<< "), actual: " << SECFailure << " != " << actual;
}
/*static*/ void
NSSTest::SetUpTestCase()
{
if (NSS_NoDB_Init(nullptr) != SECSuccess) {
PR_Abort();
}
now = PR_Now();
oneDayBeforeNow = now - ONE_DAY;
oneDayAfterNow = now + ONE_DAY;
}
NSSTest::NSSTest()
: arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE))
{
if (!arena) {
PR_Abort();
}
}
/*static*/ PRTime NSSTest::now;
/*static*/ PRTime NSSTest::oneDayBeforeNow;
/*static*/ PRTime NSSTest::oneDayAfterNow;
} } } // namespace mozilla::pkix::test

21
security/pkix/test/gtest/nssgtest.h
Просмотреть файл

@ -27,7 +27,10 @@
#include "stdint.h"
#include "gtest/gtest.h"
#include "pkix/pkixtypes.h"
#include "pkixtestutil.h"
#include "prerror.h"
#include "prtime.h"
#include "seccomon.h"
namespace mozilla { namespace pkix { namespace test {
@ -65,8 +68,6 @@ private:
::std::ostream& operator<<(::std::ostream&,
SECStatusWithPRErrorCode const&);
} } } // namespace mozilla::pkix::test
#define ASSERT_SECSuccess(rv) \
ASSERT_EQ(::mozilla::pkix::test::SECStatusWithPRErrorCode(SECSuccess, 0), \
::mozilla::pkix::test::SECStatusWithPRErrorCode(rv))
@ -83,4 +84,20 @@ private:
expectedError), \
::mozilla::pkix::test::SECStatusWithPRErrorCode(rv))
class NSSTest : public ::testing::Test
{
public:
static void SetUpTestCase();
protected:
NSSTest();
ScopedPLArenaPool arena;
static PRTime now;
static PRTime oneDayBeforeNow;
static PRTime oneDayAfterNow;
};
} } } // namespace mozilla::pkix::test
#endif // mozilla_pkix__nssgtest_h

33
security/pkix/test/gtest/pkix_ocsp_request_tests.cpp
Просмотреть файл

@ -22,35 +22,25 @@
* limitations under the License.
*/
#include <gtest/gtest.h>
#include "nss.h"
#include "nssgtest.h"
#include "pkix/pkix.h"
#include "pkixder.h"
#include "pkixtestutil.h"
#include "prerror.h"
#include "secerr.h"
using namespace mozilla::pkix;
using namespace mozilla::pkix::test;
class pkix_ocsp_request_tests : public ::testing::Test
class pkix_ocsp_request_tests : public NSSTest
{
protected:
ScopedPLArenaPool arena;
// These SECItems are allocated in arena, and so will be auto-cleaned.
SECItem* unsupportedLongSerialNumber;
SECItem* shortSerialNumber;
SECItem* longestRequiredSerialNumber;
PRTime now;
PRTime oneDayBeforeNow;
PRTime oneDayAfterNow;
void SetUp()
{
NSS_NoDB_Init(nullptr);
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
static const uint8_t UNSUPPORTED_LEN = 128; // must be larger than 127
// tag + length + value is 1 + 2 + UNSUPPORTED_LEN
unsupportedLongSerialNumber = SECITEM_AllocItem(arena.get(), nullptr,
@ -79,21 +69,6 @@ protected:
longestRequiredSerialNumber->data[0] = der::INTEGER;
longestRequiredSerialNumber->data[1] = LONGEST_REQUIRED_LEN;
longestRequiredSerialNumber->data[2] = 0x01; // value is 0x010000...00
now = PR_Now();
oneDayBeforeNow = now - ONE_DAY;
oneDayAfterNow = now + ONE_DAY;
}
const SECItem*
ASCIIToDERName(const char* cn)
{
ScopedPtr<CERTName, CERT_DestroyName> certName(CERT_AsciiToName(cn));
if (!certName) {
return nullptr;
}
return SEC_ASN1EncodeItem(arena.get(), nullptr, certName.get(),
SEC_ASN1_GET(CERT_NameTemplate));
}
void MakeTwoCerts(const char* issuerCN, SECItem* issuerSerial,
@ -101,7 +76,7 @@ protected:
const char* childCN, SECItem* childSerial,
/*out*/ ScopedCERTCertificate& child)
{
const SECItem* issuerNameDer = ASCIIToDERName(issuerCN);
const SECItem* issuerNameDer = ASCIIToDERName(arena.get(), issuerCN);
ASSERT_TRUE(issuerNameDer);
ScopedSECKEYPrivateKey issuerKey;
SECItem* issuerCertDer(CreateEncodedCertificate(arena.get(), v3,
@ -109,7 +84,7 @@ protected:
oneDayBeforeNow, oneDayAfterNow, issuerNameDer,
nullptr, nullptr, SEC_OID_SHA256, issuerKey));
ASSERT_TRUE(issuerCertDer);
const SECItem* childNameDer = ASCIIToDERName(childCN);
const SECItem* childNameDer = ASCIIToDERName(arena.get(), childCN);
ASSERT_TRUE(childNameDer);
ScopedSECKEYPrivateKey childKey;
SECItem* childDer(CreateEncodedCertificate(arena.get(), v3,

23
security/pkix/test/lib/pkixtestutil.cpp
Просмотреть файл

@ -634,7 +634,7 @@ GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
// Certificates
static SECItem* TBSCertificate(PLArenaPool* arena, long version,
SECItem* serialNumber, SECOidTag signature,
const SECItem* serialNumber, SECOidTag signature,
const SECItem* issuer, PRTime notBefore,
PRTime notAfter, const SECItem* subject,
const SECKEYPublicKey* subjectPublicKey,
@ -646,7 +646,7 @@ static SECItem* TBSCertificate(PLArenaPool* arena, long version,
// signatureValue BIT STRING }
SECItem*
CreateEncodedCertificate(PLArenaPool* arena, long version,
SECOidTag signature, SECItem* serialNumber,
SECOidTag signature, const SECItem* serialNumber,
const SECItem* issuerNameDER, PRTime notBefore,
PRTime notAfter, const SECItem* subjectNameDER,
/*optional*/ SECItem const* const* extensions,
@ -697,7 +697,7 @@ CreateEncodedCertificate(PLArenaPool* arena, long version,
// -- If present, version MUST be v3 -- }
static SECItem*
TBSCertificate(PLArenaPool* arena, long versionValue,
SECItem* serialNumber, SECOidTag signatureOidTag,
const SECItem* serialNumber, SECOidTag signatureOidTag,
const SECItem* issuer, PRTime notBeforeTime,
PRTime notAfterTime, const SECItem* subject,
const SECKEYPublicKey* subjectPublicKey,
@ -817,6 +817,23 @@ TBSCertificate(PLArenaPool* arena, long versionValue,
return output.Squash(arena, der::SEQUENCE);
}
const SECItem*
ASCIIToDERName(PLArenaPool* arena, const char* cn)
{
ScopedPtr<CERTName, CERT_DestroyName> certName(CERT_AsciiToName(cn));
if (!certName) {
return nullptr;
}
return SEC_ASN1EncodeItem(arena, nullptr, certName.get(),
SEC_ASN1_GET(CERT_NameTemplate));
}
SECItem*
CreateEncodedSerialNumber(PLArenaPool* arena, long serialNumberValue)
{
return Integer(arena, serialNumberValue);
}
// BasicConstraints ::= SEQUENCE {
// cA BOOLEAN DEFAULT FALSE,
// pathLenConstraint INTEGER (0..MAX) OPTIONAL }

8
security/pkix/test/lib/pkixtestutil.h
Просмотреть файл

@ -62,6 +62,9 @@ extern const PRTime ONE_DAY;
SECStatus GenerateKeyPair(/*out*/ ScopedSECKEYPublicKey& publicKey,
/*out*/ ScopedSECKEYPrivateKey& privateKey);
// The result will be owned by the arena
const SECItem* ASCIIToDERName(PLArenaPool* arena, const char* cn);
///////////////////////////////////////////////////////////////////////////////
// Encode Certificates
@ -80,7 +83,8 @@ enum Version { v1 = 0, v2 = 1, v3 = 2 };
// The return value, if non-null, is owned by the arena in the context and
// MUST NOT be freed.
SECItem* CreateEncodedCertificate(PLArenaPool* arena, long version,
SECOidTag signature, SECItem* serialNumber,
SECOidTag signature,
const SECItem* serialNumber,
const SECItem* issuerNameDER,
PRTime notBefore, PRTime notAfter,
const SECItem* subjectNameDER,
@ -89,6 +93,8 @@ SECItem* CreateEncodedCertificate(PLArenaPool* arena, long version,
SECOidTag signatureHashAlg,
/*out*/ ScopedSECKEYPrivateKey& privateKey);
SECItem* CreateEncodedSerialNumber(PLArenaPool* arena, long value);
MOZILLA_PKIX_ENUM_CLASS ExtensionCriticality { NotCritical = 0, Critical = 1 };
// The return value, if non-null, is owned by the arena and MUST NOT be freed.