1 /*
2 * libjingle
3 * Copyright 2011, Google Inc.
4 * Portions Copyright 2011, RTFM, Inc.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright notice,
12 * this list of conditions and the following disclaimer in the documentation
13 * and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
20 * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
22 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
23 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
24 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
25 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
26 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28
29 #include <string>
30
31 #include "talk/base/gunit.h"
32 #include "talk/base/sslidentity.h"
33
34 const char kTestCertificate[] = "-----BEGIN CERTIFICATE-----\n"
35 "MIIB6TCCAVICAQYwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV\n"
36 "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD\n"
37 "VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNMDAxMDE2MjIzMTAzWhcNMDMwMTE0\n"
38 "MjIzMTAzWjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG\n"
39 "A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl\n"
40 "cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP\n"
41 "Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//\n"
42 "Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQCT0grFQeZaqYb5EYfk20XixZV4\n"
43 "GmyAbXMftG1Eo7qGiMhYzRwGNWxEYojf5PZkYZXvSqZ/ZXHXa4g59jK/rJNnaVGM\n"
44 "k+xIX8mxQvlV0n5O9PIha5BX5teZnkHKgL8aKKLKW1BK7YTngsfSzzaeame5iKfz\n"
45 "itAE+OjGF+PFKbwX8Q==\n"
46 "-----END CERTIFICATE-----\n";
47
48 const unsigned char kTestCertSha1[] = {0xA6, 0xC8, 0x59, 0xEA,
49 0xC3, 0x7E, 0x6D, 0x33,
50 0xCF, 0xE2, 0x69, 0x9D,
51 0x74, 0xE6, 0xF6, 0x8A,
52 0x9E, 0x47, 0xA7, 0xCA};
53
54 class SSLIdentityTest : public testing::Test {
55 public:
SSLIdentityTest()56 SSLIdentityTest() :
57 identity1_(NULL), identity2_(NULL) {
58 }
59
~SSLIdentityTest()60 ~SSLIdentityTest() {
61 }
62
SetUp()63 virtual void SetUp() {
64 identity1_.reset(talk_base::SSLIdentity::Generate("test1"));
65 identity2_.reset(talk_base::SSLIdentity::Generate("test2"));
66
67 ASSERT_TRUE(identity1_.get() != NULL);
68 ASSERT_TRUE(identity2_.get() != NULL);
69
70 test_cert_.reset(
71 talk_base::SSLCertificate::FromPEMString(kTestCertificate, 0));
72 ASSERT_TRUE(test_cert_.get() != NULL);
73 }
74
TestDigest(const std::string & algorithm,size_t expected_len,const unsigned char * expected_digest=NULL)75 void TestDigest(const std::string &algorithm, size_t expected_len,
76 const unsigned char *expected_digest = NULL) {
77 unsigned char digest1[64];
78 unsigned char digest1b[64];
79 unsigned char digest2[64];
80 size_t digest1_len;
81 size_t digest1b_len;
82 size_t digest2_len;
83 bool rv;
84
85 rv = identity1_->certificate().ComputeDigest(algorithm,
86 digest1, sizeof(digest1),
87 &digest1_len);
88 EXPECT_TRUE(rv);
89 EXPECT_EQ(expected_len, digest1_len);
90
91 rv = identity1_->certificate().ComputeDigest(algorithm,
92 digest1b, sizeof(digest1b),
93 &digest1b_len);
94 EXPECT_TRUE(rv);
95 EXPECT_EQ(expected_len, digest1b_len);
96 EXPECT_EQ(0, memcmp(digest1, digest1b, expected_len));
97
98 rv = identity2_->certificate().ComputeDigest(algorithm,
99 digest2, sizeof(digest2),
100 &digest2_len);
101 EXPECT_TRUE(rv);
102 EXPECT_EQ(expected_len, digest2_len);
103 EXPECT_NE(0, memcmp(digest1, digest2, expected_len));
104
105 // If we have an expected hash for the test cert, check it.
106 if (expected_digest != NULL) {
107 unsigned char digest3[64];
108 size_t digest3_len;
109
110 rv = test_cert_->ComputeDigest(algorithm, digest3, sizeof(digest3),
111 &digest3_len);
112 EXPECT_TRUE(rv);
113 EXPECT_EQ(expected_len, digest3_len);
114 EXPECT_EQ(0, memcmp(digest3, expected_digest, expected_len));
115 }
116 }
117
118 private:
119 talk_base::scoped_ptr<talk_base::SSLIdentity> identity1_;
120 talk_base::scoped_ptr<talk_base::SSLIdentity> identity2_;
121 talk_base::scoped_ptr<talk_base::SSLCertificate> test_cert_;
122 };
123
TEST_F(SSLIdentityTest,DigestSHA1)124 TEST_F(SSLIdentityTest, DigestSHA1) {
125 TestDigest(talk_base::DIGEST_SHA_1, 20, kTestCertSha1);
126 }
127
TEST_F(SSLIdentityTest,DigestSHA224)128 TEST_F(SSLIdentityTest, DigestSHA224) {
129 TestDigest(talk_base::DIGEST_SHA_224, 28);
130 }
131
TEST_F(SSLIdentityTest,DigestSHA256)132 TEST_F(SSLIdentityTest, DigestSHA256) {
133 TestDigest(talk_base::DIGEST_SHA_256, 32);
134 }
135
TEST_F(SSLIdentityTest,DigestSHA384)136 TEST_F(SSLIdentityTest, DigestSHA384) {
137 TestDigest(talk_base::DIGEST_SHA_384, 48);
138 }
139
TEST_F(SSLIdentityTest,DigestSHA512)140 TEST_F(SSLIdentityTest, DigestSHA512) {
141 TestDigest(talk_base::DIGEST_SHA_512, 64);
142 }
143