| Bob Beck | bc97b7a | 2023-04-18 08:35:15 -0600 | [diff] [blame] | 1 | // Copyright 2016 The Chromium Authors |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "path_builder.h" |
| 6 | |
| 7 | #include "cert_issuer_source_static.h" |
| 8 | #include "simple_path_builder_delegate.h" |
| 9 | #include "trust_store_in_memory.h" |
| 10 | #include "verify_certificate_chain_typed_unittest.h" |
| 11 | |
| 12 | namespace bssl { |
| 13 | |
| 14 | namespace { |
| 15 | |
| 16 | class PathBuilderTestDelegate { |
| 17 | public: |
| Bob Beck | 5c7a2a0 | 2023-11-20 17:28:21 -0700 | [diff] [blame] | 18 | static void Verify(const VerifyCertChainTest &test, |
| 19 | const std::string &test_file_path) { |
| Bob Beck | bc97b7a | 2023-04-18 08:35:15 -0600 | [diff] [blame] | 20 | SimplePathBuilderDelegate path_builder_delegate(1024, test.digest_policy); |
| 21 | ASSERT_FALSE(test.chain.empty()); |
| 22 | |
| 23 | TrustStoreInMemory trust_store; |
| 24 | trust_store.AddCertificate(test.chain.back(), test.last_cert_trust); |
| 25 | |
| 26 | CertIssuerSourceStatic intermediate_cert_issuer_source; |
| Bob Beck | 6beabf3 | 2023-11-21 09:43:52 -0700 | [diff] [blame] | 27 | for (size_t i = 1; i < test.chain.size(); ++i) { |
| Bob Beck | bc97b7a | 2023-04-18 08:35:15 -0600 | [diff] [blame] | 28 | intermediate_cert_issuer_source.AddCert(test.chain[i]); |
| Bob Beck | 6beabf3 | 2023-11-21 09:43:52 -0700 | [diff] [blame] | 29 | } |
| Bob Beck | bc97b7a | 2023-04-18 08:35:15 -0600 | [diff] [blame] | 30 | |
| 31 | // First cert in the |chain| is the target. |
| 32 | CertPathBuilder path_builder( |
| 33 | test.chain.front(), &trust_store, &path_builder_delegate, test.time, |
| 34 | test.key_purpose, test.initial_explicit_policy, |
| 35 | test.user_initial_policy_set, test.initial_policy_mapping_inhibit, |
| 36 | test.initial_any_policy_inhibit); |
| 37 | path_builder.AddCertIssuerSource(&intermediate_cert_issuer_source); |
| 38 | |
| 39 | CertPathBuilder::Result result = path_builder.Run(); |
| 40 | EXPECT_EQ(!test.HasHighSeverityErrors(), result.HasValidPath()); |
| 41 | if (result.HasValidPath()) { |
| 42 | VerifyUserConstrainedPolicySet( |
| 43 | test.expected_user_constrained_policy_set, |
| 44 | result.GetBestValidPath()->user_constrained_policy_set, |
| 45 | test_file_path); |
| 46 | } |
| 47 | } |
| 48 | }; |
| 49 | |
| 50 | } // namespace |
| 51 | |
| 52 | INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder, |
| 53 | VerifyCertificateChainSingleRootTest, |
| 54 | PathBuilderTestDelegate); |
| 55 | |
| Bob Beck | 5c7a2a0 | 2023-11-20 17:28:21 -0700 | [diff] [blame] | 56 | } // namespace bssl |
