OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
(...skipping 1532 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1543 X509Certificate::OSCertHandles intermediates; | 1543 X509Certificate::OSCertHandles intermediates; |
1544 intermediates.push_back(intermediate_cert->os_cert_handle()); | 1544 intermediates.push_back(intermediate_cert->os_cert_handle()); |
1545 | 1545 |
1546 scoped_refptr<X509Certificate> ee_chain = | 1546 scoped_refptr<X509Certificate> ee_chain = |
1547 X509Certificate::CreateFromHandle(ee_cert->os_cert_handle(), | 1547 X509Certificate::CreateFromHandle(ee_cert->os_cert_handle(), |
1548 intermediates); | 1548 intermediates); |
1549 ASSERT_NE(static_cast<X509Certificate*>(NULL), ee_chain); | 1549 ASSERT_NE(static_cast<X509Certificate*>(NULL), ee_chain); |
1550 | 1550 |
1551 int flags = 0; | 1551 int flags = 0; |
1552 CertVerifyResult verify_result; | 1552 CertVerifyResult verify_result; |
1553 ee_chain->Verify("127.0.0.1", flags, NULL, &verify_result); | 1553 int rv = ee_chain->Verify("127.0.0.1", flags, NULL, &verify_result); |
1554 EXPECT_EQ(data.expected_has_md5, verify_result.has_md5); | 1554 EXPECT_EQ(data.expected_has_md5, verify_result.has_md5); |
1555 EXPECT_EQ(data.expected_has_md4, verify_result.has_md4); | 1555 EXPECT_EQ(data.expected_has_md4, verify_result.has_md4); |
1556 EXPECT_EQ(data.expected_has_md2, verify_result.has_md2); | 1556 EXPECT_EQ(data.expected_has_md2, verify_result.has_md2); |
1557 EXPECT_EQ(data.expected_has_md5_ca, verify_result.has_md5_ca); | 1557 EXPECT_EQ(data.expected_has_md5_ca, verify_result.has_md5_ca); |
1558 EXPECT_EQ(data.expected_has_md2_ca, verify_result.has_md2_ca); | 1558 EXPECT_EQ(data.expected_has_md2_ca, verify_result.has_md2_ca); |
1559 | |
1560 // Ensure that MD4 and MD2 are tagged as invalid. | |
1561 if (data.expected_has_md4 || data.expected_has_md2) { | |
1562 EXPECT_EQ(CERT_STATUS_INVALID, | |
1563 (verify_result.cert_status & CERT_STATUS_INVALID)); | |
wtc
2011/11/04 22:57:42
The parentheses are not necessary here and on line
| |
1564 | |
1565 } | |
1566 | |
1567 // Ensure that MD5 is flagged as weak. | |
1568 if (data.expected_has_md5) { | |
1569 EXPECT_EQ( | |
1570 CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, | |
1571 (verify_result.cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM)); | |
1572 } | |
1573 | |
1574 // If there is a root cert present, then the full chain should validate, but | |
1575 // be rejected. | |
wtc
2011/11/04 22:57:42
Nit: "but be rejected" does not apply to the last
| |
1576 if (data.root_cert_filename) { | |
1577 if (data.expected_has_md4 || data.expected_has_md2) { | |
1578 EXPECT_EQ(ERR_CERT_INVALID, rv); | |
1579 } else if (data.expected_has_md5) { | |
1580 EXPECT_EQ(ERR_CERT_WEAK_SIGNATURE_ALGORITHM, rv); | |
1581 } else { | |
1582 EXPECT_EQ(OK, rv); | |
1583 } | |
1584 } | |
1559 } | 1585 } |
1560 | 1586 |
1561 // Unlike TEST/TEST_F, which are macros that expand to further macros, | 1587 // Unlike TEST/TEST_F, which are macros that expand to further macros, |
1562 // INSTANTIATE_TEST_CASE_P is a macro that expands directly to code that | 1588 // INSTANTIATE_TEST_CASE_P is a macro that expands directly to code that |
1563 // stringizes the arguments. As a result, macros passed as parameters (such as | 1589 // stringizes the arguments. As a result, macros passed as parameters (such as |
1564 // prefix or test_case_name) will not be expanded by the preprocessor. To work | 1590 // prefix or test_case_name) will not be expanded by the preprocessor. To work |
1565 // around this, indirect the macro for INSTANTIATE_TEST_CASE_P, so that the | 1591 // around this, indirect the macro for INSTANTIATE_TEST_CASE_P, so that the |
1566 // pre-processor will expand macros such as MAYBE_test_name before | 1592 // pre-processor will expand macros such as MAYBE_test_name before |
1567 // instantiating the test. | 1593 // instantiating the test. |
1568 #define WRAPPED_INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) \ | 1594 #define WRAPPED_INSTANTIATE_TEST_CASE_P(prefix, test_case_name, generator) \ |
(...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1688 #define MAYBE_VerifyMixed DISABLED_VerifyMixed | 1714 #define MAYBE_VerifyMixed DISABLED_VerifyMixed |
1689 #else | 1715 #else |
1690 #define MAYBE_VerifyMixed VerifyMixed | 1716 #define MAYBE_VerifyMixed VerifyMixed |
1691 #endif | 1717 #endif |
1692 WRAPPED_INSTANTIATE_TEST_CASE_P( | 1718 WRAPPED_INSTANTIATE_TEST_CASE_P( |
1693 MAYBE_VerifyMixed, | 1719 MAYBE_VerifyMixed, |
1694 X509CertificateWeakDigestTest, | 1720 X509CertificateWeakDigestTest, |
1695 testing::ValuesIn(kVerifyMixedTestData)); | 1721 testing::ValuesIn(kVerifyMixedTestData)); |
1696 | 1722 |
1697 } // namespace net | 1723 } // namespace net |
OLD | NEW |