/* Copyright (c) 2014, Google Inc. * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include <gtest/gtest.h> #include <openssl/bio.h> #include <openssl/bytestring.h> #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/evp.h> #include <openssl/pkcs8.h> #include <openssl/mem.h> #include <openssl/span.h> #include <openssl/stack.h> #include <openssl/x509.h> #include "../test/test_data.h" #include "../test/test_util.h" // kPassword is the password shared by most of the sample PKCS#12 files. static const char kPassword[] = …; // kUnicodePassword is the password for unicode_password.p12 static const char kUnicodePassword[] = …; static bssl::Span<const uint8_t> StringToBytes(const std::string &str) { … } static void TestImpl(const char *name, bssl::Span<const uint8_t> der, const char *password, const char *friendly_name) { … } static void TestCompat(bssl::Span<const uint8_t> der) { … } TEST(PKCS12Test, TestOpenSSL) { … } TEST(PKCS12Test, TestNSS) { … } TEST(PKCS12Test, TestWindows) { … } TEST(PKCS12Test, TestPBES2) { … } TEST(PKCS12Test, TestNoEncryption) { … } TEST(PKCS12Test, TestEmptyPassword) { … } TEST(PKCS12Test, TestNullPassword) { … } TEST(PKCS12Test, TestUnicode) { … } TEST(PKCS12Test, TestWindowsCompat) { … } // kTestKey is a test P-256 key. static const uint8_t kTestKey[] = …; // kTestCert is a certificate for |kTestKey|. static const uint8_t kTestCert[] = …; // kTestCert2 is a different test certificate. static const uint8_t kTestCert2[] = …; static bssl::UniquePtr<X509> LoadX509(bssl::Span<const uint8_t> der) { … } static bssl::UniquePtr<EVP_PKEY> LoadPrivateKey(bssl::Span<const uint8_t> der) { … } static void TestRoundTrip(const char *password, const char *name, bssl::Span<const uint8_t> key_der, bssl::Span<const uint8_t> cert_der, std::vector<bssl::Span<const uint8_t>> chain_der, int key_nid, int cert_nid, int iterations, int mac_iterations) { … } TEST(PKCS12Test, RoundTrip) { … } static bssl::UniquePtr<EVP_PKEY> MakeTestKey() { … } static bssl::UniquePtr<X509> MakeTestCert(EVP_PKEY *key) { … } static bool PKCS12CreateVector(std::vector<uint8_t> *out, EVP_PKEY *pkey, const std::vector<X509 *> &certs) { … } static void ExpectPKCS12Parse(bssl::Span<const uint8_t> in, EVP_PKEY *expect_key, X509 *expect_cert, const std::vector<X509 *> &expect_ca_certs) { … } // Test that |PKCS12_parse| returns values in the expected order. TEST(PKCS12Test, Order) { … } TEST(PKCS12Test, CreateWithAlias) { … } // PKCS#12 is built on top of PKCS#7, a misdesigned, overgeneralized combinator // format. One of the features of PKCS#7 is that the content of every // ContentInfo may be omitted, to indicate that the value is "supplied by other // means". This is commonly used for "detached signatures", where the signature // is supplied separately. // // This does not make sense in the context of PKCS#12. But because PKCS#7 // combined many unrelated use cases into the same format, so PKCS#12 (and any // other use of PKCS#7) must account for and reject inputs. TEST(PKCS12Test, MissingContent) { … }
Codebase Browser
chromium