static void test_cn_and_one_san_ssl_peer_to_auth_context(void) {
tsi_peer peer;
grpc_auth_context *ctx;
const char *expected_cn = "cn1";
const char *expected_san = "san1";
GPR_ASSERT(tsi_construct_peer(3, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, expected_cn,
&peer.properties[1]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY, expected_san,
&peer.properties[2]) == TSI_OK);
ctx = tsi_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != NULL);
GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
GPR_ASSERT(
check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, &expected_san, 1));
GPR_ASSERT(check_transport_security_type(ctx));
GPR_ASSERT(check_x509_cn(ctx, expected_cn));
tsi_peer_destruct(&peer);
GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
}
static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context(
void) {
tsi_peer peer;
grpc_auth_context *ctx;
const char *expected_cn = "cn1";
const char *expected_sans[] = {"san1", "san2", "san3"};
size_t i;
GPR_ASSERT(tsi_construct_peer(4 + GPR_ARRAY_SIZE(expected_sans), &peer) ==
TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
"foo", "bar", &peer.properties[1]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, expected_cn,
&peer.properties[2]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
"chapi", "chapo", &peer.properties[3]) == TSI_OK);
for (i = 0; i < GPR_ARRAY_SIZE(expected_sans); i++) {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
expected_sans[i], &peer.properties[4 + i]) == TSI_OK);
}
ctx = tsi_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != NULL);
GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
GPR_ASSERT(check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, expected_sans,
GPR_ARRAY_SIZE(expected_sans)));
GPR_ASSERT(check_transport_security_type(ctx));
GPR_ASSERT(check_x509_cn(ctx, expected_cn));
tsi_peer_destruct(&peer);
GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
}
static void test_cn_only_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
grpc_auth_context *ctx;
const char *expected_cn = "cn1";
const char *expected_pem_cert = "pem_cert1";
GPR_ASSERT(tsi_construct_peer(3, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY, expected_cn,
&peer.properties[1]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_PEM_CERT_PROPERTY, expected_pem_cert,
&peer.properties[2]) == TSI_OK);
ctx = tsi_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != NULL);
GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
GPR_ASSERT(check_identity(ctx, GRPC_X509_CN_PROPERTY_NAME, &expected_cn, 1));
GPR_ASSERT(check_transport_security_type(ctx));
GPR_ASSERT(check_x509_cn(ctx, expected_cn));
GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx);
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
tsi_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
}
