Chromium Code Reviews Chromium Code Reviews
Issue 8381017:
net: retain leading zero bytes in X.509 serial numbers. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
| 10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
| (...skipping 408 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 419 EXPECT_TRUE(memcmp(google_cert->serial_number().data(), google_serial, | 419 EXPECT_TRUE(memcmp(google_cert->serial_number().data(), google_serial, |
| 420 sizeof(google_serial)) == 0); | 420 sizeof(google_serial)) == 0); |
| 421 | 421 |
| 422 // We also want to check a serial number where the first byte is >= 0x80 in | 422 // We also want to check a serial number where the first byte is >= 0x80 in |
| 423 // case the underlying library tries to pad it. | 423 // case the underlying library tries to pad it. |
| 424 scoped_refptr<X509Certificate> paypal_null_cert( | 424 scoped_refptr<X509Certificate> paypal_null_cert( |
| 425 X509Certificate::CreateFromBytes( | 425 X509Certificate::CreateFromBytes( |
| 426 reinterpret_cast<const char*>(paypal_null_der), | 426 reinterpret_cast<const char*>(paypal_null_der), |
| 427 sizeof(paypal_null_der))); | 427 sizeof(paypal_null_der))); |
| 428 | 428 |
| 429 static const uint8 paypal_null_serial[2] = {0xf0, 0x9b}; | 429 static const uint8 paypal_null_serial[3] = {0x00, 0xf0, 0x9b}; |
|
wtc
2011/10/25 21:14:44
I was going to suggest that we add a unit test for
| |
| 430 ASSERT_EQ(sizeof(paypal_null_serial), | 430 ASSERT_EQ(sizeof(paypal_null_serial), |
| 431 paypal_null_cert->serial_number().size()); | 431 paypal_null_cert->serial_number().size()); |
| 432 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), | 432 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), |
| 433 paypal_null_serial, sizeof(paypal_null_serial)) == 0); | 433 paypal_null_serial, sizeof(paypal_null_serial)) == 0); |
| 434 } | 434 } |
| 435 | 435 |
| 436 // A regression test for http://crbug.com/31497. | 436 // A regression test for http://crbug.com/31497. |
| 437 // This certificate will expire on 2012-04-08. | 437 // This certificate will expire on 2012-04-08. |
| 438 TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { | 438 TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
| 439 FilePath certs_dir = GetTestCertsDirectory(); | 439 FilePath certs_dir = GetTestCertsDirectory(); |
| (...skipping 996 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1436 } | 1436 } |
| 1437 | 1437 |
| 1438 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( | 1438 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( |
| 1439 test_data.hostname, common_name, dns_names, ip_addressses)); | 1439 test_data.hostname, common_name, dns_names, ip_addressses)); |
| 1440 } | 1440 } |
| 1441 | 1441 |
| 1442 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, | 1442 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, |
| 1443 testing::ValuesIn(kNameVerifyTestData)); | 1443 testing::ValuesIn(kNameVerifyTestData)); |
| 1444 | 1444 |
| 1445 } // namespace net | 1445 } // namespace net |
| OLD | NEW |
