content/browser/web_package/signed_exchange_certificate_chain_unittest.cc - chromium/src.git - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "content/browser/web_package/signed_exchange_certificate_chain.h"

 #include "base/optional.h"
 #include "base/strings/string_piece.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"

 namespace content {

 namespace {

 base::Optional<std::vector<base::StringPiece>> GetCertChain(
     const uint8_t* input,
     size_t input_size) {
   return SignedExchangeCertificateChain::GetCertChainFromMessage(
       base::make_span(input, input_size));
 }

 }  // namespace

 TEST(SignedExchangeCertificateParseTest, OneCert) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x07, // certificate list size

       0x00, 0x00, 0x02, // cert data size
       0x11, 0x22, // cert data
       0x00, 0x00, // extensions size
       // clang-format on
   };
   base::Optional<std::vector<base::StringPiece>> certs =
       GetCertChain(input, arraysize(input));
   ASSERT_TRUE(certs);
   ASSERT_EQ(1u, certs->size());
   const uint8_t kExpected[] = {
       // clang-format off
       0x11, 0x22, // cert data
       // clang-format on
   };
   EXPECT_THAT((*certs)[0],
               testing::ElementsAreArray(kExpected, arraysize(kExpected)));
 }

 TEST(SignedExchangeCertificateParseTest, OneCertWithExtension) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x0A, // certificate list size

       0x00, 0x00, 0x02, // cert data size
       0x11, 0x22, // cert data
       0x00, 0x03, // extensions size
       0xE1, 0xE2, 0xE3, // extensions data
       // clang-format on
   };
   base::Optional<std::vector<base::StringPiece>> certs =
       GetCertChain(input, arraysize(input));
   ASSERT_TRUE(certs);
   ASSERT_EQ(1u, certs->size());
   const uint8_t kExpected[] = {
       // clang-format off
       0x11, 0x22, // cert data
       // clang-format on
   };
   EXPECT_THAT((*certs)[0],
               testing::ElementsAreArray(kExpected, arraysize(kExpected)));
 }

 TEST(SignedExchangeCertificateParseTest, TwoCerts) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x01, 0x13, // certificate list size

       0x00, 0x01, 0x04, // cert data size

       // cert data
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,

       0x00, 0x00, // extensions size

       0x00, 0x00, 0x05, // cert data size
       0x33, 0x44, 0x55, 0x66, 0x77, // cert data
       0x00, 0x00, // extensions size

       // clang-format on
   };

   const uint8_t kExpected1[] = {
       // clang-format off
       // cert data
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
       // clang-format on
   };
   const uint8_t kExpected2[] = {
       // clang-format off
       0x33, 0x44, 0x55, 0x66, 0x77, // cert data
       // clang-format on
   };

   base::Optional<std::vector<base::StringPiece>> certs =
       GetCertChain(input, sizeof(input));
   ASSERT_TRUE(certs);
   ASSERT_EQ(2u, certs->size());
   EXPECT_THAT((*certs)[0],
               testing::ElementsAreArray(kExpected1, arraysize(kExpected1)));
   EXPECT_THAT((*certs)[1],
               testing::ElementsAreArray(kExpected2, arraysize(kExpected2)));
 }

 TEST(SignedExchangeCertificateParseTest, Empty) {
   EXPECT_FALSE(GetCertChain(nullptr, 0));
 }

 TEST(SignedExchangeCertificateParseTest, InvalidRequestContextSize) {
   const uint8_t input[] = {
       // clang-format off
       0x01, // request context size: must be zero
       0x20, // request context
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CanNotReadCertListSize1) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x01, // certificate list size: must be 3 bytes
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CanNotReadCertListSize2) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x01, // certificate list size: must be 3 bytes
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CertListSizeError) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x01, 0x01, // certificate list size: 257 (This must be 7)

       0x00, 0x00, 0x02, // cert data size
       0x11, 0x22, // cert data
       0x00, 0x00, // extensions size
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CanNotReadCertDataSize) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x02, // certificate list size

       0x00, 0x01, // cert data size: must be 3 bytes
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CertDataSizeError) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x04, // certificate list size

       0x00, 0x00, 0x02, // cert data size
       0x11, // cert data: Need 2 bytes
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, CanNotReadExtensionsSize) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x06, // certificate list size

       0x00, 0x00, 0x02, // cert data size
       0x11, 0x22, // cert data
       0x00, // extensions size : must be 2 bytes
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 TEST(SignedExchangeCertificateParseTest, ExtensionsSizeError) {
   const uint8_t input[] = {
       // clang-format off
       0x00, // request context size
       0x00, 0x00, 0x07, // certificate list size

       0x00, 0x00, 0x02, // cert data size
       0x11, 0x22, // cert data
       0x00, 0x01, // extensions size
       // clang-format on
   };
   EXPECT_FALSE(GetCertChain(input, arraysize(input)));
 }

 }  // namespace content
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "content/browser/web_package/signed_exchange_certificate_chain.h"

	#include "base/optional.h"
	#include "base/strings/string_piece.h"
	#include "testing/gmock/include/gmock/gmock.h"
	#include "testing/gtest/include/gtest/gtest.h"

	namespace content {

	namespace {

	base::Optional<std::vector<base::StringPiece>> GetCertChain(
	const uint8_t* input,
	size_t input_size) {
	return SignedExchangeCertificateChain::GetCertChainFromMessage(
	base::make_span(input, input_size));
	}

	} // namespace

	TEST(SignedExchangeCertificateParseTest, OneCert) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x07, // certificate list size

	0x00, 0x00, 0x02, // cert data size
	0x11, 0x22, // cert data
	0x00, 0x00, // extensions size
	// clang-format on
	};
	base::Optional<std::vector<base::StringPiece>> certs =
	GetCertChain(input, arraysize(input));
	ASSERT_TRUE(certs);
	ASSERT_EQ(1u, certs->size());
	const uint8_t kExpected[] = {
	// clang-format off
	0x11, 0x22, // cert data
	// clang-format on
	};
	EXPECT_THAT((*certs)[0],
	testing::ElementsAreArray(kExpected, arraysize(kExpected)));
	}

	TEST(SignedExchangeCertificateParseTest, OneCertWithExtension) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x0A, // certificate list size

	0x00, 0x00, 0x02, // cert data size
	0x11, 0x22, // cert data
	0x00, 0x03, // extensions size
	0xE1, 0xE2, 0xE3, // extensions data
	// clang-format on
	};
	base::Optional<std::vector<base::StringPiece>> certs =
	GetCertChain(input, arraysize(input));
	ASSERT_TRUE(certs);
	ASSERT_EQ(1u, certs->size());
	const uint8_t kExpected[] = {
	// clang-format off
	0x11, 0x22, // cert data
	// clang-format on
	};
	EXPECT_THAT((*certs)[0],
	testing::ElementsAreArray(kExpected, arraysize(kExpected)));
	}

	TEST(SignedExchangeCertificateParseTest, TwoCerts) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x01, 0x13, // certificate list size

	0x00, 0x01, 0x04, // cert data size

	// cert data
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,

	0x00, 0x00, // extensions size

	0x00, 0x00, 0x05, // cert data size
	0x33, 0x44, 0x55, 0x66, 0x77, // cert data
	0x00, 0x00, // extensions size

	// clang-format on
	};

	const uint8_t kExpected1[] = {
	// clang-format off
	// cert data
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99,
	// clang-format on
	};
	const uint8_t kExpected2[] = {
	// clang-format off
	0x33, 0x44, 0x55, 0x66, 0x77, // cert data
	// clang-format on
	};

	base::Optional<std::vector<base::StringPiece>> certs =
	GetCertChain(input, sizeof(input));
	ASSERT_TRUE(certs);
	ASSERT_EQ(2u, certs->size());
	EXPECT_THAT((*certs)[0],
	testing::ElementsAreArray(kExpected1, arraysize(kExpected1)));
	EXPECT_THAT((*certs)[1],
	testing::ElementsAreArray(kExpected2, arraysize(kExpected2)));
	}

	TEST(SignedExchangeCertificateParseTest, Empty) {
	EXPECT_FALSE(GetCertChain(nullptr, 0));
	}

	TEST(SignedExchangeCertificateParseTest, InvalidRequestContextSize) {
	const uint8_t input[] = {
	// clang-format off
	0x01, // request context size: must be zero
	0x20, // request context
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CanNotReadCertListSize1) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x01, // certificate list size: must be 3 bytes
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CanNotReadCertListSize2) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x01, // certificate list size: must be 3 bytes
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CertListSizeError) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x01, 0x01, // certificate list size: 257 (This must be 7)

	0x00, 0x00, 0x02, // cert data size
	0x11, 0x22, // cert data
	0x00, 0x00, // extensions size
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CanNotReadCertDataSize) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x02, // certificate list size

	0x00, 0x01, // cert data size: must be 3 bytes
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CertDataSizeError) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x04, // certificate list size

	0x00, 0x00, 0x02, // cert data size
	0x11, // cert data: Need 2 bytes
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, CanNotReadExtensionsSize) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x06, // certificate list size

	0x00, 0x00, 0x02, // cert data size
	0x11, 0x22, // cert data
	0x00, // extensions size : must be 2 bytes
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	TEST(SignedExchangeCertificateParseTest, ExtensionsSizeError) {
	const uint8_t input[] = {
	// clang-format off
	0x00, // request context size
	0x00, 0x00, 0x07, // certificate list size

	0x00, 0x00, 0x02, // cert data size
	0x11, 0x22, // cert data
	0x00, 0x01, // extensions size
	// clang-format on
	};
	EXPECT_FALSE(GetCertChain(input, arraysize(input)));
	}

	} // namespace content