onc_utils_unittest.cc revision eb525c5499e34cc9c4b825d6d9e75bb07cc06ace 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chromeos/network/onc/onc_utils.h"
6
7#include <string>
8
9#include "base/values.h"
10#include "chromeos/network/onc/onc_signature.h"
11#include "chromeos/network/onc/onc_test_utils.h"
12#include "net/cert/x509_certificate.h"
13#include "net/test/test_certificate_data.h"
14#include "testing/gtest/include/gtest/gtest.h"
15
16namespace chromeos {
17namespace onc {
18
19TEST(ONCDecrypterTest, BrokenEncryptionIterations) {
20  scoped_ptr<base::DictionaryValue> encrypted_onc =
21      test_utils::ReadTestDictionary("broken-encrypted-iterations.onc");
22
23  scoped_ptr<base::DictionaryValue> decrypted_onc =
24      Decrypt("test0000", *encrypted_onc);
25
26  EXPECT_EQ(NULL, decrypted_onc.get());
27}
28
29TEST(ONCDecrypterTest, BrokenEncryptionZeroIterations) {
30  scoped_ptr<base::DictionaryValue> encrypted_onc =
31      test_utils::ReadTestDictionary("broken-encrypted-zero-iterations.onc");
32
33  std::string error;
34  scoped_ptr<base::DictionaryValue> decrypted_onc =
35      Decrypt("test0000", *encrypted_onc);
36
37  EXPECT_EQ(NULL, decrypted_onc.get());
38}
39
40TEST(ONCDecrypterTest, LoadEncryptedOnc) {
41  scoped_ptr<base::DictionaryValue> encrypted_onc =
42      test_utils::ReadTestDictionary("encrypted.onc");
43  scoped_ptr<base::DictionaryValue> expected_decrypted_onc =
44      test_utils::ReadTestDictionary("decrypted.onc");
45
46  std::string error;
47  scoped_ptr<base::DictionaryValue> actual_decrypted_onc =
48      Decrypt("test0000", *encrypted_onc);
49
50  base::DictionaryValue emptyDict;
51  EXPECT_TRUE(test_utils::Equals(expected_decrypted_onc.get(),
52                                 actual_decrypted_onc.get()));
53}
54
55namespace {
56
57const char* kLoginId = "hans";
58const char* kLoginEmail = "hans@my.domain.com";
59
60class StringSubstitutionStub : public StringSubstitution {
61 public:
62  StringSubstitutionStub() {}
63  virtual bool GetSubstitute(std::string placeholder,
64                             std::string* substitute) const OVERRIDE {
65    if (placeholder == substitutes::kLoginIDField)
66      *substitute = kLoginId;
67    else if (placeholder == substitutes::kEmailField)
68      *substitute = kLoginEmail;
69    else
70      return false;
71    return true;
72  }
73 private:
74  DISALLOW_COPY_AND_ASSIGN(StringSubstitutionStub);
75};
76
77}  // namespace
78
79TEST(ONCStringExpansion, OpenVPN) {
80  scoped_ptr<base::DictionaryValue> vpn_onc =
81      test_utils::ReadTestDictionary("valid_openvpn.onc");
82
83  StringSubstitutionStub substitution;
84  ExpandStringsInOncObject(kNetworkConfigurationSignature, substitution,
85                           vpn_onc.get());
86
87  std::string actual_expanded;
88  vpn_onc->GetString("VPN.OpenVPN.Username", &actual_expanded);
89  EXPECT_EQ(actual_expanded, std::string("abc ") + kLoginEmail + " def");
90}
91
92TEST(ONCStringExpansion, WiFi_EAP) {
93  scoped_ptr<base::DictionaryValue> wifi_onc =
94      test_utils::ReadTestDictionary("wifi_clientcert_with_cert_pems.onc");
95
96  StringSubstitutionStub substitution;
97  ExpandStringsInOncObject(kNetworkConfigurationSignature, substitution,
98                           wifi_onc.get());
99
100  std::string actual_expanded;
101  wifi_onc->GetString("WiFi.EAP.Identity", &actual_expanded);
102  EXPECT_EQ(actual_expanded, std::string("abc ") + kLoginId + "@my.domain.com");
103}
104
105TEST(ONCResolveServerCertRefs, ResolveServerCertRefs) {
106  scoped_ptr<base::DictionaryValue> test_cases =
107      test_utils::ReadTestDictionary(
108          "network_configs_with_resolved_certs.json");
109
110  scoped_refptr<net::X509Certificate> google_cert(
111      net::X509Certificate::CreateFromBytes(
112          reinterpret_cast<const char*>(google_der), sizeof(google_der)));
113
114  scoped_refptr<net::X509Certificate> webkit_cert(
115      net::X509Certificate::CreateFromBytes(
116          reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)));
117
118  CertsByGUIDMap certs;
119  certs["cert_google"] = google_cert;
120  certs["cert_webkit"] = webkit_cert;
121
122  for (base::DictionaryValue::Iterator it(*test_cases);
123       !it.IsAtEnd(); it.Advance()) {
124    SCOPED_TRACE("Test case: " + it.key());
125
126    const base::DictionaryValue* test_case = NULL;
127    it.value().GetAsDictionary(&test_case);
128
129    const base::ListValue* networks_with_cert_refs = NULL;
130    test_case->GetList("WithCertRefs", &networks_with_cert_refs);
131
132    const base::ListValue* expected_resolved_onc = NULL;
133    test_case->GetList("WithResolvedRefs", &expected_resolved_onc);
134
135    bool expected_success = (networks_with_cert_refs->GetSize() ==
136                             expected_resolved_onc->GetSize());
137
138    scoped_ptr<base::ListValue> actual_resolved_onc(
139        networks_with_cert_refs->DeepCopy());
140
141    bool success = ResolveServerCertRefsInNetworks(certs,
142                                                   actual_resolved_onc.get());
143    EXPECT_EQ(expected_success, success);
144    EXPECT_TRUE(test_utils::Equals(expected_resolved_onc,
145                                   actual_resolved_onc.get()));
146  }
147}
148
149}  // namespace onc
150}  // namespace chromeos
151