96 lines
3.3 KiB
C++
96 lines
3.3 KiB
C++
////////////////////////////////////////////////////////////////////////////////
|
|
// Copyright 2016 Google Inc.
|
|
//
|
|
// This software is licensed under the terms defined in the Widevine Master
|
|
// License Agreement. For a copy of this agreement, please contact
|
|
// widevine-licensing@google.com.
|
|
////////////////////////////////////////////////////////////////////////////////
|
|
|
|
#include "provisioning_sdk/internal/oem_device_cert.h"
|
|
|
|
#include "gtest/gtest.h"
|
|
#include "provisioning_sdk/internal/certificates/test_certificates.h"
|
|
|
|
namespace widevine {
|
|
|
|
class OemDeviceCertTest : public ::testing::Test {
|
|
protected:
|
|
void SetUp() override {
|
|
ASSERT_TRUE(oem_device_cert_.Initialize(kCertTesting));
|
|
}
|
|
|
|
OemDeviceCert oem_device_cert_;
|
|
TestCertificates test_certificates_;
|
|
};
|
|
|
|
TEST_F(OemDeviceCertTest, EmptyCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
EXPECT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
"", &leaf_public_key, &system_id, &oem_ca_serial_number));
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, InvalidCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
EXPECT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
"invalid certificte chain", &leaf_public_key, &system_id,
|
|
&oem_ca_serial_number));
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, OnlyOneCertificateInCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
EXPECT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
test_certificates_.single_certificate_chain_der(), &leaf_public_key,
|
|
&system_id, &oem_ca_serial_number));
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, ValidCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
ASSERT_TRUE(oem_device_cert_.VerifyCertificateChain(
|
|
test_certificates_.valid_certificate_chain_der(), &leaf_public_key,
|
|
&system_id, &oem_ca_serial_number));
|
|
|
|
std::unique_ptr<RsaPublicKey> public_key(RsaPublicKey::Create(
|
|
test_certificates_.valid_certificate_public_key_der()));
|
|
ASSERT_TRUE(public_key);
|
|
EXPECT_TRUE(leaf_public_key->MatchesPublicKey(*public_key));
|
|
EXPECT_EQ(2001u, system_id);
|
|
EXPECT_EQ("\x1", oem_ca_serial_number);
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, ExpiredCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
ASSERT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
test_certificates_.expired_certificate_chain_der(), &leaf_public_key,
|
|
&system_id, &oem_ca_serial_number));
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, OutOfOrderCertificateChain) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
ASSERT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
test_certificates_.backwards_certificate_chain_der(), &leaf_public_key,
|
|
&system_id, &oem_ca_serial_number));
|
|
}
|
|
|
|
TEST_F(OemDeviceCertTest, CertificateChainNotSignedByRoot) {
|
|
std::unique_ptr<RsaPublicKey> leaf_public_key;
|
|
uint32_t system_id;
|
|
std::string oem_ca_serial_number;
|
|
ASSERT_FALSE(oem_device_cert_.VerifyCertificateChain(
|
|
test_certificates_.invalid_certificate_chain_der(), &leaf_public_key,
|
|
&system_id, &oem_ca_serial_number));
|
|
}
|
|
|
|
} // namespace widevine
|