| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
| 10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
| (...skipping 418 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 429 reinterpret_cast<const char*>(paypal_null_der), | 429 reinterpret_cast<const char*>(paypal_null_der), |
| 430 sizeof(paypal_null_der))); | 430 sizeof(paypal_null_der))); |
| 431 | 431 |
| 432 static const uint8 paypal_null_serial[2] = {0xf0, 0x9b}; | 432 static const uint8 paypal_null_serial[2] = {0xf0, 0x9b}; |
| 433 ASSERT_EQ(sizeof(paypal_null_serial), | 433 ASSERT_EQ(sizeof(paypal_null_serial), |
| 434 paypal_null_cert->serial_number().size()); | 434 paypal_null_cert->serial_number().size()); |
| 435 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), | 435 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), |
| 436 paypal_null_serial, sizeof(paypal_null_serial)) == 0); | 436 paypal_null_serial, sizeof(paypal_null_serial)) == 0); |
| 437 } | 437 } |
| 438 | 438 |
| 439 TEST(X509CertificateTest, ChainFingerprints) { |
| 440 FilePath certs_dir = GetTestCertsDirectory(); |
| 441 |
| 442 scoped_refptr<X509Certificate> server_cert = |
| 443 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); |
| 444 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); |
| 445 |
| 446 scoped_refptr<X509Certificate> intermediate_cert1 = |
| 447 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem"); |
| 448 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1); |
| 449 |
| 450 scoped_refptr<X509Certificate> intermediate_cert2 = |
| 451 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem"); |
| 452 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2); |
| 453 |
| 454 X509Certificate::OSCertHandles intermediates; |
| 455 intermediates.push_back(intermediate_cert1->os_cert_handle()); |
| 456 scoped_refptr<X509Certificate> cert_chain1 = |
| 457 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), |
| 458 intermediates); |
| 459 |
| 460 intermediates.clear(); |
| 461 intermediates.push_back(intermediate_cert2->os_cert_handle()); |
| 462 scoped_refptr<X509Certificate> cert_chain2 = |
| 463 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), |
| 464 intermediates); |
| 465 |
| 466 static const uint8 cert_chain1_fingerprint[20] = { |
| 467 0x67, 0x78, 0x81, 0xd7, 0x78, 0xca, 0xd5, 0x04, 0x73, 0xf8, |
| 468 0x95, 0xff, 0xf3, 0x39, 0xe4, 0xcd, 0x5e, 0xf0, 0x79, 0x76 |
| 469 }; |
| 470 static const uint8 cert_chain2_fingerprint[20] = { |
| 471 0x8c, 0x93, 0x85, 0xb0, 0x15, 0xd3, 0xa3, 0x0e, 0xe7, 0x4f, |
| 472 0x42, 0xf4, 0x30, 0xc3, 0xe9, 0x14, 0x12, 0x54, 0xb9, 0x9d |
| 473 }; |
| 474 EXPECT_TRUE(memcmp(cert_chain1->chain_fingerprint().data, |
| 475 cert_chain1_fingerprint, 20) == 0); |
| 476 EXPECT_TRUE(memcmp(cert_chain2->chain_fingerprint().data, |
| 477 cert_chain2_fingerprint, 20) == 0); |
| 478 } |
| 479 |
| 439 // A regression test for http://crbug.com/31497. | 480 // A regression test for http://crbug.com/31497. |
| 440 // This certificate will expire on 2012-04-08. | 481 // This certificate will expire on 2012-04-08. |
| 441 TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { | 482 TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
| 442 FilePath certs_dir = GetTestCertsDirectory(); | 483 FilePath certs_dir = GetTestCertsDirectory(); |
| 443 | 484 |
| 444 scoped_refptr<X509Certificate> server_cert = | 485 scoped_refptr<X509Certificate> server_cert = |
| 445 ImportCertFromFile(certs_dir, "www_us_army_mil_cert.der"); | 486 ImportCertFromFile(certs_dir, "www_us_army_mil_cert.der"); |
| 446 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); | 487 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); |
| 447 | 488 |
| 448 // The intermediate CA certificate's policyConstraints extension has a | 489 // The intermediate CA certificate's policyConstraints extension has a |
| (...skipping 1005 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1454 } | 1495 } |
| 1455 | 1496 |
| 1456 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( | 1497 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( |
| 1457 test_data.hostname, common_name, dns_names, ip_addressses)); | 1498 test_data.hostname, common_name, dns_names, ip_addressses)); |
| 1458 } | 1499 } |
| 1459 | 1500 |
| 1460 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, | 1501 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, |
| 1461 testing::ValuesIn(kNameVerifyTestData)); | 1502 testing::ValuesIn(kNameVerifyTestData)); |
| 1462 | 1503 |
| 1463 } // namespace net | 1504 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8400075:
Fix the "certificate is not yet valid" error for server certificates (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/