1 // Copyright 2016 The Chromium Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #include "path_builder.h"
16 
17 #include "cert_issuer_source_static.h"
18 #include "simple_path_builder_delegate.h"
19 #include "trust_store_in_memory.h"
20 #include "verify_certificate_chain_typed_unittest.h"
21 
22 BSSL_NAMESPACE_BEGIN
23 
24 namespace {
25 
26 class PathBuilderTestDelegate {
27  public:
Verify(const VerifyCertChainTest & test,const std::string & test_file_path)28   static void Verify(const VerifyCertChainTest &test,
29                      const std::string &test_file_path) {
30     SimplePathBuilderDelegate path_builder_delegate(1024, test.digest_policy);
31     ASSERT_FALSE(test.chain.empty());
32 
33     TrustStoreInMemory trust_store;
34     trust_store.AddCertificate(test.chain.back(), test.last_cert_trust);
35 
36     CertIssuerSourceStatic intermediate_cert_issuer_source;
37     for (size_t i = 1; i < test.chain.size(); ++i) {
38       intermediate_cert_issuer_source.AddCert(test.chain[i]);
39     }
40 
41     // First cert in the |chain| is the target.
42     CertPathBuilder path_builder(
43         test.chain.front(), &trust_store, &path_builder_delegate, test.time,
44         test.key_purpose, test.initial_explicit_policy,
45         test.user_initial_policy_set, test.initial_policy_mapping_inhibit,
46         test.initial_any_policy_inhibit);
47     path_builder.AddCertIssuerSource(&intermediate_cert_issuer_source);
48 
49     CertPathBuilder::Result result = path_builder.Run();
50     EXPECT_EQ(!test.HasHighSeverityErrors(), result.HasValidPath());
51     if (result.HasValidPath()) {
52       VerifyUserConstrainedPolicySet(
53           test.expected_user_constrained_policy_set,
54           result.GetBestValidPath()->user_constrained_policy_set,
55           test_file_path);
56     }
57   }
58 };
59 
60 }  // namespace
61 
62 INSTANTIATE_TYPED_TEST_SUITE_P(PathBuilder,
63                                VerifyCertificateChainSingleRootTest,
64                                PathBuilderTestDelegate);
65 
66 BSSL_NAMESPACE_END
67