Index: webrtc/base/rtccertificate_unittests.cc |
diff --git a/webrtc/base/rtccertificate_unittests.cc b/webrtc/base/rtccertificate_unittests.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..8b5d440a3bfa148fdfe034b8b94a48b1be7352c7 |
--- /dev/null |
+++ b/webrtc/base/rtccertificate_unittests.cc |
@@ -0,0 +1,98 @@ |
+/* |
+ * Copyright 2015 The WebRTC Project Authors. All rights reserved. |
+ * |
+ * Use of this source code is governed by a BSD-style license |
+ * that can be found in the LICENSE file in the root of the source |
+ * tree. An additional intellectual property rights grant can be found |
+ * in the file PATENTS. All contributing project authors may |
+ * be found in the AUTHORS file in the root of the source tree. |
+ */ |
+ |
+#include "webrtc/base/checks.h" |
torbjorng (webrtc)
2015/12/04 12:47:46
nit: I don't think all these #Includes are needed.
|
+#include "webrtc/base/gunit.h" |
+#include "webrtc/base/logging.h" |
+#include "webrtc/base/rtccertificate.h" |
+#include "webrtc/base/safe_conversions.h" |
+#include "webrtc/base/scoped_ptr.h" |
+#include "webrtc/base/sslidentity.h" |
+#include "webrtc/base/thread.h" |
+#include "webrtc/base/timeutils.h" |
+ |
+namespace rtc { |
+ |
+class RTCCertificateTest : public testing::Test { |
+ public: |
+ RTCCertificateTest() {} |
+ ~RTCCertificateTest() {} |
+ |
+ protected: |
+ // Gets the current time in ms since epoch, 1970-01-01T00:00:00Z. |
+ // If |seconds_precision| is true it is rounded down to seconds-precision. |
+ // This is useful when comparing expiration times since CreateCertificate is |
+ // limited to seconds-precision. |
+ uint64_t Now(bool seconds_precision) const { |
+ uint64_t now = TimeNanos() / kNumNanosecsPerMillisec; |
+ if (seconds_precision) |
+ return (now / 1000) * 1000; |
+ return now; |
+ } |
+ |
+ // Generates a certificate with the specified |expiration_time|, expressed in |
+ // number of ms since epoch, 1970-01-01T00:00:00Z. The expiration time is |
torbjorng (webrtc)
2015/12/04 12:47:46
Note that a cert cannot store greater accuracy tha
|
+ // converted to time_t meaning it is rounded down to number of seconds (note: |
+ // loss of precision) and these number of seconds must be in valid range of |
+ // time_t. On some 32-bit systems time_t is limited to < 2^31. On such systems |
+ // this will fail for expiration times of year 2038 or later. |
+ scoped_refptr<RTCCertificate> CreateCertificate(uint64_t expires_time) const { |
+ uint64_t expires_time_s = expires_time / kNumMillisecsPerSec; // ms -> s |
+ RTC_CHECK(rtc::IsValueInRangeForNumericType<time_t>(expires_time_s)); |
+ |
+ rtc::SSLIdentityParams params; |
+ params.common_name = "RTCCertificateTest's certificate"; |
+ params.not_before = 0; |
+ params.not_after = static_cast<time_t>(expires_time_s); |
+ // Certificate type does not matter for our purposes, using ECDSA because it |
+ // is fast to generate. |
+ params.key_params = rtc::KeyParams::ECDSA(rtc::EC_NIST_P256); |
+ |
+ scoped_ptr<SSLIdentity> identity(rtc::SSLIdentity::GenerateForTest(params)); |
hta-webrtc
2015/12/03 18:16:05
You can make the test a lot more isolated (not dep
hbos
2015/12/04 09:58:56
Ok. I'll add a expiration setter to FakeSSLCertifi
|
+ return RTCCertificate::Create(identity.Pass()); |
+ } |
+}; |
+ |
+TEST_F(RTCCertificateTest, ExpiresNow) { |
+ uint64_t now = Now(true); |
+ scoped_refptr<RTCCertificate> certificate = CreateCertificate(now); |
+ EXPECT_EQ(now, certificate->Expires()); |
+} |
+ |
+TEST_F(RTCCertificateTest, HasExpired) { |
+ scoped_refptr<RTCCertificate> certificate; |
+ |
+ // Test that a certificate that should not have expired hasn't. |
+ bool retry = true; |
+ while (retry) { |
hta-webrtc
2015/12/03 18:16:05
Looping until the times align is a Bad Thing.
You
hbos
2015/12/04 09:58:56
Point taken, I'll simplify.
Though as-is, one tes
|
+ // Generate a certificate that expires in 0-1 seconds. |
+ // Note seconds-precision of |expires| due to CreateCertificate. |
+ uint64_t expires = Now(true) + 1000; |
+ certificate = CreateCertificate(expires); |
+ bool has_expired = certificate->HasExpired(); |
+ if (has_expired) { |
+ // Expecting not to have expired, but in the rare case that too much time |
+ // passed between certificate generation and the HasExpired check we have |
+ // to try again. |
+ uint64_t now = Now(false); |
+ if (now >= expires) |
+ continue; |
+ } |
+ EXPECT_FALSE(has_expired); |
+ retry = false; |
+ } |
+ RTC_CHECK(certificate); |
+ |
+ // Test that ~1.5 seconds later it has expired. |
+ Thread::Current()->SleepMs(1500); |
hta-webrtc
2015/12/03 18:16:05
Argh. This is going to cost us heavily. Sleeping i
hbos
2015/12/04 09:58:56
Ok. I wanted to test going from non-expired to exp
torbjorng (webrtc)
2015/12/04 12:47:46
I disagree (with the Argh and with the technical c
hta-webrtc
2015/12/04 13:32:44
I'm afraid I disagree about the importance. This i
|
+ EXPECT_TRUE(certificate->HasExpired()); |
+} |
+ |
+} // namespace rtc |