diff options
| -rw-r--r-- | build/BUILD.gn | 6 | ||||
| -rw-r--r-- | cast/common/BUILD.gn | 3 | ||||
| -rw-r--r-- | cast/common/certificate/cast_cert_validator_unittest.cc | 118 | ||||
| -rw-r--r-- | cast/common/certificate/cast_crl_unittest.cc | 12 | ||||
| -rw-r--r-- | cast/receiver/BUILD.gn | 3 | ||||
| -rw-r--r-- | cast/receiver/channel/device_auth_namespace_handler_unittest.cc | 31 | ||||
| -rw-r--r-- | cast/sender/channel/cast_auth_util_unittest.cc | 22 | ||||
| -rw-r--r-- | cast/test/BUILD.gn | 2 | ||||
| -rw-r--r-- | cast/test/device_auth_test.cc | 52 | ||||
| -rw-r--r-- | cast/test/make_crl_tests.cc | 34 | ||||
| -rw-r--r-- | platform/BUILD.gn | 12 | ||||
| -rw-r--r-- | platform/test/paths.h | 16 | ||||
| -rw-r--r-- | platform/test/paths_internal.h | 12 | ||||
| -rw-r--r-- | platform/test/paths_internal_linux.cc | 24 | ||||
| -rw-r--r-- | platform/test/paths_internal_mac.cc | 28 | ||||
| -rw-r--r-- | platform/test/paths_posix.cc | 39 |
16 files changed, 300 insertions, 114 deletions
diff --git a/build/BUILD.gn b/build/BUILD.gn index ecf3b818..a5378836 100644 --- a/build/BUILD.gn +++ b/build/BUILD.gn @@ -8,12 +8,12 @@ # files to be included, or for multiple sets of default configs to be toggled # on a single target type (e.g. source_set, static_library) config("openscreen_include_dirs") { - openscreen_root = get_path_info("../", "abspath") + openscreen_root = rebase_path("../", "//") - defines = [ "OPENSCREEN_TEST_DATA_DIR=\".${openscreen_root}test/data/\"" ] + defines = [ "OPENSCREEN_TEST_DATA_DIR=\"${openscreen_root}test/data/\"" ] include_dirs = [ - "$openscreen_root", + "//$openscreen_root", "$root_gen_dir/$openscreen_root", ] } diff --git a/cast/common/BUILD.gn b/cast/common/BUILD.gn index f753198c..ca3d763c 100644 --- a/cast/common/BUILD.gn +++ b/cast/common/BUILD.gn @@ -140,6 +140,7 @@ source_set("unittests") { ":public", ":test_helpers", "../../platform", + "../../platform:test", "../../testing/util", "../../third_party/boringssl", "../../third_party/googletest:gmock", @@ -150,7 +151,7 @@ source_set("unittests") { ] data = [ - "../../test/data/cast/common/certificate", + "../../test/data/cast/common/certificate/", ] } diff --git a/cast/common/certificate/cast_cert_validator_unittest.cc b/cast/common/certificate/cast_cert_validator_unittest.cc index 41700a50..f7e21d84 100644 --- a/cast/common/certificate/cast_cert_validator_unittest.cc +++ b/cast/common/certificate/cast_cert_validator_unittest.cc @@ -11,6 +11,7 @@ #include "cast/common/certificate/testing/test_helpers.h" #include "gtest/gtest.h" #include "openssl/pem.h" +#include "platform/test/paths.h" namespace openscreen { namespace cast { @@ -153,7 +154,11 @@ DateTime MarchFirst2037() { return CreateDate(2037, 3, 1); } -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "/cast/common/certificate/" +const std::string& GetSpecificTestDataPath() { + static std::string data_path = + GetTestDataPath() + "/cast/common/certificate/"; + return data_path; +} // Tests verifying a valid certificate chain of length 2: // @@ -163,11 +168,12 @@ DateTime MarchFirst2037() { // Chains to trust anchor: // Eureka Root CA (built-in trust store) TEST(VerifyCastDeviceCertTest, ChromecastGen1) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "2ZZBG9 FA8FCA3EF91A", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/chromecast_gen1.pem", AprilFirst2016(), + data_path + "certificates/chromecast_gen1.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, - TEST_DATA_PREFIX "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); + data_path + "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); } // Tests verifying a valid certificate chain of length 2: @@ -178,11 +184,12 @@ TEST(VerifyCastDeviceCertTest, ChromecastGen1) { // Chains to trust anchor: // Cast Root CA (built-in trust store) TEST(VerifyCastDeviceCertTest, ChromecastGen1Reissue) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "2ZZBG9 FA8FCA3EF91A", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/chromecast_gen1_reissue.pem", + data_path + "certificates/chromecast_gen1_reissue.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, - TEST_DATA_PREFIX "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); + data_path + "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); } // Tests verifying a valid certificate chain of length 2: @@ -193,9 +200,10 @@ TEST(VerifyCastDeviceCertTest, ChromecastGen1Reissue) { // Chains to trust anchor: // Cast Root CA (built-in trust store) TEST(VerifyCastDeviceCertTest, ChromecastGen2) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "3ZZAK6 FA8FCA3F0D35", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/chromecast_gen2.pem", AprilFirst2016(), + data_path + "certificates/chromecast_gen2.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, ""); } @@ -208,9 +216,10 @@ TEST(VerifyCastDeviceCertTest, ChromecastGen2) { // Chains to trust anchor: // Cast Root CA (built-in trust store) TEST(VerifyCastDeviceCertTest, Fugu) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "-6394818897508095075", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/fugu.pem", AprilFirst2016(), + data_path + "certificates/fugu.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, ""); } @@ -223,9 +232,10 @@ TEST(VerifyCastDeviceCertTest, Fugu) { // // This is invalid because it does not chain to a trust anchor. TEST(VerifyCastDeviceCertTest, Unchained) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kErrCertsVerifyGeneric, "", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/unchained.pem", AprilFirst2016(), + data_path + "certificates/unchained.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, ""); } @@ -240,9 +250,10 @@ TEST(VerifyCastDeviceCertTest, Unchained) { // trust anchors after all) it fails the test as it is not a *device // certificate*. TEST(VerifyCastDeviceCertTest, CastRootCa) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kErrCertsRestrictions, "", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/cast_root_ca.pem", AprilFirst2016(), + data_path + "certificates/cast_root_ca.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, ""); } @@ -257,10 +268,11 @@ TEST(VerifyCastDeviceCertTest, CastRootCa) { // This device certificate has a policy that means it is valid only for audio // devices. TEST(VerifyCastDeviceCertTest, ChromecastAudio) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "4ZZDZJ FA8FCA7EFE3C", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/chromecast_audio.pem", - AprilFirst2016(), TRUST_STORE_BUILTIN, ""); + data_path + "certificates/chromecast_audio.pem", AprilFirst2016(), + TRUST_STORE_BUILTIN, ""); } // Tests verifying a valid certificate chain of length 3: @@ -275,9 +287,10 @@ TEST(VerifyCastDeviceCertTest, ChromecastAudio) { // This device certificate has a policy that means it is valid only for audio // devices. TEST(VerifyCastDeviceCertTest, MtkAudioDev) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "MediaTek Audio Dev Test", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/mtk_audio_dev.pem", JanuaryFirst2015(), + data_path + "certificates/mtk_audio_dev.pem", JanuaryFirst2015(), TRUST_STORE_BUILTIN, ""); } @@ -289,31 +302,33 @@ TEST(VerifyCastDeviceCertTest, MtkAudioDev) { // Chains to trust anchor: // Cast Root CA (built-in trust store) TEST(VerifyCastDeviceCertTest, Vizio) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "9V0000VB FA8FCA784D01", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/vizio.pem", AprilFirst2016(), + data_path + "certificates/vizio.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, ""); } // Tests verifying a valid certificate chain of length 2 using expired // time points. TEST(VerifyCastDeviceCertTest, ChromecastGen2InvalidTime) { - const char* kCertsFile = TEST_DATA_PREFIX "certificates/chromecast_gen2.pem"; + const std::string certs_file = + GetSpecificTestDataPath() + "certificates/chromecast_gen2.pem"; // Control test - certificate should be valid at some time otherwise // this test is pointless. RunTest(Error::Code::kNone, "3ZZAK6 FA8FCA3F0D35", - CastDeviceCertPolicy::kUnrestricted, kCertsFile, AprilFirst2016(), + CastDeviceCertPolicy::kUnrestricted, certs_file, AprilFirst2016(), TRUST_STORE_BUILTIN, ""); // Use a time before notBefore. RunTest(Error::Code::kErrCertsDateInvalid, "", - CastDeviceCertPolicy::kUnrestricted, kCertsFile, JanuaryFirst2015(), + CastDeviceCertPolicy::kUnrestricted, certs_file, JanuaryFirst2015(), TRUST_STORE_BUILTIN, ""); // Use a time after notAfter. RunTest(Error::Code::kErrCertsDateInvalid, "", - CastDeviceCertPolicy::kUnrestricted, kCertsFile, MarchFirst2037(), + CastDeviceCertPolicy::kUnrestricted, certs_file, MarchFirst2037(), TRUST_STORE_BUILTIN, ""); } @@ -329,11 +344,12 @@ TEST(VerifyCastDeviceCertTest, ChromecastGen2InvalidTime) { // This device certificate has a policy that means it is valid only for audio // devices. TEST(VerifyCastDeviceCertTest, AudioRefDevTestChain3) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Audio Reference Dev Test", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/audio_ref_dev_test_chain_3.pem", + data_path + "certificates/audio_ref_dev_test_chain_3.pem", AprilFirst2016(), TRUST_STORE_BUILTIN, - TEST_DATA_PREFIX "signeddata/AudioReferenceDevTest.pem"); + data_path + "signeddata/AudioReferenceDevTest.pem"); } // TODO(btolsch): This won't work by default with boringssl, so do we want to @@ -373,10 +389,11 @@ TEST(VerifyCastDeviceCertTest, IntermediateSerialNumberTooLong) { // Chains to trust anchor: // Expired CastRoot (provided by test data) TEST(VerifyCastDeviceCertTest, ExpiredTrustAnchor) { + std::string data_path = GetSpecificTestDataPath(); // The root certificate is only valid in 2015, so validating with a time in // 2016 means it is expired. RunTest(Error::Code::kNone, "CastDevice", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/expired_root.pem", AprilFirst2016(), + data_path + "certificates/expired_root.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -394,10 +411,11 @@ TEST(VerifyCastDeviceCertTest, ExpiredTrustAnchor) { // Chains to trust anchor: // Root (provided by test data; has pathlen=1 constraint) TEST(VerifyCastDeviceCertTest, ViolatesPathlenTrustAnchorConstraint) { + std::string data_path = GetSpecificTestDataPath(); // Test that the chain verification fails due to the pathlen constraint. RunTest(Error::Code::kErrCertsPathlen, "Target", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/violates_root_pathlen_constraint.pem", + data_path + "certificates/violates_root_pathlen_constraint.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -407,9 +425,9 @@ TEST(VerifyCastDeviceCertTest, ViolatesPathlenTrustAnchorConstraint) { // Intermediate: policies={anyPolicy} // Leaf: policies={anyPolicy} TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAnypolicy) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX - "certificates/policies_ica_anypolicy_leaf_anypolicy.pem", + data_path + "certificates/policies_ica_anypolicy_leaf_anypolicy.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -419,9 +437,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAnypolicy) { // Intermediate: policies={anyPolicy} // Leaf: policies={audioOnly} TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAudioonly) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX - "certificates/policies_ica_anypolicy_leaf_audioonly.pem", + data_path + "certificates/policies_ica_anypolicy_leaf_audioonly.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -431,8 +449,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafAudioonly) { // Intermediate: policies={anyPolicy} // Leaf: policies={foo} TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafFoo) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/policies_ica_anypolicy_leaf_foo.pem", + data_path + "certificates/policies_ica_anypolicy_leaf_foo.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -442,8 +461,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafFoo) { // Intermediate: policies={anyPolicy} // Leaf: policies={} TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafNone) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/policies_ica_anypolicy_leaf_none.pem", + data_path + "certificates/policies_ica_anypolicy_leaf_none.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -453,9 +473,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAnypolicyLeafNone) { // Intermediate: policies={audioOnly} // Leaf: policies={anyPolicy} TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAnypolicy) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX - "certificates/policies_ica_audioonly_leaf_anypolicy.pem", + data_path + "certificates/policies_ica_audioonly_leaf_anypolicy.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -465,9 +485,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAnypolicy) { // Intermediate: policies={audioOnly} // Leaf: policies={audioOnly} TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAudioonly) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX - "certificates/policies_ica_audioonly_leaf_audioonly.pem", + data_path + "certificates/policies_ica_audioonly_leaf_audioonly.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -477,8 +497,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafAudioonly) { // Intermediate: policies={audioOnly} // Leaf: policies={foo} TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafFoo) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/policies_ica_audioonly_leaf_foo.pem", + data_path + "certificates/policies_ica_audioonly_leaf_foo.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -488,8 +509,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafFoo) { // Intermediate: policies={audioOnly} // Leaf: policies={} TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafNone) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/policies_ica_audioonly_leaf_none.pem", + data_path + "certificates/policies_ica_audioonly_leaf_none.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -499,8 +521,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaAudioonlyLeafNone) { // Intermediate: policies={} // Leaf: policies={anyPolicy} TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAnypolicy) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/policies_ica_none_leaf_anypolicy.pem", + data_path + "certificates/policies_ica_none_leaf_anypolicy.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -510,8 +533,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAnypolicy) { // Intermediate: policies={} // Leaf: policies={audioOnly} TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAudioonly) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kAudioOnly, - TEST_DATA_PREFIX "certificates/policies_ica_none_leaf_audioonly.pem", + data_path + "certificates/policies_ica_none_leaf_audioonly.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -521,8 +545,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafAudioonly) { // Intermediate: policies={} // Leaf: policies={foo} TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafFoo) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/policies_ica_none_leaf_foo.pem", + data_path + "certificates/policies_ica_none_leaf_foo.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -532,8 +557,9 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafFoo) { // Intermediate: policies={} // Leaf: policies={} TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafNone) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Leaf", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/policies_ica_none_leaf_none.pem", + data_path + "certificates/policies_ica_none_leaf_none.pem", AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -541,29 +567,32 @@ TEST(VerifyCastDeviceCertTest, PoliciesIcaNoneLeafNone) { // 1024-bit RSA key. Verification should fail since the target's key is // too weak. TEST(VerifyCastDeviceCertTest, DeviceCertHas1024BitRsaKey) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kErrCertsVerifyGeneric, "RSA 1024 Device Cert", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/rsa1024_device_cert.pem", - AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, ""); + data_path + "certificates/rsa1024_device_cert.pem", AprilFirst2016(), + TRUST_STORE_FROM_TEST_FILE, ""); } // Tests verifying a certificate chain where the leaf certificate has a // 2048-bit RSA key, and then verifying signed data (both SHA1 and SHA256) // for it. TEST(VerifyCastDeviceCertTest, DeviceCertHas2048BitRsaKey) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "RSA 2048 Device Cert", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/rsa2048_device_cert.pem", - AprilFirst2016(), TRUST_STORE_FROM_TEST_FILE, - TEST_DATA_PREFIX "signeddata/rsa2048_device_cert_data.pem"); + data_path + "certificates/rsa2048_device_cert.pem", AprilFirst2016(), + TRUST_STORE_FROM_TEST_FILE, + data_path + "signeddata/rsa2048_device_cert_data.pem"); } // Tests verifying a certificate chain where an intermediate certificate has a // nameConstraints extension but the leaf certificate is still permitted under // these constraints. TEST(VerifyCastDeviceCertTest, NameConstraintsObeyed) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kNone, "Device", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/nc.pem", AprilFirst2020(), + data_path + "certificates/nc.pem", AprilFirst2020(), TRUST_STORE_FROM_TEST_FILE, ""); } @@ -571,9 +600,10 @@ TEST(VerifyCastDeviceCertTest, NameConstraintsObeyed) { // nameConstraints extension and the leaf certificate is not permitted under // these constraints. TEST(VerifyCastDeviceCertTest, NameConstraintsViolated) { + std::string data_path = GetSpecificTestDataPath(); RunTest(Error::Code::kErrCertsVerifyGeneric, "Device", CastDeviceCertPolicy::kUnrestricted, - TEST_DATA_PREFIX "certificates/nc_fail.pem", AprilFirst2020(), + data_path + "certificates/nc_fail.pem", AprilFirst2020(), TRUST_STORE_FROM_TEST_FILE, ""); } diff --git a/cast/common/certificate/cast_crl_unittest.cc b/cast/common/certificate/cast_crl_unittest.cc index 81c0030f..39e72724 100644 --- a/cast/common/certificate/cast_crl_unittest.cc +++ b/cast/common/certificate/cast_crl_unittest.cc @@ -9,6 +9,7 @@ #include "cast/common/certificate/proto/test_suite.pb.h" #include "cast/common/certificate/testing/test_helpers.h" #include "gtest/gtest.h" +#include "platform/test/paths.h" #include "testing/util/read_file.h" #include "util/logging.h" @@ -89,16 +90,19 @@ bool TestVerifyRevocation(Error::Code expected_result, return expected_result == result.code(); } -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "cast/common/certificate/" +const std::string& GetSpecificTestDataPath() { + static std::string data_path = GetTestDataPath() + "cast/common/certificate/"; + return data_path; +} bool RunTest(const DeviceCertTest& test_case) { std::unique_ptr<TrustStore> crl_trust_store; std::unique_ptr<TrustStore> cast_trust_store; if (test_case.use_test_trust_anchors()) { crl_trust_store = testing::CreateTrustStoreFromPemFile( - TEST_DATA_PREFIX "certificates/cast_crl_test_root_ca.pem"); + GetSpecificTestDataPath() + "certificates/cast_crl_test_root_ca.pem"); cast_trust_store = testing::CreateTrustStoreFromPemFile( - TEST_DATA_PREFIX "certificates/cast_test_root_ca.pem"); + GetSpecificTestDataPath() + "certificates/cast_test_root_ca.pem"); EXPECT_FALSE(crl_trust_store->certs.empty()); EXPECT_FALSE(cast_trust_store->certs.empty()); @@ -190,7 +194,7 @@ void RunTestSuite(const std::string& test_suite_file_name) { } TEST(CastCertificateTest, TestSuite1) { - RunTestSuite(TEST_DATA_PREFIX "testsuite/testsuite1.pb"); + RunTestSuite(GetSpecificTestDataPath() + "testsuite/testsuite1.pb"); } } // namespace diff --git a/cast/receiver/BUILD.gn b/cast/receiver/BUILD.gn index f62bf78d..c6201dce 100644 --- a/cast/receiver/BUILD.gn +++ b/cast/receiver/BUILD.gn @@ -53,6 +53,7 @@ source_set("unittests") { deps = [ ":channel", ":test_helpers", + "../../platform:test", "../../testing/util", "../../third_party/googletest:gmock", "../../third_party/googletest:gtest", @@ -61,6 +62,6 @@ source_set("unittests") { ] data = [ - "../../test/data/cast/receiver/channel", + "../../test/data/cast/receiver/channel/", ] } diff --git a/cast/receiver/channel/device_auth_namespace_handler_unittest.cc b/cast/receiver/channel/device_auth_namespace_handler_unittest.cc index 698cbd54..bbd5f5fa 100644 --- a/cast/receiver/channel/device_auth_namespace_handler_unittest.cc +++ b/cast/receiver/channel/device_auth_namespace_handler_unittest.cc @@ -14,6 +14,7 @@ #include "cast/receiver/channel/testing/device_auth_test_helpers.h" #include "gmock/gmock.h" #include "gtest/gtest.h" +#include "platform/test/paths.h" #include "testing/util/read_file.h" namespace openscreen { @@ -29,6 +30,11 @@ using ::testing::_; using ::testing::ElementsAreArray; using ::testing::Invoke; +const std::string& GetSpecificTestDataPath() { + static std::string data_path = GetTestDataPath() + "cast/receiver/channel/"; + return data_path; +} + class DeviceAuthNamespaceHandlerTest : public ::testing::Test { public: void SetUp() override { @@ -39,6 +45,7 @@ class DeviceAuthNamespaceHandlerTest : public ::testing::Test { } protected: + const std::string& data_path_{GetSpecificTestDataPath()}; FakeCastSocketPair fake_cast_socket_pair_; MockSocketErrorHandler mock_error_handler_; CastSocket* socket_; @@ -49,8 +56,6 @@ class DeviceAuthNamespaceHandlerTest : public ::testing::Test { DeviceAuthNamespaceHandler auth_handler_{&creds_}; }; -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "cast/receiver/channel/" - // The tests in this file use a pre-recorded AuthChallenge as input and a // matching pre-recorded AuthResponse for verification. This is to make it // easier to keep sender and receiver code separate, because the code that would @@ -69,14 +74,14 @@ class DeviceAuthNamespaceHandlerTest : public ::testing::Test { TEST_F(DeviceAuthNamespaceHandlerTest, AuthResponse) { InitStaticCredentialsFromFiles( - &creds_, nullptr, nullptr, TEST_DATA_PREFIX "device_key.pem", - TEST_DATA_PREFIX "device_chain.pem", TEST_DATA_PREFIX "device_tls.pem"); + &creds_, nullptr, nullptr, data_path_ + "device_key.pem", + data_path_ + "device_chain.pem", data_path_ + "device_tls.pem"); // Send an auth challenge. |auth_handler_| will automatically respond via // |router_| and we will catch the result in |challenge_reply|. CastMessage auth_challenge; const std::string auth_challenge_string = - ReadEntireFileToString(TEST_DATA_PREFIX "auth_challenge.pb"); + ReadEntireFileToString(data_path_ + "auth_challenge.pb"); ASSERT_TRUE(auth_challenge.ParseFromString(auth_challenge_string)); CastMessage challenge_reply; @@ -90,7 +95,7 @@ TEST_F(DeviceAuthNamespaceHandlerTest, AuthResponse) { .ok()); const std::string auth_response_string = - ReadEntireFileToString(TEST_DATA_PREFIX "auth_response.pb"); + ReadEntireFileToString(data_path_ + "auth_response.pb"); AuthResponse expected_auth_response; ASSERT_TRUE(expected_auth_response.ParseFromString(auth_response_string)); @@ -120,14 +125,14 @@ TEST_F(DeviceAuthNamespaceHandlerTest, AuthResponse) { TEST_F(DeviceAuthNamespaceHandlerTest, BadNonce) { InitStaticCredentialsFromFiles( - &creds_, nullptr, nullptr, TEST_DATA_PREFIX "device_key.pem", - TEST_DATA_PREFIX "device_chain.pem", TEST_DATA_PREFIX "device_tls.pem"); + &creds_, nullptr, nullptr, data_path_ + "device_key.pem", + data_path_ + "device_chain.pem", data_path_ + "device_tls.pem"); // Send an auth challenge. |auth_handler_| will automatically respond via // |router_| and we will catch the result in |challenge_reply|. CastMessage auth_challenge; const std::string auth_challenge_string = - ReadEntireFileToString(TEST_DATA_PREFIX "auth_challenge.pb"); + ReadEntireFileToString(data_path_ + "auth_challenge.pb"); ASSERT_TRUE(auth_challenge.ParseFromString(auth_challenge_string)); // Change the nonce to be different from what was used to record the correct @@ -154,7 +159,7 @@ TEST_F(DeviceAuthNamespaceHandlerTest, BadNonce) { .ok()); const std::string auth_response_string = - ReadEntireFileToString(TEST_DATA_PREFIX "auth_response.pb"); + ReadEntireFileToString(data_path_ + "auth_response.pb"); AuthResponse expected_auth_response; ASSERT_TRUE(expected_auth_response.ParseFromString(auth_response_string)); @@ -173,14 +178,14 @@ TEST_F(DeviceAuthNamespaceHandlerTest, BadNonce) { TEST_F(DeviceAuthNamespaceHandlerTest, UnsupportedSignatureAlgorithm) { InitStaticCredentialsFromFiles( - &creds_, nullptr, nullptr, TEST_DATA_PREFIX "device_key.pem", - TEST_DATA_PREFIX "device_chain.pem", TEST_DATA_PREFIX "device_tls.pem"); + &creds_, nullptr, nullptr, data_path_ + "device_key.pem", + data_path_ + "device_chain.pem", data_path_ + "device_tls.pem"); // Send an auth challenge. |auth_handler_| will automatically respond via // |router_| and we will catch the result in |challenge_reply|. CastMessage auth_challenge; const std::string auth_challenge_string = - ReadEntireFileToString(TEST_DATA_PREFIX "auth_challenge.pb"); + ReadEntireFileToString(data_path_ + "auth_challenge.pb"); ASSERT_TRUE(auth_challenge.ParseFromString(auth_challenge_string)); // Change the signature algorithm an unsupported value. diff --git a/cast/sender/channel/cast_auth_util_unittest.cc b/cast/sender/channel/cast_auth_util_unittest.cc index 0b76c18b..51e4e338 100644 --- a/cast/sender/channel/cast_auth_util_unittest.cc +++ b/cast/sender/channel/cast_auth_util_unittest.cc @@ -13,6 +13,7 @@ #include "cast/common/channel/proto/cast_channel.pb.h" #include "gtest/gtest.h" #include "platform/api/time.h" +#include "platform/test/paths.h" #include "testing/util/read_file.h" #include "util/logging.h" @@ -107,7 +108,10 @@ bool ConvertTimeSeconds(const DateTime& time, uint64_t* seconds) { return true; } -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "cast/common/certificate/" +const std::string& GetSpecificTestDataPath() { + static std::string data_path = GetTestDataPath() + "cast/common/certificate/"; + return data_path; +} class CastAuthUtilTest : public ::testing::Test { public: @@ -121,11 +125,11 @@ class CastAuthUtilTest : public ::testing::Test { std::vector<uint8_t>* signed_data, ::cast::channel::HashAlgorithm digest_algorithm) { std::vector<std::string> chain = testing::ReadCertificatesFromPemFile( - TEST_DATA_PREFIX "certificates/chromecast_gen1.pem"); + GetSpecificTestDataPath() + "certificates/chromecast_gen1.pem"); OSP_CHECK(!chain.empty()); testing::SignatureTestData signatures = testing::ReadSignatureTestData( - TEST_DATA_PREFIX "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); + GetSpecificTestDataPath() + "signeddata/2ZZBG9_FA8FCA3EF91A.pem"); AuthResponse response; @@ -161,6 +165,8 @@ class CastAuthUtilTest : public ::testing::Test { static void MangleData(std::vector<uint8_t>* data) { (*data)[0] = ~(*data)[0]; } + + const std::string& data_path_{GetSpecificTestDataPath()}; }; // Note on expiration: VerifyCredentials() depends on the system clock. In @@ -287,7 +293,7 @@ TEST_F(CastAuthUtilTest, VerifySenderNonceMissing) { TEST_F(CastAuthUtilTest, VerifyTLSCertificateSuccess) { std::vector<std::string> tls_cert_der = testing::ReadCertificatesFromPemFile( - TEST_DATA_PREFIX "certificates/test_tls_cert.pem"); + data_path_ + "certificates/test_tls_cert.pem"); std::string& der_cert = tls_cert_der[0]; const uint8_t* data = (const uint8_t*)der_cert.data(); X509* tls_cert = d2i_X509(nullptr, &data, der_cert.size()); @@ -305,7 +311,7 @@ TEST_F(CastAuthUtilTest, VerifyTLSCertificateSuccess) { TEST_F(CastAuthUtilTest, VerifyTLSCertificateTooEarly) { std::vector<std::string> tls_cert_der = testing::ReadCertificatesFromPemFile( - TEST_DATA_PREFIX "certificates/test_tls_cert.pem"); + data_path_ + "certificates/test_tls_cert.pem"); std::string& der_cert = tls_cert_der[0]; const uint8_t* data = (const uint8_t*)der_cert.data(); X509* tls_cert = d2i_X509(nullptr, &data, der_cert.size()); @@ -326,7 +332,7 @@ TEST_F(CastAuthUtilTest, VerifyTLSCertificateTooEarly) { TEST_F(CastAuthUtilTest, VerifyTLSCertificateTooLate) { std::vector<std::string> tls_cert_der = testing::ReadCertificatesFromPemFile( - TEST_DATA_PREFIX "certificates/test_tls_cert.pem"); + data_path_ + "certificates/test_tls_cert.pem"); std::string& der_cert = tls_cert_der[0]; const uint8_t* data = (const uint8_t*)der_cert.data(); X509* tls_cert = d2i_X509(nullptr, &data, der_cert.size()); @@ -390,9 +396,9 @@ bool RunTest(const DeviceCertTest& test_case) { std::unique_ptr<TrustStore> cast_trust_store; if (test_case.use_test_trust_anchors()) { crl_trust_store = testing::CreateTrustStoreFromPemFile( - TEST_DATA_PREFIX "certificates/cast_crl_test_root_ca.pem"); + GetSpecificTestDataPath() + "certificates/cast_crl_test_root_ca.pem"); cast_trust_store = testing::CreateTrustStoreFromPemFile( - TEST_DATA_PREFIX "certificates/cast_test_root_ca.pem"); + GetSpecificTestDataPath() + "certificates/cast_test_root_ca.pem"); EXPECT_FALSE(crl_trust_store->certs.empty()); EXPECT_FALSE(cast_trust_store->certs.empty()); diff --git a/cast/test/BUILD.gn b/cast/test/BUILD.gn index 83950d2f..67bae8ab 100644 --- a/cast/test/BUILD.gn +++ b/cast/test/BUILD.gn @@ -11,6 +11,7 @@ source_set("unittests") { ] deps = [ + "../../platform:test", "../../testing/util", "../../third_party/googletest:gmock", "../../third_party/googletest:gtest", @@ -52,6 +53,7 @@ if (is_posix && !build_with_chromium) { ] deps = [ + "../../platform:test", "../../third_party/boringssl", "../../util", "../common:test_helpers", diff --git a/cast/test/device_auth_test.cc b/cast/test/device_auth_test.cc index cce3fd2b..e1259308 100644 --- a/cast/test/device_auth_test.cc +++ b/cast/test/device_auth_test.cc @@ -16,6 +16,7 @@ #include "cast/sender/channel/cast_auth_util.h" #include "cast/sender/channel/message_util.h" #include "gtest/gtest.h" +#include "platform/test/paths.h" #include "testing/util/read_file.h" namespace openscreen { @@ -28,7 +29,10 @@ using ::cast::channel::DeviceAuthMessage; using ::testing::_; using ::testing::Invoke; -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "cast/receiver/channel/" +const std::string& GetSpecificTestDataPath() { + static std::string data_path = GetTestDataPath() + "cast/receiver/channel/"; + return data_path; +} class DeviceAuthTest : public ::testing::Test { public: @@ -46,10 +50,9 @@ class DeviceAuthTest : public ::testing::Test { bool record_this_test = false) { bssl::UniquePtr<X509> parsed_cert; TrustStore fake_trust_store; - InitStaticCredentialsFromFiles(&creds_, &parsed_cert, &fake_trust_store, - TEST_DATA_PREFIX "device_key.pem", - TEST_DATA_PREFIX "device_chain.pem", - TEST_DATA_PREFIX "device_tls.pem"); + InitStaticCredentialsFromFiles( + &creds_, &parsed_cert, &fake_trust_store, data_path_ + "device_key.pem", + data_path_ + "device_chain.pem", data_path_ + "device_tls.pem"); creds_.device_creds.serialized_crl = std::move(serialized_crl); // Send an auth challenge. |auth_handler_| will automatically respond @@ -68,7 +71,8 @@ class DeviceAuthTest : public ::testing::Test { ASSERT_FALSE(auth_message.has_error()); ASSERT_TRUE(auth_challenge.SerializeToString(&output)); - FILE* fd = fopen(TEST_DATA_PREFIX "auth_challenge.pb", "wb"); + const std::string pb_path = data_path_ + "auth_challenge.pb"; + FILE* fd = fopen(pb_path.c_str(), "wb"); ASSERT_TRUE(fd); ASSERT_EQ(fwrite(output.data(), 1, output.size(), fd), output.size()); fclose(fd); @@ -95,7 +99,8 @@ class DeviceAuthTest : public ::testing::Test { ASSERT_FALSE(auth_message.has_error()); ASSERT_TRUE(auth_message.response().SerializeToString(&output)); - FILE* fd = fopen(TEST_DATA_PREFIX "auth_response.pb", "wb"); + const std::string pb_path = data_path_ + "auth_response.pb"; + FILE* fd = fopen(pb_path.c_str(), "wb"); ASSERT_TRUE(fd); ASSERT_EQ(fwrite(output.data(), 1, output.size(), fd), output.size()); fclose(fd); @@ -114,6 +119,7 @@ class DeviceAuthTest : public ::testing::Test { EXPECT_EQ(error_or_policy.is_value(), should_succeed); } + const std::string& data_path_{GetSpecificTestDataPath()}; FakeCastSocketPair fake_cast_socket_pair_; MockSocketErrorHandler mock_error_handler_; CastSocket* socket_; @@ -137,59 +143,59 @@ TEST_F(DeviceAuthTest, AuthIntegration) { TEST_F(DeviceAuthTest, GoodCrl) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "good_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "good_crl.pb"), fake_crl_trust_store.get()); } TEST_F(DeviceAuthTest, InvalidCrlTime) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "invalid_time_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "invalid_time_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, IssuerRevoked) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "issuer_revoked_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "issuer_revoked_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, DeviceRevoked) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "device_revoked_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "device_revoked_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, IssuerSerialRevoked) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); RunAuthTest( - ReadEntireFileToString(TEST_DATA_PREFIX "issuer_serial_revoked_crl.pb"), + ReadEntireFileToString(data_path_ + "issuer_serial_revoked_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, DeviceSerialRevoked) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); RunAuthTest( - ReadEntireFileToString(TEST_DATA_PREFIX "device_serial_revoked_crl.pb"), + ReadEntireFileToString(data_path_ + "device_serial_revoked_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, BadCrlSignerCert) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "bad_signer_cert_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "bad_signer_cert_crl.pb"), fake_crl_trust_store.get(), false); } TEST_F(DeviceAuthTest, BadCrlSignature) { std::unique_ptr<TrustStore> fake_crl_trust_store = - testing::CreateTrustStoreFromPemFile(TEST_DATA_PREFIX "crl_root.pem"); - RunAuthTest(ReadEntireFileToString(TEST_DATA_PREFIX "bad_signature_crl.pb"), + testing::CreateTrustStoreFromPemFile(data_path_ + "crl_root.pem"); + RunAuthTest(ReadEntireFileToString(data_path_ + "bad_signature_crl.pb"), fake_crl_trust_store.get(), false); } diff --git a/cast/test/make_crl_tests.cc b/cast/test/make_crl_tests.cc index f086f844..2fddb883 100644 --- a/cast/test/make_crl_tests.cc +++ b/cast/test/make_crl_tests.cc @@ -8,13 +8,12 @@ #include "cast/common/certificate/cast_crl.h" #include "cast/common/certificate/testing/test_helpers.h" #include "cast/common/certificate/types.h" +#include "platform/test/paths.h" #include "util/crypto/certificate_utils.h" #include "util/crypto/digest_sign.h" #include "util/crypto/sha2.h" #include "util/logging.h" -#define TEST_DATA_PREFIX OPENSCREEN_TEST_DATA_DIR "cast/receiver/channel/" - namespace openscreen { namespace cast { namespace { @@ -68,7 +67,7 @@ TbsCrl MakeTbsCrl(uint64_t not_before, // Pack into a CrlBundle and sign with |crl_inter_key|. |crl_inter_der| must be // directly signed by a Cast CRL root CA (possibly distinct from Cast root CA). -void PackCrlIntoFile(const char* filename, +void PackCrlIntoFile(const std::string& filename, const TbsCrl& tbs_crl, const std::string& crl_inter_der, EVP_PKEY* crl_inter_key) { @@ -87,24 +86,25 @@ void PackCrlIntoFile(const char* filename, std::string output; crl_bundle.SerializeToString(&output); - int fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0644); + int fd = open(filename.c_str(), O_WRONLY | O_CREAT | O_TRUNC, 0644); OSP_DCHECK_GE(fd, 0); OSP_DCHECK_EQ(write(fd, output.data(), output.size()), (int)output.size()); close(fd); } int CastMain() { + const std::string data_path = GetTestDataPath() + "cast/receiver/channel/"; bssl::UniquePtr<EVP_PKEY> inter_key = - testing::ReadKeyFromPemFile(TEST_DATA_PREFIX "inter_key.pem"); + testing::ReadKeyFromPemFile(data_path + "inter_key.pem"); bssl::UniquePtr<EVP_PKEY> crl_inter_key = - testing::ReadKeyFromPemFile(TEST_DATA_PREFIX "crl_inter_key.pem"); + testing::ReadKeyFromPemFile(data_path + "crl_inter_key.pem"); OSP_DCHECK(inter_key); OSP_DCHECK(crl_inter_key); std::vector<std::string> chain_der = - testing::ReadCertificatesFromPemFile(TEST_DATA_PREFIX "device_chain.pem"); + testing::ReadCertificatesFromPemFile(data_path + "device_chain.pem"); std::vector<std::string> crl_inter_der = - testing::ReadCertificatesFromPemFile(TEST_DATA_PREFIX "crl_inter.pem"); + testing::ReadCertificatesFromPemFile(data_path + "crl_inter.pem"); OSP_DCHECK_EQ(chain_der.size(), 3u); OSP_DCHECK_EQ(crl_inter_der.size(), 1u); @@ -140,7 +140,7 @@ int CastMain() { std::chrono::seconds not_after = DateTimeToSeconds(july2020); TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "good_crl.pb", tbs_crl, crl_inter_der[0], + PackCrlIntoFile(data_path + "good_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); // NOTE: CRL used outside its valid time range. @@ -152,7 +152,7 @@ int CastMain() { std::chrono::seconds not_after = DateTimeToSeconds(august2019); TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "invalid_time_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "invalid_time_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); } @@ -161,7 +161,7 @@ int CastMain() { TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); AddRevokedPublicKeyHash(&tbs_crl, inter_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "issuer_revoked_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "issuer_revoked_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); } @@ -170,7 +170,7 @@ int CastMain() { TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); AddRevokedPublicKeyHash(&tbs_crl, device_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "device_revoked_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "device_revoked_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); } @@ -185,7 +185,7 @@ int CastMain() { OSP_DCHECK_GE(serial, 10); OSP_DCHECK_LE(serial, UINT64_MAX - 20); AddSerialNumberRange(&tbs_crl, root_cert.get(), serial - 10, serial + 20); - PackCrlIntoFile(TEST_DATA_PREFIX "issuer_serial_revoked_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "issuer_serial_revoked_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); } @@ -200,7 +200,7 @@ int CastMain() { OSP_DCHECK_GE(serial, 10); OSP_DCHECK_LE(serial, UINT64_MAX - 20); AddSerialNumberRange(&tbs_crl, inter_cert.get(), serial - 10, serial + 20); - PackCrlIntoFile(TEST_DATA_PREFIX "device_serial_revoked_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "device_serial_revoked_crl.pb", tbs_crl, crl_inter_der[0], crl_inter_key.get()); } @@ -208,15 +208,15 @@ int CastMain() { { TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "bad_signer_cert_crl.pb", tbs_crl, - inter_der, inter_key.get()); + PackCrlIntoFile(data_path + "bad_signer_cert_crl.pb", tbs_crl, inter_der, + inter_key.get()); } // NOTE: Mismatched key for signature in Crl (just looks like bad signature). { TbsCrl tbs_crl = MakeTbsCrl(not_before.count(), not_after.count(), device_cert.get(), inter_cert.get()); - PackCrlIntoFile(TEST_DATA_PREFIX "bad_signature_crl.pb", tbs_crl, + PackCrlIntoFile(data_path + "bad_signature_crl.pb", tbs_crl, crl_inter_der[0], inter_key.get()); } diff --git a/platform/BUILD.gn b/platform/BUILD.gn index 9545232c..1dc13bc5 100644 --- a/platform/BUILD.gn +++ b/platform/BUILD.gn @@ -170,9 +170,21 @@ source_set("test") { "test/fake_udp_socket.h", "test/mock_tls_connection.h", "test/mock_udp_socket.h", + "test/paths.h", + "test/paths_internal.h", "test/trace_logging_helpers.h", ] + if (is_posix) { + sources += [ "test/paths_posix.cc" ] + } + if (is_linux) { + sources += [ "test/paths_internal_linux.cc" ] + } + if (is_mac) { + sources += [ "test/paths_internal_mac.cc" ] + } + deps = [ ":platform", "../third_party/abseil", diff --git a/platform/test/paths.h b/platform/test/paths.h new file mode 100644 index 00000000..5a6f3dbe --- /dev/null +++ b/platform/test/paths.h @@ -0,0 +1,16 @@ +// Copyright 2020 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef PLATFORM_TEST_PATHS_H_ +#define PLATFORM_TEST_PATHS_H_ + +#include <string> + +namespace openscreen { + +const std::string& GetTestDataPath(); + +} // namespace openscreen + +#endif // PLATFORM_TEST_PATHS_H_ diff --git a/platform/test/paths_internal.h b/platform/test/paths_internal.h new file mode 100644 index 00000000..7774763f --- /dev/null +++ b/platform/test/paths_internal.h @@ -0,0 +1,12 @@ +#ifndef PLATFORM_TEST_PATHS_INTERNAL_H_ +#define PLATFORM_TEST_PATHS_INTERNAL_H_ + +#include <string> + +namespace openscreen { + +std::string GetExePath(); + +} // namespace openscreen + +#endif // PLATFORM_TEST_PATHS_INTERNAL_H_ diff --git a/platform/test/paths_internal_linux.cc b/platform/test/paths_internal_linux.cc new file mode 100644 index 00000000..db5d83b0 --- /dev/null +++ b/platform/test/paths_internal_linux.cc @@ -0,0 +1,24 @@ +// Copyright 2020 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include <limits.h> +#include <unistd.h> + +#include "platform/test/paths_internal.h" +#include "util/std_util.h" + +namespace openscreen { + +std::string GetExePath() { + std::string path(_POSIX_PATH_MAX, 0); + int ret = readlink("/proc/self/exe", data(path), path.size()); + if (ret < 0) { + path.resize(0); + } else { + path.resize(ret); + } + return path; +} + +} // namespace openscreen diff --git a/platform/test/paths_internal_mac.cc b/platform/test/paths_internal_mac.cc new file mode 100644 index 00000000..b261b448 --- /dev/null +++ b/platform/test/paths_internal_mac.cc @@ -0,0 +1,28 @@ +// Copyright 2020 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include <limits.h> +#include <mach-o/dyld.h> +#include <stdlib.h> + +#include "platform/test/paths_internal.h" +#include "util/logging.h" +#include "util/std_util.h" + +namespace openscreen { + +std::string GetExePath() { + uint32_t path_size = 0; + _NSGetExecutablePath(nullptr, &path_size); + OSP_DCHECK(path_size > 0u); + std::string exe_path(path_size, 0); + int ret = _NSGetExecutablePath(data(exe_path), &path_size); + OSP_DCHECK_EQ(ret, 0); + char* resolved = realpath(exe_path.c_str(), nullptr); + std::string final_path(resolved); + free(resolved); + return final_path; +} + +} // namespace openscreen diff --git a/platform/test/paths_posix.cc b/platform/test/paths_posix.cc new file mode 100644 index 00000000..0d0d1ea8 --- /dev/null +++ b/platform/test/paths_posix.cc @@ -0,0 +1,39 @@ +// Copyright 2020 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "platform/test/paths.h" +#include "platform/test/paths_internal.h" +#include "util/logging.h" + +namespace openscreen { +namespace { + +std::string ReadTestDataPath() { + std::string exe_path = GetExePath(); + OSP_DCHECK(!exe_path.empty()); + + // NOTE: This assumes that the executable is two directories above the source + // root (e.g. out/Debug/unittests). This is the standard layout GN expects + // but is also assumed by Chromium infra. + int slashes_found = 0; + int i = exe_path.size() - 1; + for (; i >= 0; --i) { + slashes_found += exe_path[i] == '/'; + if (slashes_found == 3) { + break; + } + } + OSP_DCHECK_EQ(slashes_found, 3); + + return exe_path.substr(0, i + 1) + OPENSCREEN_TEST_DATA_DIR; +} + +} // namespace + +const std::string& GetTestDataPath() { + static std::string data_path = ReadTestDataPath(); + return data_path; +} + +} // namespace openscreen |