components/certificate_matching/certificate_principal_pattern_unittest.cc - chromium/src.git - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "components/certificate_matching/certificate_principal_pattern.h"

 #include "base/values.h"
 #include "net/cert/x509_cert_types.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"

 namespace certificate_matching {
 namespace {
 constexpr char kKeyCN[] = "CN";
 constexpr char kKeyL[] = "L";
 constexpr char kKeyO[] = "O";
 constexpr char kKeyOU[] = "OU";
 }  // namespace

 TEST(CertificatePrincipalPatternTest, EmptyPattern) {
   CertificatePrincipalPattern pattern;
   EXPECT_TRUE(pattern.Empty());

   EXPECT_TRUE(pattern.Matches(net::CertPrincipal()));
   {
     net::CertPrincipal principal;
     principal.common_name = "CN";
     EXPECT_TRUE(pattern.Matches(principal));
   }
 }

 TEST(CertificatePrincipalPatternTest, MatchingOnlyCN) {
   CertificatePrincipalPattern pattern("CN" /* common_name */, "" /* locality */,
                                       "" /* organization */,
                                       "" /* organization_unit */);
   EXPECT_FALSE(pattern.Empty());

   EXPECT_FALSE(pattern.Matches(net::CertPrincipal()));
   {
     net::CertPrincipal principal;
     principal.common_name = "CN";
     EXPECT_TRUE(pattern.Matches(principal));
   }
   {
     net::CertPrincipal principal;
     principal.common_name = "CNIsWrong";
     EXPECT_FALSE(pattern.Matches(principal));
   }
   {
     net::CertPrincipal principal;
     principal.common_name = "CN";
     principal.locality_name = "NotRelevant";
     EXPECT_TRUE(pattern.Matches(principal));
   }
 }

 TEST(CertificatePrincipalPatternTest, MatchingEverything) {
   CertificatePrincipalPattern pattern(
       "CN" /* common_name */, "L" /* locality */, "O" /* organization */,
       "OU" /* organization_unit */);
   EXPECT_FALSE(pattern.Empty());

   // Matches an empty CertPrincipal
   EXPECT_FALSE(pattern.Matches(net::CertPrincipal()));
   net::CertPrincipal principal;
   principal.common_name = "CN";
   EXPECT_FALSE(pattern.Matches(principal));
   principal.locality_name = "L";
   EXPECT_FALSE(pattern.Matches(principal));
   principal.organization_names.push_back("O");
   EXPECT_FALSE(pattern.Matches(principal));
   principal.organization_unit_names.push_back("OU");
   EXPECT_TRUE(pattern.Matches(principal));

   // Additional entries in the lists don't cause matching to fail.
   principal.organization_names.insert(principal.organization_names.begin(),
                                       "Front");
   principal.organization_names.push_back("Back");
   principal.organization_unit_names.insert(
       principal.organization_unit_names.begin(), "Front");
   principal.organization_unit_names.push_back("Back");
   EXPECT_TRUE(pattern.Matches(principal));
 }

 TEST(CertificatePrincipalPatternTest, ParseFromNullptr) {
   CertificatePrincipalPattern pattern =
       CertificatePrincipalPattern::ParseFromOptionalDict(nullptr, kKeyCN, kKeyL,
                                                          kKeyO, kKeyOU);
   EXPECT_TRUE(pattern.Empty());
 }

 TEST(CertificatePrincipalPatternTest, ParseFromNonDict) {
   base::Value string_value("test");
   CertificatePrincipalPattern pattern =
       CertificatePrincipalPattern::ParseFromOptionalDict(&string_value, kKeyCN,
                                                          kKeyL, kKeyO, kKeyOU);
   EXPECT_TRUE(pattern.Empty());
 }

 TEST(CertificatePrincipalPatternTest, ParseFromEmptyDict) {
   base::Value dict_value(base::Value::Type::DICTIONARY);
   CertificatePrincipalPattern pattern =
       CertificatePrincipalPattern::ParseFromOptionalDict(&dict_value, kKeyCN,
                                                          kKeyL, kKeyO, kKeyOU);
   EXPECT_TRUE(pattern.Empty());
 }

 TEST(CertificatePrincipalPatternTest, Parse) {
   base::Value dict_value(base::Value::Type::DICTIONARY);
   dict_value.SetKey(kKeyCN, base::Value("ValueCN"));
   dict_value.SetKey(kKeyL, base::Value("ValueL"));
   dict_value.SetKey(kKeyO, base::Value("ValueO"));
   dict_value.SetKey(kKeyOU, base::Value("ValueOU"));
   CertificatePrincipalPattern pattern =
       CertificatePrincipalPattern::ParseFromOptionalDict(&dict_value, kKeyCN,
                                                          kKeyL, kKeyO, kKeyOU);
   EXPECT_FALSE(pattern.Empty());
   EXPECT_EQ("ValueCN", pattern.common_name());
   EXPECT_EQ("ValueL", pattern.locality());
   EXPECT_EQ("ValueO", pattern.organization());
   EXPECT_EQ("ValueOU", pattern.organization_unit());
 }

 }  // namespace certificate_matching
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "components/certificate_matching/certificate_principal_pattern.h"

	#include "base/values.h"
	#include "net/cert/x509_cert_types.h"
	#include "testing/gmock/include/gmock/gmock.h"
	#include "testing/gtest/include/gtest/gtest.h"

	namespace certificate_matching {
	namespace {
	constexpr char kKeyCN[] = "CN";
	constexpr char kKeyL[] = "L";
	constexpr char kKeyO[] = "O";
	constexpr char kKeyOU[] = "OU";
	} // namespace

	TEST(CertificatePrincipalPatternTest, EmptyPattern) {
	CertificatePrincipalPattern pattern;
	EXPECT_TRUE(pattern.Empty());

	EXPECT_TRUE(pattern.Matches(net::CertPrincipal()));
	{
	net::CertPrincipal principal;
	principal.common_name = "CN";
	EXPECT_TRUE(pattern.Matches(principal));
	}
	}

	TEST(CertificatePrincipalPatternTest, MatchingOnlyCN) {
	CertificatePrincipalPattern pattern("CN" /* common_name /, "" / locality */,
	"" /* organization */,
	"" /* organization_unit */);
	EXPECT_FALSE(pattern.Empty());

	EXPECT_FALSE(pattern.Matches(net::CertPrincipal()));
	{
	net::CertPrincipal principal;
	principal.common_name = "CN";
	EXPECT_TRUE(pattern.Matches(principal));
	}
	{
	net::CertPrincipal principal;
	principal.common_name = "CNIsWrong";
	EXPECT_FALSE(pattern.Matches(principal));
	}
	{
	net::CertPrincipal principal;
	principal.common_name = "CN";
	principal.locality_name = "NotRelevant";
	EXPECT_TRUE(pattern.Matches(principal));
	}
	}

	TEST(CertificatePrincipalPatternTest, MatchingEverything) {
	CertificatePrincipalPattern pattern(
	"CN" /* common_name /, "L" / locality /, "O" / organization */,
	"OU" /* organization_unit */);
	EXPECT_FALSE(pattern.Empty());

	// Matches an empty CertPrincipal
	EXPECT_FALSE(pattern.Matches(net::CertPrincipal()));
	net::CertPrincipal principal;
	principal.common_name = "CN";
	EXPECT_FALSE(pattern.Matches(principal));
	principal.locality_name = "L";
	EXPECT_FALSE(pattern.Matches(principal));
	principal.organization_names.push_back("O");
	EXPECT_FALSE(pattern.Matches(principal));
	principal.organization_unit_names.push_back("OU");
	EXPECT_TRUE(pattern.Matches(principal));

	// Additional entries in the lists don't cause matching to fail.
	principal.organization_names.insert(principal.organization_names.begin(),
	"Front");
	principal.organization_names.push_back("Back");
	principal.organization_unit_names.insert(
	principal.organization_unit_names.begin(), "Front");
	principal.organization_unit_names.push_back("Back");
	EXPECT_TRUE(pattern.Matches(principal));
	}

	TEST(CertificatePrincipalPatternTest, ParseFromNullptr) {
	CertificatePrincipalPattern pattern =
	CertificatePrincipalPattern::ParseFromOptionalDict(nullptr, kKeyCN, kKeyL,
	kKeyO, kKeyOU);
	EXPECT_TRUE(pattern.Empty());
	}

	TEST(CertificatePrincipalPatternTest, ParseFromNonDict) {
	base::Value string_value("test");
	CertificatePrincipalPattern pattern =
	CertificatePrincipalPattern::ParseFromOptionalDict(&string_value, kKeyCN,
	kKeyL, kKeyO, kKeyOU);
	EXPECT_TRUE(pattern.Empty());
	}

	TEST(CertificatePrincipalPatternTest, ParseFromEmptyDict) {
	base::Value dict_value(base::Value::Type::DICTIONARY);
	CertificatePrincipalPattern pattern =
	CertificatePrincipalPattern::ParseFromOptionalDict(&dict_value, kKeyCN,
	kKeyL, kKeyO, kKeyOU);
	EXPECT_TRUE(pattern.Empty());
	}

	TEST(CertificatePrincipalPatternTest, Parse) {
	base::Value dict_value(base::Value::Type::DICTIONARY);
	dict_value.SetKey(kKeyCN, base::Value("ValueCN"));
	dict_value.SetKey(kKeyL, base::Value("ValueL"));
	dict_value.SetKey(kKeyO, base::Value("ValueO"));
	dict_value.SetKey(kKeyOU, base::Value("ValueOU"));
	CertificatePrincipalPattern pattern =
	CertificatePrincipalPattern::ParseFromOptionalDict(&dict_value, kKeyCN,
	kKeyL, kKeyO, kKeyOU);
	EXPECT_FALSE(pattern.Empty());
	EXPECT_EQ("ValueCN", pattern.common_name());
	EXPECT_EQ("ValueL", pattern.locality());
	EXPECT_EQ("ValueO", pattern.organization());
	EXPECT_EQ("ValueOU", pattern.organization_unit());
	}

	} // namespace certificate_matching