1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/test/cert_test_util.h"
6
7 #include <string_view>
8
9 #include "base/files/file_path.h"
10 #include "base/files/file_util.h"
11 #include "base/threading/thread_restrictions.h"
12 #include "net/cert/ev_root_ca_metadata.h"
13 #include "net/cert/x509_certificate.h"
14 #include "net/cert/x509_util.h"
15 #include "net/test/test_data_directory.h"
16 #include "third_party/boringssl/src/include/openssl/bytestring.h"
17 #include "third_party/boringssl/src/include/openssl/evp.h"
18
19 namespace net {
20
CreateCertificateListFromFile(const base::FilePath & certs_dir,std::string_view cert_file,int format)21 CertificateList CreateCertificateListFromFile(const base::FilePath& certs_dir,
22 std::string_view cert_file,
23 int format) {
24 base::FilePath cert_path = certs_dir.AppendASCII(cert_file);
25 std::string cert_data;
26 if (!base::ReadFileToString(cert_path, &cert_data))
27 return CertificateList();
28 return X509Certificate::CreateCertificateListFromBytes(
29 base::as_byte_span(cert_data), format);
30 }
31
LoadCertificateFiles(const std::vector<std::string> & cert_filenames,CertificateList * certs)32 ::testing::AssertionResult LoadCertificateFiles(
33 const std::vector<std::string>& cert_filenames,
34 CertificateList* certs) {
35 certs->clear();
36 for (const std::string& filename : cert_filenames) {
37 scoped_refptr<X509Certificate> cert = CreateCertificateChainFromFile(
38 GetTestCertsDirectory(), filename, X509Certificate::FORMAT_AUTO);
39 if (!cert)
40 return ::testing::AssertionFailure()
41 << "Failed loading certificate from file: " << filename
42 << " (in directory: " << GetTestCertsDirectory().value() << ")";
43 certs->push_back(cert);
44 }
45
46 return ::testing::AssertionSuccess();
47 }
48
CreateCertificateChainFromFile(const base::FilePath & certs_dir,std::string_view cert_file,int format)49 scoped_refptr<X509Certificate> CreateCertificateChainFromFile(
50 const base::FilePath& certs_dir,
51 std::string_view cert_file,
52 int format) {
53 CertificateList certs = CreateCertificateListFromFile(
54 certs_dir, cert_file, format);
55 if (certs.empty())
56 return nullptr;
57
58 std::vector<bssl::UniquePtr<CRYPTO_BUFFER>> intermediates;
59 for (size_t i = 1; i < certs.size(); ++i)
60 intermediates.push_back(bssl::UpRef(certs[i]->cert_buffer()));
61
62 scoped_refptr<X509Certificate> result(X509Certificate::CreateFromBuffer(
63 bssl::UpRef(certs[0]->cert_buffer()), std::move(intermediates)));
64 return result;
65 }
66
ImportCertFromFile(const base::FilePath & cert_path)67 scoped_refptr<X509Certificate> ImportCertFromFile(
68 const base::FilePath& cert_path) {
69 base::ScopedAllowBlockingForTesting allow_blocking;
70 std::string cert_data;
71 if (!base::ReadFileToString(cert_path, &cert_data))
72 return nullptr;
73
74 CertificateList certs_in_file =
75 X509Certificate::CreateCertificateListFromBytes(
76 base::as_byte_span(cert_data), X509Certificate::FORMAT_AUTO);
77 if (certs_in_file.empty())
78 return nullptr;
79 return certs_in_file[0];
80 }
81
ImportCertFromFile(const base::FilePath & certs_dir,std::string_view cert_file)82 scoped_refptr<X509Certificate> ImportCertFromFile(
83 const base::FilePath& certs_dir,
84 std::string_view cert_file) {
85 return ImportCertFromFile(certs_dir.AppendASCII(cert_file));
86 }
87
ScopedTestEVPolicy(EVRootCAMetadata * ev_root_ca_metadata,const SHA256HashValue & fingerprint,const char * policy)88 ScopedTestEVPolicy::ScopedTestEVPolicy(EVRootCAMetadata* ev_root_ca_metadata,
89 const SHA256HashValue& fingerprint,
90 const char* policy)
91 : fingerprint_(fingerprint), ev_root_ca_metadata_(ev_root_ca_metadata) {
92 EXPECT_TRUE(ev_root_ca_metadata->AddEVCA(fingerprint, policy));
93 }
94
~ScopedTestEVPolicy()95 ScopedTestEVPolicy::~ScopedTestEVPolicy() {
96 EXPECT_TRUE(ev_root_ca_metadata_->RemoveEVCA(fingerprint_));
97 }
98
99 } // namespace net
100