Blame - talk/base/sslidentity_unittest.cc - webrtc.googlesource.com/src

blob: 6970426781de62e1c83d748db54f525497257275 [file] [log] [blame]

henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	1	/*
				2	* libjingle
				3	* Copyright 2011, Google Inc.
				4	* Portions Copyright 2011, RTFM, Inc.
				5	*
				6	* Redistribution and use in source and binary forms, with or without
				7	* modification, are permitted provided that the following conditions are met:
				8	*
				9	* 1. Redistributions of source code must retain the above copyright notice,
				10	* this list of conditions and the following disclaimer.
				11	* 2. Redistributions in binary form must reproduce the above copyright notice,
				12	* this list of conditions and the following disclaimer in the documentation
				13	* and/or other materials provided with the distribution.
				14	* 3. The name of the author may not be used to endorse or promote products
				15	* derived from this software without specific prior written permission.
				16	*
				17	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
				18	* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
				19	* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
				20	* EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
				21	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
				22	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
				23	* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
				24	* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
				25	* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
				26	* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				27	*/
				28
				29	#include <string>
				30
				31	#include "talk/base/gunit.h"
				32	#include "talk/base/ssladapter.h"
				33	#include "talk/base/sslidentity.h"
				34
wu@webrtc.org	91053e7	2013-08-10 07:18:04 +0000	[diff] [blame^]	35	using talk_base::SSLIdentity;
				36
henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	37	const char kTestCertificate[] = "-----BEGIN CERTIFICATE-----\n"
				38	"MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV\n"
				39	"BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD\n"
				40	"VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0\n"
				41	"MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG\n"
				42	"A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl\n"
				43	"cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP\n"
				44	"Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//\n"
				45	"Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4\n"
				46	"GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM\n"
				47	"k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz\n"
				48	"itAE+OjGF+PFKbwX8Q==\n"
				49	"-----END CERTIFICATE-----\n";
				50
				51	const unsigned char kTestCertSha1[] = {0xA6, 0xC8, 0x59, 0xEA,
				52	0xC3, 0x7E, 0x6D, 0x33,
				53	0xCF, 0xE2, 0x69, 0x9D,
				54	0x74, 0xE6, 0xF6, 0x8A,
				55	0x9E, 0x47, 0xA7, 0xCA};
				56
				57	class SSLIdentityTest : public testing::Test {
				58	public:
				59	SSLIdentityTest() :
				60	identity1_(NULL), identity2_(NULL) {
				61	}
				62
				63	~SSLIdentityTest() {
				64	}
				65
				66	static void SetUpTestCase() {
				67	talk_base::InitializeSSL();
				68	}
				69
henrike@webrtc.org	1e09a71	2013-07-26 19:17:59 +0000	[diff] [blame]	70	static void TearDownTestCase() {
				71	talk_base::CleanupSSL();
				72	}
				73
henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	74	virtual void SetUp() {
wu@webrtc.org	91053e7	2013-08-10 07:18:04 +0000	[diff] [blame^]	75	identity1_.reset(SSLIdentity::Generate("test1"));
				76	identity2_.reset(SSLIdentity::Generate("test2"));
henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	77
				78	ASSERT_TRUE(identity1_);
				79	ASSERT_TRUE(identity2_);
				80
				81	test_cert_.reset(
				82	talk_base::SSLCertificate::FromPEMString(kTestCertificate));
				83	ASSERT_TRUE(test_cert_);
				84	}
				85
				86	void TestDigest(const std::string &algorithm, size_t expected_len,
				87	const unsigned char *expected_digest = NULL) {
				88	unsigned char digest1[64];
				89	unsigned char digest1b[64];
				90	unsigned char digest2[64];
				91	size_t digest1_len;
				92	size_t digest1b_len;
				93	size_t digest2_len;
				94	bool rv;
				95
				96	rv = identity1_->certificate().ComputeDigest(algorithm,
				97	digest1, sizeof(digest1),
				98	&digest1_len);
				99	EXPECT_TRUE(rv);
				100	EXPECT_EQ(expected_len, digest1_len);
				101
				102	rv = identity1_->certificate().ComputeDigest(algorithm,
				103	digest1b, sizeof(digest1b),
				104	&digest1b_len);
				105	EXPECT_TRUE(rv);
				106	EXPECT_EQ(expected_len, digest1b_len);
				107	EXPECT_EQ(0, memcmp(digest1, digest1b, expected_len));
				108
				109
				110	rv = identity2_->certificate().ComputeDigest(algorithm,
				111	digest2, sizeof(digest2),
				112	&digest2_len);
				113	EXPECT_TRUE(rv);
				114	EXPECT_EQ(expected_len, digest2_len);
				115	EXPECT_NE(0, memcmp(digest1, digest2, expected_len));
				116
				117	// If we have an expected hash for the test cert, check it.
				118	if (expected_digest) {
				119	unsigned char digest3[64];
				120	size_t digest3_len;
				121
				122	rv = test_cert_->ComputeDigest(algorithm, digest3, sizeof(digest3),
				123	&digest3_len);
				124	EXPECT_TRUE(rv);
				125	EXPECT_EQ(expected_len, digest3_len);
				126	EXPECT_EQ(0, memcmp(digest3, expected_digest, expected_len));
				127	}
				128	}
				129
				130	private:
wu@webrtc.org	91053e7	2013-08-10 07:18:04 +0000	[diff] [blame^]	131	talk_base::scoped_ptr<SSLIdentity> identity1_;
				132	talk_base::scoped_ptr<SSLIdentity> identity2_;
henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	133	talk_base::scoped_ptr<talk_base::SSLCertificate> test_cert_;
				134	};
				135
				136	TEST_F(SSLIdentityTest, DigestSHA1) {
				137	TestDigest(talk_base::DIGEST_SHA_1, 20, kTestCertSha1);
				138	}
				139
				140	// HASH_AlgSHA224 is not supported in the chromium linux build.
				141	#if SSL_USE_NSS
				142	TEST_F(SSLIdentityTest, DISABLED_DigestSHA224) {
				143	#else
				144	TEST_F(SSLIdentityTest, DigestSHA224) {
				145	#endif
				146	TestDigest(talk_base::DIGEST_SHA_224, 28);
				147	}
				148
				149	TEST_F(SSLIdentityTest, DigestSHA256) {
				150	TestDigest(talk_base::DIGEST_SHA_256, 32);
				151	}
				152
				153	TEST_F(SSLIdentityTest, DigestSHA384) {
				154	TestDigest(talk_base::DIGEST_SHA_384, 48);
				155	}
				156
				157	TEST_F(SSLIdentityTest, DigestSHA512) {
				158	TestDigest(talk_base::DIGEST_SHA_512, 64);
				159	}
				160
				161	TEST_F(SSLIdentityTest, FromPEMStrings) {
				162	static const char kRSA_PRIVATE_KEY_PEM[] =
				163	"-----BEGIN RSA PRIVATE KEY-----\n"
				164	"MIICXQIBAAKBgQDCueE4a9hDMZ3sbVZdlXOz9ZA+cvzie3zJ9gXnT/BCt9P4b9HE\n"
				165	"vD/tr73YBqD3Wr5ZWScmyGYF9EMn0r3rzBxv6oooLU5TdUvOm4rzUjkCLQaQML8o\n"
				166	"NxXq+qW/j3zUKGikLhaaAl/amaX2zSWUsRQ1CpngQ3+tmDNH4/25TncNmQIDAQAB\n"
				167	"AoGAUcuU0Id0k10fMjYHZk4mCPzot2LD2Tr4Aznl5vFMQipHzv7hhZtx2xzMSRcX\n"
				168	"vG+Qr6VkbcUWHgApyWubvZXCh3+N7Vo2aYdMAQ8XqmFpBdIrL5CVdVfqFfEMlgEy\n"
				169	"LSZNG5klnrIfl3c7zQVovLr4eMqyl2oGfAqPQz75+fecv1UCQQD6wNHch9NbAG1q\n"
				170	"yuFEhMARB6gDXb+5SdzFjjtTWW5uJfm4DcZLoYyaIZm0uxOwsUKd0Rsma+oGitS1\n"
				171	"CXmuqfpPAkEAxszyN3vIdpD44SREEtyKZBMNOk5pEIIGdbeMJC5/XHvpxww9xkoC\n"
				172	"+39NbvUZYd54uT+rafbx4QZKc0h9xA/HlwJBAL37lYVWy4XpPv1olWCKi9LbUCqs\n"
				173	"vvQtyD1N1BkEayy9TQRsO09WKOcmigRqsTJwOx7DLaTgokEuspYvhagWVPUCQE/y\n"
				174	"0+YkTbYBD1Xbs9SyBKXCU6uDJRWSdO6aZi2W1XloC9gUwDMiSJjD1Wwt/YsyYPJ+\n"
				175	"/Hyc5yFL2l0KZimW/vkCQQCjuZ/lPcH46EuzhdbRfumDOG5N3ld7UhGI1TIRy17W\n"
				176	"dGF90cG33/L6BfS8Ll+fkkW/2AMRk8FDvF4CZi2nfW4L\n"
				177	"-----END RSA PRIVATE KEY-----\n";
				178
				179	static const char kCERT_PEM[] =
				180	"-----BEGIN CERTIFICATE-----\n"
				181	"MIIBmTCCAQICCQCPNJORW/M13DANBgkqhkiG9w0BAQUFADARMQ8wDQYDVQQDDAZ3\n"
				182	"ZWJydGMwHhcNMTMwNjE0MjIzMDAxWhcNMTQwNjE0MjIzMDAxWjARMQ8wDQYDVQQD\n"
				183	"DAZ3ZWJydGMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMK54Thr2EMxnext\n"
				184	"Vl2Vc7P1kD5y/OJ7fMn2BedP8EK30/hv0cS8P+2vvdgGoPdavllZJybIZgX0QyfS\n"
				185	"vevMHG/qiigtTlN1S86bivNSOQItBpAwvyg3Fer6pb+PfNQoaKQuFpoCX9qZpfbN\n"
				186	"JZSxFDUKmeBDf62YM0fj/blOdw2ZAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAECMt\n"
				187	"UZb35H8TnjGx4XPzco/kbnurMLFFWcuve/DwTsuf10Ia9N4md8LY0UtgIgtyNqWc\n"
				188	"ZwyRMwxONF6ty3wcaIiPbGqiAa55T3YRuPibkRmck9CjrmM9JAtyvqHnpHd2TsBD\n"
				189	"qCV42aXS3onOXDQ1ibuWq0fr0//aj0wo4KV474c=\n"
				190	"-----END CERTIFICATE-----\n";
				191
wu@webrtc.org	91053e7	2013-08-10 07:18:04 +0000	[diff] [blame^]	192	talk_base::scoped_ptr<SSLIdentity> identity(
				193	SSLIdentity::FromPEMStrings(kRSA_PRIVATE_KEY_PEM, kCERT_PEM));
henrike@webrtc.org	28e2075	2013-07-10 00:45:36 +0000	[diff] [blame]	194	EXPECT_TRUE(identity);
				195	EXPECT_EQ(kCERT_PEM, identity->certificate().ToPEMString());
				196	}
wu@webrtc.org	91053e7	2013-08-10 07:18:04 +0000	[diff] [blame^]	197
				198	TEST_F(SSLIdentityTest, PemDerConversion) {
				199	std::string der;
				200	EXPECT_TRUE(SSLIdentity::PemToDer("CERTIFICATE", kTestCertificate, &der));
				201
				202	EXPECT_EQ(kTestCertificate, SSLIdentity::DerToPem(
				203	"CERTIFICATE",
				204	reinterpret_cast<const unsigned char*>(der.data()), der.length()));
				205	}