Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Side by Side Diff: net/base/x509_certificate_unittest.cc

Issue 6656015: Map Mac's CSSMERR_APPLETP_INVALID_EMPTY_SUBJECT error to... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/crypto/rsa_private_key.h" 5 #include "base/crypto/rsa_private_key.h"
6 #include "base/file_path.h" 6 #include "base/file_path.h"
7 #include "base/file_util.h" 7 #include "base/file_util.h"
8 #include "base/path_service.h" 8 #include "base/path_service.h"
9 #include "base/pickle.h" 9 #include "base/pickle.h"
10 #include "base/string_split.h" 10 #include "base/string_split.h"
(...skipping 429 matching lines...) Expand 10 before | Expand all | Expand 10 after
440 intermediates); 440 intermediates);
441 441
442 int flags = 0; 442 int flags = 0;
443 CertVerifyResult verify_result; 443 CertVerifyResult verify_result;
444 int error = cert_chain->Verify("www.us.army.mil", flags, &verify_result); 444 int error = cert_chain->Verify("www.us.army.mil", flags, &verify_result);
445 EXPECT_EQ(OK, error); 445 EXPECT_EQ(OK, error);
446 EXPECT_EQ(0, verify_result.cert_status); 446 EXPECT_EQ(0, verify_result.cert_status);
447 root_certs->Clear(); 447 root_certs->Clear();
448 } 448 }
449 449
450 #if defined(OS_MACOSX)
Ryan Sleevi 2011/03/10 02:30:51 For parity testing, my preference would be to see
451 // Regression test for http://crbug.com/63988
452 // Do not report ERR_CERT_INVALID on a certificate with an empty Subject field
453 // and a subjectAltName extension that is not marked as critical.
454 TEST(X509CertificateTest, EmptySubject) {
455 FilePath certs_dir = GetTestCertsDirectory();
456
457 scoped_refptr<X509Certificate> server_cert =
458 ImportCertFromFile(certs_dir, "empty_subject_cert.der");
459 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert);
460
461 int flags = 0;
462 CertVerifyResult verify_result;
463 int error = server_cert->Verify("1.1.1.1", flags, &verify_result);
464 EXPECT_NE(ERR_CERT_INVALID, error);
465 EXPECT_EQ(0, verify_result.cert_status & CERT_STATUS_INVALID);
466 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID);
467 EXPECT_NE(0, verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID);
468 }
469 #endif
470
450 // Tests X509Certificate::Cache via X509Certificate::CreateFromHandle. We 471 // Tests X509Certificate::Cache via X509Certificate::CreateFromHandle. We
451 // call X509Certificate::CreateFromHandle several times and observe whether 472 // call X509Certificate::CreateFromHandle several times and observe whether
452 // it returns a cached or new X509Certificate object. 473 // it returns a cached or new X509Certificate object.
453 // 474 //
454 // All the OS certificate handles in this test are actually from the same 475 // All the OS certificate handles in this test are actually from the same
455 // source (the bytes of a lone certificate), but we pretend that some of them 476 // source (the bytes of a lone certificate), but we pretend that some of them
456 // come from the network. 477 // come from the network.
457 TEST(X509CertificateTest, Cache) { 478 TEST(X509CertificateTest, Cache) {
458 X509Certificate::OSCertHandle google_cert_handle; 479 X509Certificate::OSCertHandle google_cert_handle;
459 480
(...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after
929 EXPECT_EQ(test_data.expected, 950 EXPECT_EQ(test_data.expected,
930 X509Certificate::VerifyHostname(test_data.hostname, cert_names)) 951 X509Certificate::VerifyHostname(test_data.hostname, cert_names))
931 << "Host [" << test_data.hostname 952 << "Host [" << test_data.hostname
932 << "], cert name [" << test_data.cert_names << "]"; 953 << "], cert name [" << test_data.cert_names << "]";
933 } 954 }
934 955
935 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, 956 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest,
936 testing::ValuesIn(kNameVerifyTestData)); 957 testing::ValuesIn(kNameVerifyTestData));
937 958
938 } // namespace net 959 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698