Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(7)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/x509_util_nss_unittest.cc

Issue 8890073: Handle Origin Bound Certificate expiration. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: review changes Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/x509_util_nss.cc ('k') | net/base/x509_util_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/x509_util.h" 5 #include "net/base/x509_util.h"
6 #include "net/base/x509_util_nss.h" 6 #include "net/base/x509_util_nss.h"
7 7
8 #include <cert.h> 8 #include <cert.h>
9 #include <secoid.h> 9 #include <secoid.h>
10 10
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 PORT_FreeArena(arena, PR_FALSE); 138 PORT_FreeArena(arena, PR_FALSE);
139 } 139 }
140 140
141 } // namespace 141 } // namespace
142 142
143 // This test creates an origin-bound cert from a RSA private key and 143 // This test creates an origin-bound cert from a RSA private key and
144 // then verifies the content of the certificate. 144 // then verifies the content of the certificate.
145 TEST(X509UtilNSSTest, CreateOriginBoundCertRSA) { 145 TEST(X509UtilNSSTest, CreateOriginBoundCertRSA) {
146 // Create a sample ASCII weborigin. 146 // Create a sample ASCII weborigin.
147 std::string origin = "http://weborigin.com:443"; 147 std::string origin = "http://weborigin.com:443";
148 base::Time now = base::Time::Now();
148 149
149 scoped_ptr<crypto::RSAPrivateKey> private_key( 150 scoped_ptr<crypto::RSAPrivateKey> private_key(
150 crypto::RSAPrivateKey::Create(1024)); 151 crypto::RSAPrivateKey::Create(1024));
151 std::string der_cert; 152 std::string der_cert;
152 ASSERT_TRUE(x509_util::CreateOriginBoundCertRSA(private_key.get(), 153 ASSERT_TRUE(x509_util::CreateOriginBoundCertRSA(
153 origin, 1, 154 private_key.get(),
154 base::TimeDelta::FromDays(1), 155 origin, 1,
155 &der_cert)); 156 now,
157 now + base::TimeDelta::FromDays(1),
158 &der_cert));
156 159
157 VerifyOriginBoundCert(origin, der_cert); 160 VerifyOriginBoundCert(origin, der_cert);
158 161
159 std::vector<uint8> spki; 162 std::vector<uint8> spki;
160 ASSERT_TRUE(private_key->ExportPublicKey(&spki)); 163 ASSERT_TRUE(private_key->ExportPublicKey(&spki));
161 VerifyCertificateSignature(der_cert, spki); 164 VerifyCertificateSignature(der_cert, spki);
162 } 165 }
163 166
164 // This test creates an origin-bound cert from an EC private key and 167 // This test creates an origin-bound cert from an EC private key and
165 // then verifies the content of the certificate. 168 // then verifies the content of the certificate.
166 TEST(X509UtilNSSTest, CreateOriginBoundCertEC) { 169 TEST(X509UtilNSSTest, CreateOriginBoundCertEC) {
167 // Create a sample ASCII weborigin. 170 // Create a sample ASCII weborigin.
168 std::string origin = "http://weborigin.com:443"; 171 std::string origin = "http://weborigin.com:443";
172 base::Time now = base::Time::Now();
169 173
170 scoped_ptr<crypto::ECPrivateKey> private_key( 174 scoped_ptr<crypto::ECPrivateKey> private_key(
171 crypto::ECPrivateKey::Create()); 175 crypto::ECPrivateKey::Create());
172 std::string der_cert; 176 std::string der_cert;
173 ASSERT_TRUE(x509_util::CreateOriginBoundCertEC(private_key.get(), 177 ASSERT_TRUE(x509_util::CreateOriginBoundCertEC(
174 origin, 1, 178 private_key.get(),
175 base::TimeDelta::FromDays(1), 179 origin, 1,
176 &der_cert)); 180 now,
181 now + base::TimeDelta::FromDays(1),
182 &der_cert));
177 183
178 VerifyOriginBoundCert(origin, der_cert); 184 VerifyOriginBoundCert(origin, der_cert);
179 185
180 #if !defined(OS_WIN) && !defined(OS_MACOSX) 186 #if !defined(OS_WIN) && !defined(OS_MACOSX)
181 // signature_verifier_win and signature_verifier_mac can't handle EC certs. 187 // signature_verifier_win and signature_verifier_mac can't handle EC certs.
182 std::vector<uint8> spki; 188 std::vector<uint8> spki;
183 ASSERT_TRUE(private_key->ExportPublicKey(&spki)); 189 ASSERT_TRUE(private_key->ExportPublicKey(&spki));
184 VerifyCertificateSignature(der_cert, spki); 190 VerifyCertificateSignature(der_cert, spki);
185 #endif 191 #endif
186 } 192 }
187 193
188 } // namespace net 194 } // namespace net
OLDNEW
« no previous file with comments | « net/base/x509_util_nss.cc ('k') | net/base/x509_util_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698