Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(306)

Side by Side Diff: webrtc/base/rtccertificate_unittest.cc

Issue 2877023002: Move webrtc/{base => rtc_base} (Closed)
Patch Set: update presubmit.py and DEPS include rules Created 3 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « webrtc/base/rtccertificate.cc ('k') | webrtc/base/rtccertificategenerator.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /*
2 * Copyright 2015 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11 #include <memory>
12 #include <utility>
13
14 #include "webrtc/base/checks.h"
15 #include "webrtc/base/fakesslidentity.h"
16 #include "webrtc/base/gunit.h"
17 #include "webrtc/base/logging.h"
18 #include "webrtc/base/rtccertificate.h"
19 #include "webrtc/base/safe_conversions.h"
20 #include "webrtc/base/sslidentity.h"
21 #include "webrtc/base/thread.h"
22 #include "webrtc/base/timeutils.h"
23
24 namespace rtc {
25
26 namespace {
27
28 static const char* kTestCertCommonName = "RTCCertificateTest's certificate";
29
30 } // namespace
31
32 class RTCCertificateTest : public testing::Test {
33 public:
34 RTCCertificateTest() {}
35 ~RTCCertificateTest() {}
36
37 protected:
38 scoped_refptr<RTCCertificate> GenerateECDSA() {
39 std::unique_ptr<SSLIdentity> identity(
40 SSLIdentity::Generate(kTestCertCommonName, KeyParams::ECDSA()));
41 RTC_CHECK(identity);
42 return RTCCertificate::Create(std::move(identity));
43 }
44
45 // Timestamp note:
46 // All timestamps in this unittest are expressed in number of seconds since
47 // epoch, 1970-01-01T00:00:00Z (UTC). The RTCCertificate interface uses ms,
48 // but only seconds-precision is supported by SSLCertificate. To make the
49 // tests clearer we convert everything to seconds since the precision matters
50 // when generating certificates or comparing timestamps.
51 // As a result, ExpiresSeconds and HasExpiredSeconds are used instead of
52 // RTCCertificate::Expires and ::HasExpired for ms -> s conversion.
53
54 uint64_t NowSeconds() const {
55 return TimeNanos() / kNumNanosecsPerSec;
56 }
57
58 uint64_t ExpiresSeconds(const scoped_refptr<RTCCertificate>& cert) const {
59 uint64_t exp_ms = cert->Expires();
60 uint64_t exp_s = exp_ms / kNumMillisecsPerSec;
61 // Make sure this did not result in loss of precision.
62 RTC_CHECK_EQ(exp_s * kNumMillisecsPerSec, exp_ms);
63 return exp_s;
64 }
65
66 bool HasExpiredSeconds(const scoped_refptr<RTCCertificate>& cert,
67 uint64_t now_s) const {
68 return cert->HasExpired(now_s * kNumMillisecsPerSec);
69 }
70
71 // An RTC_CHECK ensures that |expires_s| this is in valid range of time_t as
72 // is required by SSLIdentityParams. On some 32-bit systems time_t is limited
73 // to < 2^31. On such systems this will fail for expiration times of year 2038
74 // or later.
75 scoped_refptr<RTCCertificate> GenerateCertificateWithExpires(
76 uint64_t expires_s) const {
77 RTC_CHECK(IsValueInRangeForNumericType<time_t>(expires_s));
78
79 SSLIdentityParams params;
80 params.common_name = kTestCertCommonName;
81 params.not_before = 0;
82 params.not_after = static_cast<time_t>(expires_s);
83 // Certificate type does not matter for our purposes, using ECDSA because it
84 // is fast to generate.
85 params.key_params = KeyParams::ECDSA();
86
87 std::unique_ptr<SSLIdentity> identity(SSLIdentity::GenerateForTest(params));
88 return RTCCertificate::Create(std::move(identity));
89 }
90 };
91
92 TEST_F(RTCCertificateTest, NewCertificateNotExpired) {
93 // Generate a real certificate without specifying the expiration time.
94 // Certificate type doesn't matter, using ECDSA because it's fast to generate.
95 scoped_refptr<RTCCertificate> certificate = GenerateECDSA();
96
97 uint64_t now = NowSeconds();
98 EXPECT_FALSE(HasExpiredSeconds(certificate, now));
99 // Even without specifying the expiration time we would expect it to be valid
100 // for at least half an hour.
101 EXPECT_FALSE(HasExpiredSeconds(certificate, now + 30*60));
102 }
103
104 TEST_F(RTCCertificateTest, UsesExpiresAskedFor) {
105 uint64_t now = NowSeconds();
106 scoped_refptr<RTCCertificate> certificate =
107 GenerateCertificateWithExpires(now);
108 EXPECT_EQ(now, ExpiresSeconds(certificate));
109 }
110
111 TEST_F(RTCCertificateTest, ExpiresInOneSecond) {
112 // Generate a certificate that expires in 1s.
113 uint64_t now = NowSeconds();
114 scoped_refptr<RTCCertificate> certificate =
115 GenerateCertificateWithExpires(now + 1);
116 // Now it should not have expired.
117 EXPECT_FALSE(HasExpiredSeconds(certificate, now));
118 // In 2s it should have expired.
119 EXPECT_TRUE(HasExpiredSeconds(certificate, now + 2));
120 }
121
122 TEST_F(RTCCertificateTest, DifferentCertificatesNotEqual) {
123 scoped_refptr<RTCCertificate> a = GenerateECDSA();
124 scoped_refptr<RTCCertificate> b = GenerateECDSA();
125 EXPECT_TRUE(*a != *b);
126 }
127
128 TEST_F(RTCCertificateTest, CloneWithPEMSerialization) {
129 scoped_refptr<RTCCertificate> orig = GenerateECDSA();
130
131 // To PEM.
132 RTCCertificatePEM orig_pem = orig->ToPEM();
133 // Clone from PEM.
134 scoped_refptr<RTCCertificate> clone = RTCCertificate::FromPEM(orig_pem);
135 EXPECT_TRUE(clone);
136 EXPECT_TRUE(*orig == *clone);
137 EXPECT_EQ(orig->Expires(), clone->Expires());
138 }
139
140 TEST_F(RTCCertificateTest, FromPEMWithInvalidPEM) {
141 RTCCertificatePEM pem("not a valid PEM", "not a valid PEM");
142 scoped_refptr<RTCCertificate> certificate = RTCCertificate::FromPEM(pem);
143 EXPECT_FALSE(certificate);
144 }
145
146 } // namespace rtc
OLDNEW
« no previous file with comments | « webrtc/base/rtccertificate.cc ('k') | webrtc/base/rtccertificategenerator.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698