Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/crypto/rsa_private_key.h" | 5 #include "base/crypto/rsa_private_key.h" |
| 6 #include "base/file_path.h" | 6 #include "base/file_path.h" |
| 7 #include "base/file_util.h" | 7 #include "base/file_util.h" |
| 8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
| 9 #include "base/pickle.h" | 9 #include "base/pickle.h" |
| 10 #include "base/string_split.h" | 10 #include "base/string_split.h" |
| (...skipping 429 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 440 intermediates); | 440 intermediates); |
| 441 | 441 |
| 442 int flags = 0; | 442 int flags = 0; |
| 443 CertVerifyResult verify_result; | 443 CertVerifyResult verify_result; |
| 444 int error = cert_chain->Verify("www.us.army.mil", flags, &verify_result); | 444 int error = cert_chain->Verify("www.us.army.mil", flags, &verify_result); |
| 445 EXPECT_EQ(OK, error); | 445 EXPECT_EQ(OK, error); |
| 446 EXPECT_EQ(0, verify_result.cert_status); | 446 EXPECT_EQ(0, verify_result.cert_status); |
| 447 root_certs->Clear(); | 447 root_certs->Clear(); |
| 448 } | 448 } |
| 449 | 449 |
| 450 #if defined(OS_MACOSX) | |
|
Ryan Sleevi
2011/03/10 02:30:51
For parity testing, my preference would be to see
| |
| 451 // Regression test for http://crbug.com/63988 | |
| 452 // Do not report ERR_CERT_INVALID on a certificate with an empty Subject field | |
| 453 // and a subjectAltName extension that is not marked as critical. | |
| 454 TEST(X509CertificateTest, EmptySubject) { | |
| 455 FilePath certs_dir = GetTestCertsDirectory(); | |
| 456 | |
| 457 scoped_refptr<X509Certificate> server_cert = | |
| 458 ImportCertFromFile(certs_dir, "empty_subject_cert.der"); | |
| 459 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); | |
| 460 | |
| 461 int flags = 0; | |
| 462 CertVerifyResult verify_result; | |
| 463 int error = server_cert->Verify("1.1.1.1", flags, &verify_result); | |
| 464 EXPECT_NE(ERR_CERT_INVALID, error); | |
| 465 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_INVALID); | |
| 466 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID); | |
| 467 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); | |
| 468 } | |
| 469 #endif | |
| 470 | |
| 450 // Tests X509Certificate::Cache via X509Certificate::CreateFromHandle. We | 471 // Tests X509Certificate::Cache via X509Certificate::CreateFromHandle. We |
| 451 // call X509Certificate::CreateFromHandle several times and observe whether | 472 // call X509Certificate::CreateFromHandle several times and observe whether |
| 452 // it returns a cached or new X509Certificate object. | 473 // it returns a cached or new X509Certificate object. |
| 453 // | 474 // |
| 454 // All the OS certificate handles in this test are actually from the same | 475 // All the OS certificate handles in this test are actually from the same |
| 455 // source (the bytes of a lone certificate), but we pretend that some of them | 476 // source (the bytes of a lone certificate), but we pretend that some of them |
| 456 // come from the network. | 477 // come from the network. |
| 457 TEST(X509CertificateTest, Cache) { | 478 TEST(X509CertificateTest, Cache) { |
| 458 X509Certificate::OSCertHandle google_cert_handle; | 479 X509Certificate::OSCertHandle google_cert_handle; |
| 459 | 480 |
| (...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 929 EXPECT_EQ(test_data.expected, | 950 EXPECT_EQ(test_data.expected, |
| 930 X509Certificate::VerifyHostname(test_data.hostname, cert_names)) | 951 X509Certificate::VerifyHostname(test_data.hostname, cert_names)) |
| 931 << "Host [" << test_data.hostname | 952 << "Host [" << test_data.hostname |
| 932 << "], cert name [" << test_data.cert_names << "]"; | 953 << "], cert name [" << test_data.cert_names << "]"; |
| 933 } | 954 } |
| 934 | 955 |
| 935 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, | 956 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, |
| 936 testing::ValuesIn(kNameVerifyTestData)); | 957 testing::ValuesIn(kNameVerifyTestData)); |
| 937 | 958 |
| 938 } // namespace net | 959 } // namespace net |
| OLD | NEW |