| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "net/base/cert_status_flags.h" | 9 #include "net/base/cert_status_flags.h" |
| 10 #include "net/base/cert_test_util.h" | 10 #include "net/base/cert_test_util.h" |
| (...skipping 354 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 365 TEST(X509CertificateTest, Cache) { | 365 TEST(X509CertificateTest, Cache) { |
| 366 X509Certificate::OSCertHandle google_cert_handle; | 366 X509Certificate::OSCertHandle google_cert_handle; |
| 367 | 367 |
| 368 // Add a certificate from the source SOURCE_LONE_CERT_IMPORT to our | 368 // Add a certificate from the source SOURCE_LONE_CERT_IMPORT to our |
| 369 // certificate cache. | 369 // certificate cache. |
| 370 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( | 370 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( |
| 371 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 371 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 372 scoped_refptr<X509Certificate> cert1 = X509Certificate::CreateFromHandle( | 372 scoped_refptr<X509Certificate> cert1 = X509Certificate::CreateFromHandle( |
| 373 google_cert_handle, X509Certificate::SOURCE_LONE_CERT_IMPORT, | 373 google_cert_handle, X509Certificate::SOURCE_LONE_CERT_IMPORT, |
| 374 X509Certificate::OSCertHandles()); | 374 X509Certificate::OSCertHandles()); |
| 375 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 375 | 376 |
| 376 // Add a certificate from the same source (SOURCE_LONE_CERT_IMPORT). This | 377 // Add a certificate from the same source (SOURCE_LONE_CERT_IMPORT). This |
| 377 // should return the cached certificate (cert1). | 378 // should return the cached certificate (cert1). |
| 378 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( | 379 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( |
| 379 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 380 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 380 scoped_refptr<X509Certificate> cert2 = X509Certificate::CreateFromHandle( | 381 scoped_refptr<X509Certificate> cert2 = X509Certificate::CreateFromHandle( |
| 381 google_cert_handle, X509Certificate::SOURCE_LONE_CERT_IMPORT, | 382 google_cert_handle, X509Certificate::SOURCE_LONE_CERT_IMPORT, |
| 382 X509Certificate::OSCertHandles()); | 383 X509Certificate::OSCertHandles()); |
| 384 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 383 | 385 |
| 384 EXPECT_EQ(cert1, cert2); | 386 EXPECT_EQ(cert1, cert2); |
| 385 | 387 |
| 386 // Add a certificate from the network. This should kick out the original | 388 // Add a certificate from the network. This should kick out the original |
| 387 // cached certificate (cert1) and return a new certificate. | 389 // cached certificate (cert1) and return a new certificate. |
| 388 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( | 390 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( |
| 389 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 391 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 390 scoped_refptr<X509Certificate> cert3 = X509Certificate::CreateFromHandle( | 392 scoped_refptr<X509Certificate> cert3 = X509Certificate::CreateFromHandle( |
| 391 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, | 393 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, |
| 392 X509Certificate::OSCertHandles()); | 394 X509Certificate::OSCertHandles()); |
| 395 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 393 | 396 |
| 394 EXPECT_NE(cert1, cert3); | 397 EXPECT_NE(cert1, cert3); |
| 395 | 398 |
| 396 // Add one certificate from each source. Both should return the new cached | 399 // Add one certificate from each source. Both should return the new cached |
| 397 // certificate (cert3). | 400 // certificate (cert3). |
| 398 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( | 401 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( |
| 399 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 402 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 400 scoped_refptr<X509Certificate> cert4 = X509Certificate::CreateFromHandle( | 403 scoped_refptr<X509Certificate> cert4 = X509Certificate::CreateFromHandle( |
| 401 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, | 404 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, |
| 402 X509Certificate::OSCertHandles()); | 405 X509Certificate::OSCertHandles()); |
| 406 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 403 | 407 |
| 404 EXPECT_EQ(cert3, cert4); | 408 EXPECT_EQ(cert3, cert4); |
| 405 | 409 |
| 406 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( | 410 google_cert_handle = X509Certificate::CreateOSCertHandleFromBytes( |
| 407 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 411 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 408 scoped_refptr<X509Certificate> cert5 = X509Certificate::CreateFromHandle( | 412 scoped_refptr<X509Certificate> cert5 = X509Certificate::CreateFromHandle( |
| 409 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, | 413 google_cert_handle, X509Certificate::SOURCE_FROM_NETWORK, |
| 410 X509Certificate::OSCertHandles()); | 414 X509Certificate::OSCertHandles()); |
| 415 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 411 | 416 |
| 412 EXPECT_EQ(cert3, cert5); | 417 EXPECT_EQ(cert3, cert5); |
| 413 } | 418 } |
| 414 | 419 |
| 415 TEST(X509CertificateTest, Pickle) { | 420 TEST(X509CertificateTest, Pickle) { |
| 416 scoped_refptr<X509Certificate> cert1 = X509Certificate::CreateFromBytes( | 421 scoped_refptr<X509Certificate> cert1 = X509Certificate::CreateFromBytes( |
| 417 reinterpret_cast<const char*>(google_der), sizeof(google_der)); | 422 reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
| 418 | 423 |
| 419 Pickle pickle; | 424 Pickle pickle; |
| 420 cert1->Persist(&pickle); | 425 cert1->Persist(&pickle); |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 EXPECT_TRUE(cert1->HasIntermediateCertificates(intermediates1)); | 493 EXPECT_TRUE(cert1->HasIntermediateCertificates(intermediates1)); |
| 489 EXPECT_FALSE(cert1->HasIntermediateCertificate( | 494 EXPECT_FALSE(cert1->HasIntermediateCertificate( |
| 490 webkit_cert->os_cert_handle())); | 495 webkit_cert->os_cert_handle())); |
| 491 | 496 |
| 492 // Create object with 2 intermediates: | 497 // Create object with 2 intermediates: |
| 493 X509Certificate::OSCertHandles intermediates2; | 498 X509Certificate::OSCertHandles intermediates2; |
| 494 intermediates2.push_back(webkit_cert->os_cert_handle()); | 499 intermediates2.push_back(webkit_cert->os_cert_handle()); |
| 495 intermediates2.push_back(thawte_cert->os_cert_handle()); | 500 intermediates2.push_back(thawte_cert->os_cert_handle()); |
| 496 scoped_refptr<X509Certificate> cert2; | 501 scoped_refptr<X509Certificate> cert2; |
| 497 cert2 = X509Certificate::CreateFromHandle( | 502 cert2 = X509Certificate::CreateFromHandle( |
| 498 X509Certificate::DupOSCertHandle(google_handle), | 503 google_handle, X509Certificate::SOURCE_FROM_NETWORK, intermediates2); |
| 499 X509Certificate::SOURCE_FROM_NETWORK, | |
| 500 intermediates2); | |
| 501 | 504 |
| 502 // The cache should have stored cert2 'cause it has more intermediates: | 505 // The cache should have stored cert2 'cause it has more intermediates: |
| 503 EXPECT_NE(cert1, cert2); | 506 EXPECT_NE(cert1, cert2); |
| 504 | 507 |
| 505 // Verify it has all the intermediates: | 508 // Verify it has all the intermediates: |
| 506 EXPECT_TRUE(cert2->HasIntermediateCertificate( | 509 EXPECT_TRUE(cert2->HasIntermediateCertificate( |
| 507 webkit_cert->os_cert_handle())); | 510 webkit_cert->os_cert_handle())); |
| 508 EXPECT_TRUE(cert2->HasIntermediateCertificate( | 511 EXPECT_TRUE(cert2->HasIntermediateCertificate( |
| 509 thawte_cert->os_cert_handle())); | 512 thawte_cert->os_cert_handle())); |
| 510 EXPECT_FALSE(cert2->HasIntermediateCertificate( | 513 EXPECT_FALSE(cert2->HasIntermediateCertificate( |
| 511 paypal_cert->os_cert_handle())); | 514 paypal_cert->os_cert_handle())); |
| 512 | 515 |
| 513 // Create object with 1 intermediate: | 516 // Create object with 1 intermediate: |
| 514 X509Certificate::OSCertHandles intermediates3; | 517 X509Certificate::OSCertHandles intermediates3; |
| 515 intermediates2.push_back(thawte_cert->os_cert_handle()); | 518 intermediates2.push_back(thawte_cert->os_cert_handle()); |
| 516 scoped_refptr<X509Certificate> cert3; | 519 scoped_refptr<X509Certificate> cert3; |
| 517 cert3 = X509Certificate::CreateFromHandle( | 520 cert3 = X509Certificate::CreateFromHandle( |
| 518 X509Certificate::DupOSCertHandle(google_handle), | 521 google_handle, X509Certificate::SOURCE_FROM_NETWORK, intermediates3); |
| 519 X509Certificate::SOURCE_FROM_NETWORK, | |
| 520 intermediates3); | |
| 521 | 522 |
| 522 // The cache should have returned cert2 'cause it has more intermediates: | 523 // The cache should have returned cert2 'cause it has more intermediates: |
| 523 EXPECT_EQ(cert3, cert2); | 524 EXPECT_EQ(cert3, cert2); |
| 525 |
| 526 // Cleanup |
| 527 X509Certificate::FreeOSCertHandle(google_handle); |
| 524 } | 528 } |
| 525 #endif | 529 #endif |
| 526 | 530 |
| 527 } // namespace net | 531 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2867026:
Make X509Certificate::CreateFromHandle() copy the OSCertHandle, rather than assume ownership (Closed)
