Chromium Code Reviews Chromium Code Reviews
Issue 6612013:
Add X509Certificate::VerifyCertName(string) API. This will be used... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/crypto/rsa_private_key.h" | 5 #include "base/crypto/rsa_private_key.h" |
| 6 #include "base/file_path.h" | 6 #include "base/file_path.h" |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
| 9 #include "base/pickle.h" | 9 #include "base/pickle.h" |
| 10 #include "net/base/cert_status_flags.h" | 10 #include "net/base/cert_status_flags.h" |
| (...skipping 275 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 286 EXPECT_EQ("*.webkit.org", dns_names[0]); | 286 EXPECT_EQ("*.webkit.org", dns_names[0]); |
| 287 EXPECT_EQ("webkit.org", dns_names[1]); | 287 EXPECT_EQ("webkit.org", dns_names[1]); |
| 288 | 288 |
| 289 #if TEST_EV | 289 #if TEST_EV |
| 290 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | | 290 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | |
| 291 X509Certificate::VERIFY_EV_CERT; | 291 X509Certificate::VERIFY_EV_CERT; |
| 292 CertVerifyResult verify_result; | 292 CertVerifyResult verify_result; |
| 293 EXPECT_EQ(OK, webkit_cert->Verify("webkit.org", flags, &verify_result)); | 293 EXPECT_EQ(OK, webkit_cert->Verify("webkit.org", flags, &verify_result)); |
| 294 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_IS_EV); | 294 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_IS_EV); |
| 295 #endif | 295 #endif |
| 296 | |
| 297 // Test that the wildcard cert matches properly. | |
| 298 EXPECT_TRUE(webkit_cert->VerifyNameMatch("www.webkit.org")); | |
| 299 EXPECT_TRUE(webkit_cert->VerifyNameMatch("foo.webkit.org")); | |
| 300 EXPECT_TRUE(webkit_cert->VerifyNameMatch("webkit.org")); | |
|
wtc
2011/03/03 19:38:46
IMPORTANT: can you add a test case for "www.foo.we
Mike Belshe
2011/03/03 23:06:14
Done.
| |
| 301 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.webkit.com")); | |
| 296 } | 302 } |
| 297 | 303 |
| 298 TEST(X509CertificateTest, ThawteCertParsing) { | 304 TEST(X509CertificateTest, ThawteCertParsing) { |
| 299 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( | 305 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( |
| 300 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); | 306 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); |
| 301 | 307 |
| 302 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); | 308 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); |
| 303 | 309 |
| 304 const CertPrincipal& subject = thawte_cert->subject(); | 310 const CertPrincipal& subject = thawte_cert->subject(); |
| 305 EXPECT_EQ("www.thawte.com", subject.common_name); | 311 EXPECT_EQ("www.thawte.com", subject.common_name); |
| (...skipping 518 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 824 | 830 |
| 825 for (size_t j = 0; j < 20; ++j) | 831 for (size_t j = 0; j < 20; ++j) |
| 826 EXPECT_EQ(expected_fingerprint[j], actual_fingerprint.data[j]); | 832 EXPECT_EQ(expected_fingerprint[j], actual_fingerprint.data[j]); |
| 827 } | 833 } |
| 828 } | 834 } |
| 829 | 835 |
| 830 INSTANTIATE_TEST_CASE_P(, X509CertificateParseTest, | 836 INSTANTIATE_TEST_CASE_P(, X509CertificateParseTest, |
| 831 testing::ValuesIn(FormatTestData)); | 837 testing::ValuesIn(FormatTestData)); |
| 832 | 838 |
| 833 } // namespace net | 839 } // namespace net |
| OLD | NEW |
