Chromium Code Reviews Chromium Code Reviews
Issue 8608003:
Parse individual X.509 name components on Windows, rather than their stringified form (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/file_path.h" | 5 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/path_service.h" | 7 #include "base/path_service.h" |
| 8 #include "base/pickle.h" | 8 #include "base/pickle.h" |
| 9 #include "base/sha1.h" | 9 #include "base/sha1.h" |
| 10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
| (...skipping 357 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 368 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); | 368 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); |
| 369 // Consequently, if we don't have revocation checking enabled, we can't claim | 369 // Consequently, if we don't have revocation checking enabled, we can't claim |
| 370 // any cert is EV. | 370 // any cert is EV. |
| 371 flags = X509Certificate::VERIFY_EV_CERT; | 371 flags = X509Certificate::VERIFY_EV_CERT; |
| 372 EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, NULL, | 372 EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, NULL, |
| 373 &verify_result)); | 373 &verify_result)); |
| 374 EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_IS_EV); | 374 EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_IS_EV); |
| 375 #endif | 375 #endif |
| 376 } | 376 } |
| 377 | 377 |
| 378 // Test that all desired AttributeAndValue pairs can be extracted when only | |
| 379 // a single RelativeDistinguishedName is present. "Normally" there is only | |
| 380 // one AVA per RDN, but some CAs place all AVAs within a single RDN. | |
| 381 // This is a regression test for http://crbug.com/101009 | |
| 382 TEST(X509CertificateTest, InfonotaryCertParsing) { | |
| 383 FilePath certs_dir = GetTestCertsDirectory(); | |
| 384 | |
| 385 scoped_refptr<X509Certificate> infonotary_cert = | |
| 386 ImportCertFromFile(certs_dir, "infonotary.pem"); | |
| 387 ASSERT_NE(static_cast<X509Certificate*>(NULL), infonotary_cert); | |
| 388 | |
| 389 const CertPrincipal& subject = infonotary_cert->subject(); | |
| 390 EXPECT_EQ("Vladislav Ivanov Evgeniev", subject.common_name); | |
| 391 EXPECT_EQ("", subject.locality_name); | |
| 392 EXPECT_EQ("", subject.state_or_province_name); | |
| 393 EXPECT_EQ("", subject.country_name); | |
| 394 EXPECT_EQ(0U, subject.street_addresses.size()); | |
| 395 EXPECT_EQ(0U, subject.organization_names.size()); | |
| 396 EXPECT_EQ(0U, subject.organization_unit_names.size()); | |
| 397 ASSERT_EQ(1U, subject.domain_components.size()); | |
| 398 EXPECT_EQ("identity-ca", subject.domain_components[0]); | |
| 399 | |
| 400 const CertPrincipal& issuer = infonotary_cert->issuer(); | |
| 401 EXPECT_EQ("i-Notary TrustPath Validated Identity CA", issuer.common_name); | |
| 402 EXPECT_EQ("", issuer.locality_name); | |
| 403 EXPECT_EQ("", issuer.state_or_province_name); | |
| 404 EXPECT_EQ("BG", issuer.country_name); | |
| 405 EXPECT_EQ(0U, issuer.street_addresses.size()); | |
| 406 ASSERT_EQ(1U, issuer.organization_names.size()); | |
| 407 EXPECT_EQ("InfoNotary PLC", issuer.organization_names[0]); | |
| 408 ASSERT_EQ(1U, issuer.organization_unit_names.size()); | |
| 409 EXPECT_EQ("i-Notary TrustPath Validated Identity CA", | |
| 410 issuer.organization_unit_names[0]); | |
| 411 ASSERT_EQ(1U, issuer.domain_components.size()); | |
| 412 EXPECT_EQ("identity-ca", issuer.domain_components[0]); | |
| 413 } | |
| 414 | |
| 415 // Test that characters which would normally be escaped in the string form, | |
| 416 // such as = or ", are not escaped when parsed as individual components. | |
|
wtc
2011/12/01 23:59:41
Nit: put = and " in single quotes?
| |
| 417 // This is a regression test for http://crbug.com/102839 | |
| 418 TEST(X509CertificateTest, BonaireCertParsing) { | |
| 419 FilePath certs_dir = GetTestCertsDirectory(); | |
| 420 | |
| 421 scoped_refptr<X509Certificate> bonairexl_cert = | |
| 422 ImportCertFromFile(certs_dir, "bonairexl.pem"); | |
| 423 ASSERT_NE(static_cast<X509Certificate*>(NULL), bonairexl_cert); | |
| 424 | |
| 425 const CertPrincipal& subject = bonairexl_cert->subject(); | |
| 426 EXPECT_EQ("www.bonairexl.com", subject.common_name); | |
| 427 EXPECT_EQ("Bergen", subject.locality_name); | |
| 428 EXPECT_EQ("Noord-Holland", subject.state_or_province_name); | |
| 429 EXPECT_EQ("NL", subject.country_name); | |
| 430 ASSERT_EQ(1U, subject.street_addresses.size()); | |
| 431 EXPECT_EQ("Eeuwigelaan 3", subject.street_addresses[0]); | |
| 432 ASSERT_EQ(1U, subject.organization_names.size()); | |
| 433 EXPECT_EQ("Aan Zee \"Gezellige Vakantiehuizen\" B.V.", | |
| 434 subject.organization_names[0]); | |
| 435 ASSERT_EQ(2U, subject.organization_unit_names.size()); | |
| 436 EXPECT_EQ("ICT", subject.organization_unit_names[0]); | |
| 437 EXPECT_EQ("COMODO EV SSL", subject.organization_unit_names[1]); | |
| 438 EXPECT_EQ(0U, subject.domain_components.size()); | |
| 439 | |
| 440 const CertPrincipal& issuer = bonairexl_cert->issuer(); | |
| 441 EXPECT_EQ("COMODO Extended Validation Secure Server CA", issuer.common_name); | |
| 442 EXPECT_EQ("Salford", issuer.locality_name); | |
| 443 EXPECT_EQ("Greater Manchester", issuer.state_or_province_name); | |
| 444 EXPECT_EQ("GB", issuer.country_name); | |
| 445 EXPECT_EQ(0U, issuer.street_addresses.size()); | |
| 446 ASSERT_EQ(1U, issuer.organization_names.size()); | |
| 447 EXPECT_EQ("COMODO CA Limited", issuer.organization_names[0]); | |
| 448 EXPECT_EQ(0U, issuer.organization_unit_names.size()); | |
| 449 EXPECT_EQ(0U, issuer.domain_components.size()); | |
| 450 } | |
| 451 | |
| 378 TEST(X509CertificateTest, PaypalNullCertParsing) { | 452 TEST(X509CertificateTest, PaypalNullCertParsing) { |
| 379 scoped_refptr<X509Certificate> paypal_null_cert( | 453 scoped_refptr<X509Certificate> paypal_null_cert( |
| 380 X509Certificate::CreateFromBytes( | 454 X509Certificate::CreateFromBytes( |
| 381 reinterpret_cast<const char*>(paypal_null_der), | 455 reinterpret_cast<const char*>(paypal_null_der), |
| 382 sizeof(paypal_null_der))); | 456 sizeof(paypal_null_der))); |
| 383 | 457 |
| 384 ASSERT_NE(static_cast<X509Certificate*>(NULL), paypal_null_cert); | 458 ASSERT_NE(static_cast<X509Certificate*>(NULL), paypal_null_cert); |
| 385 | 459 |
| 386 const SHA1Fingerprint& fingerprint = | 460 const SHA1Fingerprint& fingerprint = |
| 387 paypal_null_cert->fingerprint(); | 461 paypal_null_cert->fingerprint(); |
| (...skipping 1313 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1701 #define MAYBE_VerifyMixed DISABLED_VerifyMixed | 1775 #define MAYBE_VerifyMixed DISABLED_VerifyMixed |
| 1702 #else | 1776 #else |
| 1703 #define MAYBE_VerifyMixed VerifyMixed | 1777 #define MAYBE_VerifyMixed VerifyMixed |
| 1704 #endif | 1778 #endif |
| 1705 WRAPPED_INSTANTIATE_TEST_CASE_P( | 1779 WRAPPED_INSTANTIATE_TEST_CASE_P( |
| 1706 MAYBE_VerifyMixed, | 1780 MAYBE_VerifyMixed, |
| 1707 X509CertificateWeakDigestTest, | 1781 X509CertificateWeakDigestTest, |
| 1708 testing::ValuesIn(kVerifyMixedTestData)); | 1782 testing::ValuesIn(kVerifyMixedTestData)); |
| 1709 | 1783 |
| 1710 } // namespace net | 1784 } // namespace net |
| OLD | NEW |
