diff options
Diffstat (limited to 'security/nss/gtests/mozpkix_gtest/pkixgtest.h')
-rw-r--r-- | security/nss/gtests/mozpkix_gtest/pkixgtest.h | 229 |
1 files changed, 229 insertions, 0 deletions
diff --git a/security/nss/gtests/mozpkix_gtest/pkixgtest.h b/security/nss/gtests/mozpkix_gtest/pkixgtest.h new file mode 100644 index 000000000..bb3491d44 --- /dev/null +++ b/security/nss/gtests/mozpkix_gtest/pkixgtest.h @@ -0,0 +1,229 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This code is made available to you under your choice of the following sets + * of licensing terms: + */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ +/* Copyright 2014 Mozilla Contributors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +#ifndef mozilla_pkix_pkixgtest_h +#define mozilla_pkix_pkixgtest_h + +#include <ostream> + +#if defined(__clang__) +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated" +#pragma clang diagnostic ignored "-Wmissing-noreturn" +#pragma clang diagnostic ignored "-Wshift-sign-overflow" +#pragma clang diagnostic ignored "-Wsign-conversion" +#pragma clang diagnostic ignored "-Wundef" +#elif defined(__GNUC__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wextra" +#elif defined(_MSC_VER) +#pragma warning(push, 3) +// C4224: Nonstandard extension used: formal parameter 'X' was previously +// defined as a type. +#pragma warning(disable : 4224) +// C4826: Conversion from 'type1 ' to 'type_2' is sign - extended. This may +// cause unexpected runtime behavior. +#pragma warning(disable : 4826) +#endif + +#include "gtest/gtest.h" + +#if defined(__clang__) +#pragma clang diagnostic pop +#elif defined(__GNUC__) +#pragma GCC diagnostic pop +#elif defined(_MSC_VER) +#pragma warning(pop) +#endif + +#include "mozpkix/pkix.h" +#include "mozpkix/test/pkixtestutil.h" + +// PrintTo must be in the same namespace as the type we're overloading it for. +namespace mozilla { +namespace pkix { + +inline void PrintTo(const Result& result, ::std::ostream* os) { + const char* stringified = MapResultToName(result); + if (stringified) { + *os << stringified; + } else { + *os << "mozilla::pkix::Result(" << static_cast<unsigned int>(result) << ")"; + } +} +} +} // namespace mozilla::pkix + +namespace mozilla { +namespace pkix { +namespace test { + +extern const std::time_t oneDayBeforeNow; +extern const std::time_t oneDayAfterNow; +extern const std::time_t twoDaysBeforeNow; +extern const std::time_t twoDaysAfterNow; +extern const std::time_t tenDaysBeforeNow; +extern const std::time_t tenDaysAfterNow; + +class EverythingFailsByDefaultTrustDomain : public TrustDomain { + public: + Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input, + /*out*/ TrustLevel&) override { + ADD_FAILURE(); + return NotReached("GetCertTrust should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result FindIssuer(Input, IssuerChecker&, Time) override { + ADD_FAILURE(); + return NotReached("FindIssuer should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration, + /*optional*/ const Input*, + /*optional*/ const Input*) override { + ADD_FAILURE(); + return NotReached("CheckRevocation should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override { + ADD_FAILURE(); + return NotReached("IsChainValid should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result DigestBuf(Input, DigestAlgorithm, /*out*/ uint8_t*, size_t) override { + ADD_FAILURE(); + return NotReached("DigestBuf should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, + Time) override { + ADD_FAILURE(); + return NotReached("CheckSignatureDigestAlgorithm should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override { + ADD_FAILURE(); + return NotReached("CheckECDSACurveIsAcceptable should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result VerifyECDSASignedDigest(const SignedDigest&, Input) override { + ADD_FAILURE(); + return NotReached("VerifyECDSASignedDigest should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, + unsigned int) override { + ADD_FAILURE(); + return NotReached("CheckRSAPublicKeyModulusSizeInBits should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result VerifyRSAPKCS1SignedDigest(const SignedDigest&, Input) override { + ADD_FAILURE(); + return NotReached("VerifyRSAPKCS1SignedDigest should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, + KeyPurposeId) override { + ADD_FAILURE(); + return NotReached("CheckValidityIsAcceptable should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + Result NetscapeStepUpMatchesServerAuth(Time, bool&) override { + ADD_FAILURE(); + return NotReached("NetscapeStepUpMatchesServerAuth should not be called", + Result::FATAL_ERROR_LIBRARY_FAILURE); + } + + virtual void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override { + ADD_FAILURE(); + } +}; + +class DefaultCryptoTrustDomain : public EverythingFailsByDefaultTrustDomain { + Result DigestBuf(Input item, DigestAlgorithm digestAlg, + /*out*/ uint8_t* digestBuf, size_t digestBufLen) override { + return TestDigestBuf(item, digestAlg, digestBuf, digestBufLen); + } + + Result CheckSignatureDigestAlgorithm(DigestAlgorithm, EndEntityOrCA, + Time) override { + return Success; + } + + Result CheckECDSACurveIsAcceptable(EndEntityOrCA, NamedCurve) override { + return Success; + } + + Result VerifyECDSASignedDigest(const SignedDigest& signedDigest, + Input subjectPublicKeyInfo) override { + return TestVerifyECDSASignedDigest(signedDigest, subjectPublicKeyInfo); + } + + Result CheckRSAPublicKeyModulusSizeInBits(EndEntityOrCA, + unsigned int) override { + return Success; + } + + Result VerifyRSAPKCS1SignedDigest(const SignedDigest& signedDigest, + Input subjectPublicKeyInfo) override { + return TestVerifyRSAPKCS1SignedDigest(signedDigest, subjectPublicKeyInfo); + } + + Result CheckValidityIsAcceptable(Time, Time, EndEntityOrCA, + KeyPurposeId) override { + return Success; + } + + Result NetscapeStepUpMatchesServerAuth(Time, /*out*/ bool& matches) override { + matches = true; + return Success; + } + + void NoteAuxiliaryExtension(AuxiliaryExtension, Input) override {} +}; + +class DefaultNameMatchingPolicy : public NameMatchingPolicy { + public: + virtual Result FallBackToCommonName( + Time, + /*out*/ FallBackToSearchWithinSubject& fallBackToCommonName) override { + fallBackToCommonName = FallBackToSearchWithinSubject::Yes; + return Success; + } +}; +} +} +} // namespace mozilla::pkix::test + +#endif // mozilla_pkix_pkixgtest_h |