| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "net/base/cert_status_flags.h" | 9 #include "net/base/cert_status_flags.h" |
| 10 #include "net/base/cert_test_util.h" | 10 #include "net/base/cert_test_util.h" |
| (...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 265 scoped_refptr<X509Certificate> webkit_cert = X509Certificate::CreateFromBytes( | 265 scoped_refptr<X509Certificate> webkit_cert = X509Certificate::CreateFromBytes( |
| 266 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)); | 266 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)); |
| 267 | 267 |
| 268 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert); | 268 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert); |
| 269 | 269 |
| 270 const CertPrincipal& subject = webkit_cert->subject(); | 270 const CertPrincipal& subject = webkit_cert->subject(); |
| 271 EXPECT_EQ("Cupertino", subject.locality_name); | 271 EXPECT_EQ("Cupertino", subject.locality_name); |
| 272 EXPECT_EQ("California", subject.state_or_province_name); | 272 EXPECT_EQ("California", subject.state_or_province_name); |
| 273 EXPECT_EQ("US", subject.country_name); | 273 EXPECT_EQ("US", subject.country_name); |
| 274 EXPECT_EQ(0U, subject.street_addresses.size()); | 274 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 275 EXPECT_EQ(1U, subject.organization_names.size()); | 275 ASSERT_EQ(1U, subject.organization_names.size()); |
| 276 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); | 276 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); |
| 277 EXPECT_EQ(1U, subject.organization_unit_names.size()); | 277 ASSERT_EQ(1U, subject.organization_unit_names.size()); |
| 278 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); | 278 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); |
| 279 EXPECT_EQ(0U, subject.domain_components.size()); | 279 EXPECT_EQ(0U, subject.domain_components.size()); |
| 280 | 280 |
| 281 const CertPrincipal& issuer = webkit_cert->issuer(); | 281 const CertPrincipal& issuer = webkit_cert->issuer(); |
| 282 EXPECT_EQ("Go Daddy Secure Certification Authority", issuer.common_name); | 282 EXPECT_EQ("Go Daddy Secure Certification Authority", issuer.common_name); |
| 283 EXPECT_EQ("Scottsdale", issuer.locality_name); | 283 EXPECT_EQ("Scottsdale", issuer.locality_name); |
| 284 EXPECT_EQ("Arizona", issuer.state_or_province_name); | 284 EXPECT_EQ("Arizona", issuer.state_or_province_name); |
| 285 EXPECT_EQ("US", issuer.country_name); | 285 EXPECT_EQ("US", issuer.country_name); |
| 286 EXPECT_EQ(0U, issuer.street_addresses.size()); | 286 EXPECT_EQ(0U, issuer.street_addresses.size()); |
| 287 EXPECT_EQ(1U, issuer.organization_names.size()); | 287 ASSERT_EQ(1U, issuer.organization_names.size()); |
| 288 EXPECT_EQ("GoDaddy.com, Inc.", issuer.organization_names[0]); | 288 EXPECT_EQ("GoDaddy.com, Inc.", issuer.organization_names[0]); |
| 289 EXPECT_EQ(1U, issuer.organization_unit_names.size()); | 289 ASSERT_EQ(1U, issuer.organization_unit_names.size()); |
| 290 EXPECT_EQ("http://certificates.godaddy.com/repository", | 290 EXPECT_EQ("http://certificates.godaddy.com/repository", |
| 291 issuer.organization_unit_names[0]); | 291 issuer.organization_unit_names[0]); |
| 292 EXPECT_EQ(0U, issuer.domain_components.size()); | 292 EXPECT_EQ(0U, issuer.domain_components.size()); |
| 293 | 293 |
| 294 // Use DoubleT because its epoch is the same on all platforms | 294 // Use DoubleT because its epoch is the same on all platforms |
| 295 const Time& valid_start = webkit_cert->valid_start(); | 295 const Time& valid_start = webkit_cert->valid_start(); |
| 296 EXPECT_EQ(1205883319, valid_start.ToDoubleT()); // Mar 18 23:35:19 2008 GMT | 296 EXPECT_EQ(1205883319, valid_start.ToDoubleT()); // Mar 18 23:35:19 2008 GMT |
| 297 | 297 |
| 298 const Time& valid_expiry = webkit_cert->valid_expiry(); | 298 const Time& valid_expiry = webkit_cert->valid_expiry(); |
| 299 EXPECT_EQ(1300491319, valid_expiry.ToDoubleT()); // Mar 18 23:35:19 2011 GMT | 299 EXPECT_EQ(1300491319, valid_expiry.ToDoubleT()); // Mar 18 23:35:19 2011 GMT |
| 300 | 300 |
| 301 const SHA1Fingerprint& fingerprint = webkit_cert->fingerprint(); | 301 const SHA1Fingerprint& fingerprint = webkit_cert->fingerprint(); |
| 302 for (size_t i = 0; i < 20; ++i) | 302 for (size_t i = 0; i < 20; ++i) |
| 303 EXPECT_EQ(webkit_fingerprint[i], fingerprint.data[i]); | 303 EXPECT_EQ(webkit_fingerprint[i], fingerprint.data[i]); |
| 304 | 304 |
| 305 std::vector<std::string> dns_names; | 305 std::vector<std::string> dns_names; |
| 306 webkit_cert->GetDNSNames(&dns_names); | 306 webkit_cert->GetDNSNames(&dns_names); |
| 307 EXPECT_EQ(2U, dns_names.size()); | 307 ASSERT_EQ(2U, dns_names.size()); |
| 308 EXPECT_EQ("*.webkit.org", dns_names[0]); | 308 EXPECT_EQ("*.webkit.org", dns_names[0]); |
| 309 EXPECT_EQ("webkit.org", dns_names[1]); | 309 EXPECT_EQ("webkit.org", dns_names[1]); |
| 310 | 310 |
| 311 #if TEST_EV | 311 #if TEST_EV |
| 312 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | | 312 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | |
| 313 X509Certificate::VERIFY_EV_CERT; | 313 X509Certificate::VERIFY_EV_CERT; |
| 314 CertVerifyResult verify_result; | 314 CertVerifyResult verify_result; |
| 315 EXPECT_EQ(OK, webkit_cert->Verify("webkit.org", flags, &verify_result)); | 315 EXPECT_EQ(OK, webkit_cert->Verify("webkit.org", flags, &verify_result)); |
| 316 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_IS_EV); | 316 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_IS_EV); |
| 317 #endif | 317 #endif |
| 318 } | 318 } |
| 319 | 319 |
| 320 TEST(X509CertificateTest, ThawteCertParsing) { | 320 TEST(X509CertificateTest, ThawteCertParsing) { |
| 321 scoped_refptr<X509Certificate> thawte_cert = X509Certificate::CreateFromBytes( | 321 scoped_refptr<X509Certificate> thawte_cert = X509Certificate::CreateFromBytes( |
| 322 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der)); | 322 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der)); |
| 323 | 323 |
| 324 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); | 324 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); |
| 325 | 325 |
| 326 const CertPrincipal& subject = thawte_cert->subject(); | 326 const CertPrincipal& subject = thawte_cert->subject(); |
| 327 EXPECT_EQ("www.thawte.com", subject.common_name); | 327 EXPECT_EQ("www.thawte.com", subject.common_name); |
| 328 EXPECT_EQ("Mountain View", subject.locality_name); | 328 EXPECT_EQ("Mountain View", subject.locality_name); |
| 329 EXPECT_EQ("California", subject.state_or_province_name); | 329 EXPECT_EQ("California", subject.state_or_province_name); |
| 330 EXPECT_EQ("US", subject.country_name); | 330 EXPECT_EQ("US", subject.country_name); |
| 331 EXPECT_EQ(0U, subject.street_addresses.size()); | 331 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 332 EXPECT_EQ(1U, subject.organization_names.size()); | 332 ASSERT_EQ(1U, subject.organization_names.size()); |
| 333 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); | 333 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); |
| 334 EXPECT_EQ(0U, subject.organization_unit_names.size()); | 334 EXPECT_EQ(0U, subject.organization_unit_names.size()); |
| 335 EXPECT_EQ(0U, subject.domain_components.size()); | 335 EXPECT_EQ(0U, subject.domain_components.size()); |
| 336 | 336 |
| 337 const CertPrincipal& issuer = thawte_cert->issuer(); | 337 const CertPrincipal& issuer = thawte_cert->issuer(); |
| 338 EXPECT_EQ("thawte Extended Validation SSL CA", issuer.common_name); | 338 EXPECT_EQ("thawte Extended Validation SSL CA", issuer.common_name); |
| 339 EXPECT_EQ("", issuer.locality_name); | 339 EXPECT_EQ("", issuer.locality_name); |
| 340 EXPECT_EQ("", issuer.state_or_province_name); | 340 EXPECT_EQ("", issuer.state_or_province_name); |
| 341 EXPECT_EQ("US", issuer.country_name); | 341 EXPECT_EQ("US", issuer.country_name); |
| 342 EXPECT_EQ(0U, issuer.street_addresses.size()); | 342 EXPECT_EQ(0U, issuer.street_addresses.size()); |
| 343 EXPECT_EQ(1U, issuer.organization_names.size()); | 343 ASSERT_EQ(1U, issuer.organization_names.size()); |
| 344 EXPECT_EQ("thawte, Inc.", issuer.organization_names[0]); | 344 EXPECT_EQ("thawte, Inc.", issuer.organization_names[0]); |
| 345 EXPECT_EQ(1U, issuer.organization_unit_names.size()); | 345 ASSERT_EQ(1U, issuer.organization_unit_names.size()); |
| 346 EXPECT_EQ("Terms of use at https://www.thawte.com/cps (c)06", | 346 EXPECT_EQ("Terms of use at https://www.thawte.com/cps (c)06", |
| 347 issuer.organization_unit_names[0]); | 347 issuer.organization_unit_names[0]); |
| 348 EXPECT_EQ(0U, issuer.domain_components.size()); | 348 EXPECT_EQ(0U, issuer.domain_components.size()); |
| 349 | 349 |
| 350 // Use DoubleT because its epoch is the same on all platforms | 350 // Use DoubleT because its epoch is the same on all platforms |
| 351 const Time& valid_start = thawte_cert->valid_start(); | 351 const Time& valid_start = thawte_cert->valid_start(); |
| 352 EXPECT_EQ(1227052800, valid_start.ToDoubleT()); // Nov 19 00:00:00 2008 GMT | 352 EXPECT_EQ(1227052800, valid_start.ToDoubleT()); // Nov 19 00:00:00 2008 GMT |
| 353 | 353 |
| 354 const Time& valid_expiry = thawte_cert->valid_expiry(); | 354 const Time& valid_expiry = thawte_cert->valid_expiry(); |
| 355 EXPECT_EQ(1263772799, valid_expiry.ToDoubleT()); // Jan 17 23:59:59 2010 GMT | 355 EXPECT_EQ(1263772799, valid_expiry.ToDoubleT()); // Jan 17 23:59:59 2010 GMT |
| 356 | 356 |
| 357 const SHA1Fingerprint& fingerprint = thawte_cert->fingerprint(); | 357 const SHA1Fingerprint& fingerprint = thawte_cert->fingerprint(); |
| 358 for (size_t i = 0; i < 20; ++i) | 358 for (size_t i = 0; i < 20; ++i) |
| 359 EXPECT_EQ(thawte_fingerprint[i], fingerprint.data[i]); | 359 EXPECT_EQ(thawte_fingerprint[i], fingerprint.data[i]); |
| 360 | 360 |
| 361 std::vector<std::string> dns_names; | 361 std::vector<std::string> dns_names; |
| 362 thawte_cert->GetDNSNames(&dns_names); | 362 thawte_cert->GetDNSNames(&dns_names); |
| 363 EXPECT_EQ(1U, dns_names.size()); | 363 ASSERT_EQ(1U, dns_names.size()); |
| 364 EXPECT_EQ("www.thawte.com", dns_names[0]); | 364 EXPECT_EQ("www.thawte.com", dns_names[0]); |
| 365 | 365 |
| 366 #if TEST_EV | 366 #if TEST_EV |
| 367 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | | 367 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | |
| 368 X509Certificate::VERIFY_EV_CERT; | 368 X509Certificate::VERIFY_EV_CERT; |
| 369 CertVerifyResult verify_result; | 369 CertVerifyResult verify_result; |
| 370 // EV cert verification requires revocation checking. | 370 // EV cert verification requires revocation checking. |
| 371 EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, &verify_result)); | 371 EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, &verify_result)); |
| 372 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_IS_EV); | 372 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_IS_EV); |
| 373 // Consequently, if we don't have revocation checking enabled, we can't claim | 373 // Consequently, if we don't have revocation checking enabled, we can't claim |
| (...skipping 337 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 711 | 711 |
| 712 for (size_t j = 0; j < 20; ++j) | 712 for (size_t j = 0; j < 20; ++j) |
| 713 EXPECT_EQ(expected_fingerprint[j], actual_fingerprint.data[j]); | 713 EXPECT_EQ(expected_fingerprint[j], actual_fingerprint.data[j]); |
| 714 } | 714 } |
| 715 } | 715 } |
| 716 | 716 |
| 717 INSTANTIATE_TEST_CASE_P(, X509CertificateParseTest, | 717 INSTANTIATE_TEST_CASE_P(, X509CertificateParseTest, |
| 718 testing::ValuesIn(FormatTestData)); | 718 testing::ValuesIn(FormatTestData)); |
| 719 | 719 |
| 720 } // namespace net | 720 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3142016:
Change EXPECT_ to ASSERT_ for X.509 tests where it will crash if the check fails (Closed)
