Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(183)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_util_nss_unittest.cc

Issue 8890073: Handle Origin Bound Certificate expiration. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/x509_util.h ('K') | « net/base/x509_util_nss.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_util.h" 5 #include "net/base/x509_util.h"
6 #include "net/base/x509_util_nss.h" 6 #include "net/base/x509_util_nss.h"
7 7
8 #include <cert.h> 8 #include <cert.h>
9 #include <secoid.h> 9 #include <secoid.h>
10 10
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after
142 142
143 // This test creates an origin-bound cert from a RSA private key and 143 // This test creates an origin-bound cert from a RSA private key and
144 // then verifies the content of the certificate. 144 // then verifies the content of the certificate.
145 TEST(X509UtilNSSTest, CreateOriginBoundCertRSA) { 145 TEST(X509UtilNSSTest, CreateOriginBoundCertRSA) {
146 // Create a sample ASCII weborigin. 146 // Create a sample ASCII weborigin.
147 std::string origin = "http://weborigin.com:443"; 147 std::string origin = "http://weborigin.com:443";
148 148
149 scoped_ptr<crypto::RSAPrivateKey> private_key( 149 scoped_ptr<crypto::RSAPrivateKey> private_key(
150 crypto::RSAPrivateKey::Create(1024)); 150 crypto::RSAPrivateKey::Create(1024));
151 std::string der_cert; 151 std::string der_cert;
152 ASSERT_TRUE(x509_util::CreateOriginBoundCertRSA(private_key.get(), 152 ASSERT_TRUE(x509_util::CreateOriginBoundCertRSA(
153 origin, 1, 153 private_key.get(),
154 base::TimeDelta::FromDays(1), 154 origin, 1,
155 &der_cert)); 155 base::Time::Now() + base::TimeDelta::FromDays(1),
156 &der_cert));
156 157
157 VerifyOriginBoundCert(origin, der_cert); 158 VerifyOriginBoundCert(origin, der_cert);
158 159
159 std::vector<uint8> spki; 160 std::vector<uint8> spki;
160 ASSERT_TRUE(private_key->ExportPublicKey(&spki)); 161 ASSERT_TRUE(private_key->ExportPublicKey(&spki));
161 VerifyCertificateSignature(der_cert, spki); 162 VerifyCertificateSignature(der_cert, spki);
162 } 163 }
163 164
164 // This test creates an origin-bound cert from an EC private key and 165 // This test creates an origin-bound cert from an EC private key and
165 // then verifies the content of the certificate. 166 // then verifies the content of the certificate.
166 TEST(X509UtilNSSTest, CreateOriginBoundCertEC) { 167 TEST(X509UtilNSSTest, CreateOriginBoundCertEC) {
167 // Create a sample ASCII weborigin. 168 // Create a sample ASCII weborigin.
168 std::string origin = "http://weborigin.com:443"; 169 std::string origin = "http://weborigin.com:443";
169 170
170 scoped_ptr<crypto::ECPrivateKey> private_key( 171 scoped_ptr<crypto::ECPrivateKey> private_key(
171 crypto::ECPrivateKey::Create()); 172 crypto::ECPrivateKey::Create());
172 std::string der_cert; 173 std::string der_cert;
173 ASSERT_TRUE(x509_util::CreateOriginBoundCertEC(private_key.get(), 174 ASSERT_TRUE(x509_util::CreateOriginBoundCertEC(
174 origin, 1, 175 private_key.get(),
175 base::TimeDelta::FromDays(1), 176 origin, 1,
176 &der_cert)); 177 base::Time::Now() + base::TimeDelta::FromDays(1),
178 &der_cert));
177 179
178 VerifyOriginBoundCert(origin, der_cert); 180 VerifyOriginBoundCert(origin, der_cert);
179 181
180 #if !defined(OS_WIN) && !defined(OS_MACOSX) 182 #if !defined(OS_WIN) && !defined(OS_MACOSX)
181 // signature_verifier_win and signature_verifier_mac can't handle EC certs. 183 // signature_verifier_win and signature_verifier_mac can't handle EC certs.
182 std::vector<uint8> spki; 184 std::vector<uint8> spki;
183 ASSERT_TRUE(private_key->ExportPublicKey(&spki)); 185 ASSERT_TRUE(private_key->ExportPublicKey(&spki));
184 VerifyCertificateSignature(der_cert, spki); 186 VerifyCertificateSignature(der_cert, spki);
185 #endif 187 #endif
186 } 188 }
187 189
188 } // namespace net 190 } // namespace net
OLDNEW
« net/base/x509_util.h ('K') | « net/base/x509_util_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698