Index: net/base/x509_certificate_unittest.cc |
diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc |
index 25ddafaeb4817ab82aa552f071d18508b3fdf320..b3fe267b9f9e8a50698f47bf72bbd05754d252f7 100644 |
--- a/net/base/x509_certificate_unittest.cc |
+++ b/net/base/x509_certificate_unittest.cc |
@@ -221,19 +221,25 @@ void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert, |
google_cert->GetDNSNames(&dns_names); |
ASSERT_EQ(1U, dns_names.size()); |
EXPECT_EQ("www.google.com", dns_names[0]); |
- |
-#if TEST_EV |
- // TODO(avi): turn this on for the Mac once EV checking is implemented. |
- CertVerifyResult verify_result; |
- int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | |
- X509Certificate::VERIFY_EV_CERT; |
- EXPECT_EQ(OK, google_cert->Verify("www.google.com", flags, NULL, |
- &verify_result); |
- EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_IS_EV); |
-#endif |
wtc
2012/03/06 23:10:14
Why did you delete this #if TEST_EV block but keep
Ryan Sleevi
2012/03/10 03:09:12
Missed the other ones, but Adam has already nuked
|
} |
-TEST(X509CertificateTest, GoogleCertParsing) { |
+// TODO(rsleevi): Temporary fixture while refactoring http://crbug.com/114343 |
+class X509CertificateTest : public testing::Test { |
+ public: |
+ X509CertificateTest() {} |
+ virtual ~X509CertificateTest() {} |
+ |
+ protected: |
+ int Verify(X509Certificate* cert, |
+ const std::string& hostname, |
+ int flags, |
+ CRLSet* crl_set, |
+ CertVerifyResult* verify_result) { |
+ return cert->Verify(hostname, flags, crl_set, verify_result); |
wtc
2012/03/06 23:10:14
Why is this fixture necessary? Are you going to c
Ryan Sleevi
2012/03/10 03:09:12
To make it easier to friend this in X509Certificat
|
+ } |
+}; |
+ |
+TEST_F(X509CertificateTest, GoogleCertParsing) { |
scoped_refptr<X509Certificate> google_cert( |
X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(google_der), sizeof(google_der))); |
@@ -243,7 +249,7 @@ TEST(X509CertificateTest, GoogleCertParsing) { |
1269728407); // Mar 27 22:20:07 2010 GMT |
} |
-TEST(X509CertificateTest, WebkitCertParsing) { |
+TEST_F(X509CertificateTest, WebkitCertParsing) { |
scoped_refptr<X509Certificate> webkit_cert(X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); |
@@ -306,7 +312,7 @@ TEST(X509CertificateTest, WebkitCertParsing) { |
EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.foo.webkit.com")); |
} |
-TEST(X509CertificateTest, WithoutRevocationChecking) { |
+TEST_F(X509CertificateTest, WithoutRevocationChecking) { |
// Check that verification without revocation checking works. |
CertificateList certs = CreateCertificateListFromFile( |
GetTestCertsDirectory(), |
@@ -321,11 +327,11 @@ TEST(X509CertificateTest, WithoutRevocationChecking) { |
intermediates); |
CertVerifyResult verify_result; |
- EXPECT_EQ(OK, google_full_chain->Verify("www.google.com", 0 /* flags */, NULL, |
- &verify_result)); |
+ EXPECT_EQ(OK, Verify(google_full_chain, "www.google.com", 0 /* flags */, NULL, |
+ &verify_result)); |
} |
-TEST(X509CertificateTest, ThawteCertParsing) { |
+TEST_F(X509CertificateTest, ThawteCertParsing) { |
scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); |
@@ -376,14 +382,14 @@ TEST(X509CertificateTest, ThawteCertParsing) { |
X509Certificate::VERIFY_EV_CERT; |
CertVerifyResult verify_result; |
// EV cert verification requires revocation checking. |
- EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, NULL, |
- &verify_result); |
+ EXPECT_EQ(OK, Verify(thawte_cert, "www.thawte.com", flags, NULL, |
+ &verify_result); |
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); |
// Consequently, if we don't have revocation checking enabled, we can't claim |
// any cert is EV. |
flags = X509Certificate::VERIFY_EV_CERT; |
- EXPECT_EQ(OK, thawte_cert->Verify("www.thawte.com", flags, NULL, |
- &verify_result)); |
+ EXPECT_EQ(OK, Verify(thawte_cert, "www.thawte.com", flags, NULL, |
+ &verify_result)); |
EXPECT_FALSE(verify_result.cert_status & CERT_STATUS_IS_EV); |
#endif |
} |
@@ -392,7 +398,7 @@ TEST(X509CertificateTest, ThawteCertParsing) { |
// a single RelativeDistinguishedName is present. "Normally" there is only |
// one AVA per RDN, but some CAs place all AVAs within a single RDN. |
// This is a regression test for http://crbug.com/101009 |
-TEST(X509CertificateTest, MultivalueRDN) { |
+TEST_F(X509CertificateTest, MultivalueRDN) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> multivalue_rdn_cert = |
@@ -416,7 +422,7 @@ TEST(X509CertificateTest, MultivalueRDN) { |
// Test that characters which would normally be escaped in the string form, |
// such as '=' or '"', are not escaped when parsed as individual components. |
// This is a regression test for http://crbug.com/102839 |
-TEST(X509CertificateTest, UnescapedSpecialCharacters) { |
+TEST_F(X509CertificateTest, UnescapedSpecialCharacters) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> unescaped_cert = |
@@ -438,7 +444,7 @@ TEST(X509CertificateTest, UnescapedSpecialCharacters) { |
EXPECT_EQ(0U, subject.domain_components.size()); |
} |
-TEST(X509CertificateTest, PaypalNullCertParsing) { |
+TEST_F(X509CertificateTest, PaypalNullCertParsing) { |
scoped_refptr<X509Certificate> paypal_null_cert( |
X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(paypal_null_der), |
@@ -453,8 +459,8 @@ TEST(X509CertificateTest, PaypalNullCertParsing) { |
int flags = 0; |
CertVerifyResult verify_result; |
- int error = paypal_null_cert->Verify("www.paypal.com", flags, NULL, |
- &verify_result); |
+ int error = Verify(paypal_null_cert, "www.paypal.com", flags, NULL, |
+ &verify_result); |
#if defined(USE_OPENSSL) || defined(OS_MACOSX) || defined(OS_WIN) |
// TOOD(bulach): investigate why macosx and win aren't returning |
// ERR_CERT_INVALID or ERR_CERT_COMMON_NAME_INVALID. |
@@ -471,7 +477,7 @@ TEST(X509CertificateTest, PaypalNullCertParsing) { |
#endif |
} |
-TEST(X509CertificateTest, SerialNumbers) { |
+TEST_F(X509CertificateTest, SerialNumbers) { |
scoped_refptr<X509Certificate> google_cert( |
X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(google_der), sizeof(google_der))); |
@@ -499,7 +505,7 @@ TEST(X509CertificateTest, SerialNumbers) { |
paypal_null_serial, sizeof(paypal_null_serial)) == 0); |
} |
-TEST(X509CertificateTest, CAFingerprints) { |
+TEST_F(X509CertificateTest, CAFingerprints) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -557,7 +563,7 @@ TEST(X509CertificateTest, CAFingerprints) { |
// This certificate will expire on 2012-04-08. The test will still |
// pass if error == ERR_CERT_DATE_INVALID. TODO(wtc): generate test |
// certificates for this unit test. http://crbug.com/111742 |
-TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
+TEST_F(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -582,8 +588,8 @@ TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
int flags = 0; |
CertVerifyResult verify_result; |
- int error = cert_chain->Verify("www.us.army.mil", flags, NULL, |
- &verify_result); |
+ int error = Verify(cert_chain, "www.us.army.mil", flags, NULL, |
+ &verify_result); |
if (error == OK) { |
EXPECT_EQ(0U, verify_result.cert_status); |
} else { |
@@ -602,7 +608,7 @@ TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
// unit tests, the call to PKIXVerifyCert returns the NSS error -8180, which is |
// SEC_ERROR_REVOKED_CERTIFICATE. This indicates a lack of revocation |
// status, i.e. that the revocation check is failing for some reason. |
-TEST(X509CertificateTest, DISABLED_GlobalSignR3EVTest) { |
+TEST_F(X509CertificateTest, DISABLED_GlobalSignR3EVTest) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -622,8 +628,8 @@ TEST(X509CertificateTest, DISABLED_GlobalSignR3EVTest) { |
CertVerifyResult verify_result; |
int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | |
X509Certificate::VERIFY_EV_CERT; |
- int error = cert_chain->Verify("2029.globalsign.com", flags, NULL, |
- &verify_result); |
+ int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL, |
+ &verify_result); |
if (error == OK) |
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); |
else |
@@ -646,7 +652,7 @@ static bool IsWeakKeyType(const std::string& key_type) { |
return false; |
} |
-TEST(X509CertificateTest, RejectWeakKeys) { |
+TEST_F(X509CertificateTest, RejectWeakKeys) { |
FilePath certs_dir = GetTestCertsDirectory(); |
typedef std::vector<std::string> Strings; |
Strings key_types; |
@@ -699,7 +705,7 @@ TEST(X509CertificateTest, RejectWeakKeys) { |
intermediates); |
CertVerifyResult verify_result; |
- int error = cert_chain->Verify("127.0.0.1", 0, NULL, &verify_result); |
+ int error = Verify(cert_chain, "127.0.0.1", 0, NULL, &verify_result); |
if (IsWeakKeyType(*ee_type) || IsWeakKeyType(*signer_type)) { |
EXPECT_NE(OK, error); |
@@ -719,7 +725,7 @@ TEST(X509CertificateTest, RejectWeakKeys) { |
// The certificate will expire on 2012-07-20. The test will still |
// pass if error == ERR_CERT_DATE_INVALID. TODO(rsleevi): generate test |
// certificates for this unit test. http://crbug.com/111730 |
-TEST(X509CertificateTest, ExtraneousMD5RootCert) { |
+TEST_F(X509CertificateTest, ExtraneousMD5RootCert) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -743,8 +749,8 @@ TEST(X509CertificateTest, ExtraneousMD5RootCert) { |
CertVerifyResult verify_result; |
int flags = 0; |
- int error = cert_chain->Verify("images.etrade.wallst.com", flags, NULL, |
- &verify_result); |
+ int error = Verify(cert_chain, "images.etrade.wallst.com", flags, NULL, |
+ &verify_result); |
if (error != OK) |
EXPECT_EQ(ERR_CERT_DATE_INVALID, error); |
@@ -753,7 +759,7 @@ TEST(X509CertificateTest, ExtraneousMD5RootCert) { |
} |
// Test for bug 94673. |
-TEST(X509CertificateTest, GoogleDigiNotarTest) { |
+TEST_F(X509CertificateTest, GoogleDigiNotarTest) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -772,18 +778,18 @@ TEST(X509CertificateTest, GoogleDigiNotarTest) { |
CertVerifyResult verify_result; |
int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED; |
- int error = cert_chain->Verify("mail.google.com", flags, NULL, |
- &verify_result); |
+ int error = Verify(cert_chain, "mail.google.com", flags, NULL, |
+ &verify_result); |
EXPECT_NE(OK, error); |
// Now turn off revocation checking. Certificate verification should still |
// fail. |
flags = 0; |
- error = cert_chain->Verify("mail.google.com", flags, NULL, &verify_result); |
+ error = Verify(cert_chain, "mail.google.com", flags, NULL, &verify_result); |
EXPECT_NE(OK, error); |
} |
-TEST(X509CertificateTest, DigiNotarCerts) { |
+TEST_F(X509CertificateTest, DigiNotarCerts) { |
static const char* const kDigiNotarFilenames[] = { |
"diginotar_root_ca.pem", |
"diginotar_cyber_ca.pem", |
@@ -819,7 +825,7 @@ TEST(X509CertificateTest, DigiNotarCerts) { |
} |
// Bug 111893: This test needs a new certificate. |
-TEST(X509CertificateTest, DISABLED_TestKnownRoot) { |
+TEST_F(X509CertificateTest, DISABLED_TestKnownRoot) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> cert = |
ImportCertFromFile(certs_dir, "nist.der"); |
@@ -841,7 +847,7 @@ TEST(X509CertificateTest, DISABLED_TestKnownRoot) { |
CertVerifyResult verify_result; |
// This is going to blow up in Feb 2012. Sorry! Disable and file a bug |
// against agl. Also see PublicKeyHashes in this file. |
- int error = cert_chain->Verify("www.nist.gov", flags, NULL, &verify_result); |
+ int error = Verify(cert_chain, "www.nist.gov", flags, NULL, &verify_result); |
EXPECT_EQ(OK, error); |
EXPECT_EQ(0U, verify_result.cert_status); |
EXPECT_TRUE(verify_result.is_issued_by_known_root); |
@@ -852,7 +858,7 @@ static const char nistSPKIHash[] = |
"\x15\x60\xde\x65\x4e\x03\x9f\xd0\x08\x82" |
"\xa9\x6a\xc4\x65\x8e\x6f\x92\x06\x84\x35"; |
-TEST(X509CertificateTest, ExtractSPKIFromDERCert) { |
+TEST_F(X509CertificateTest, ExtractSPKIFromDERCert) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> cert = |
ImportCertFromFile(certs_dir, "nist.der"); |
@@ -872,7 +878,7 @@ TEST(X509CertificateTest, ExtractSPKIFromDERCert) { |
EXPECT_EQ(0, memcmp(hash, nistSPKIHash, sizeof(hash))); |
} |
-TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { |
+TEST_F(X509CertificateTest, ExtractCRLURLsFromDERCert) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> cert = |
ImportCertFromFile(certs_dir, "nist.der"); |
@@ -893,7 +899,7 @@ TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { |
} |
// Bug 111893: This test needs a new certificate. |
-TEST(X509CertificateTest, DISABLED_PublicKeyHashes) { |
+TEST_F(X509CertificateTest, DISABLED_PublicKeyHashes) { |
FilePath certs_dir = GetTestCertsDirectory(); |
// This is going to blow up in Feb 2012. Sorry! Disable and file a bug |
// against agl. Also see TestKnownRoot in this file. |
@@ -918,7 +924,7 @@ TEST(X509CertificateTest, DISABLED_PublicKeyHashes) { |
int flags = 0; |
CertVerifyResult verify_result; |
- int error = cert_chain->Verify("www.nist.gov", flags, NULL, &verify_result); |
+ int error = Verify(cert_chain, "www.nist.gov", flags, NULL, &verify_result); |
EXPECT_EQ(OK, error); |
EXPECT_EQ(0U, verify_result.cert_status); |
ASSERT_LE(2u, verify_result.public_key_hashes.size()); |
@@ -933,7 +939,7 @@ TEST(X509CertificateTest, DISABLED_PublicKeyHashes) { |
// A regression test for http://crbug.com/70293. |
// The Key Usage extension in this RSA SSL server certificate does not have |
// the keyEncipherment bit. |
-TEST(X509CertificateTest, InvalidKeyUsage) { |
+TEST_F(X509CertificateTest, InvalidKeyUsage) { |
FilePath certs_dir = GetTestCertsDirectory(); |
scoped_refptr<X509Certificate> server_cert = |
@@ -942,8 +948,8 @@ TEST(X509CertificateTest, InvalidKeyUsage) { |
int flags = 0; |
CertVerifyResult verify_result; |
- int error = server_cert->Verify("jira.aquameta.com", flags, NULL, |
- &verify_result); |
+ int error = Verify(server_cert, "jira.aquameta.com", flags, NULL, |
+ &verify_result); |
#if defined(USE_OPENSSL) |
// This certificate has two errors: "invalid key usage" and "untrusted CA". |
// However, OpenSSL returns only one (the latter), and we can't detect |
@@ -964,7 +970,7 @@ TEST(X509CertificateTest, InvalidKeyUsage) { |
// Tests X509CertificateCache via X509Certificate::CreateFromHandle. We |
// call X509Certificate::CreateFromHandle several times and observe whether |
// it returns a cached or new OSCertHandle. |
-TEST(X509CertificateTest, Cache) { |
+TEST_F(X509CertificateTest, Cache) { |
X509Certificate::OSCertHandle google_cert_handle; |
X509Certificate::OSCertHandle thawte_cert_handle; |
@@ -1011,7 +1017,7 @@ TEST(X509CertificateTest, Cache) { |
cert3->GetIntermediateCertificates().size()); |
} |
-TEST(X509CertificateTest, Pickle) { |
+TEST_F(X509CertificateTest, Pickle) { |
X509Certificate::OSCertHandle google_cert_handle = |
X509Certificate::CreateOSCertHandleFromBytes( |
reinterpret_cast<const char*>(google_der), sizeof(google_der)); |
@@ -1049,7 +1055,7 @@ TEST(X509CertificateTest, Pickle) { |
} |
} |
-TEST(X509CertificateTest, Policy) { |
+TEST_F(X509CertificateTest, Policy) { |
scoped_refptr<X509Certificate> google_cert(X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(google_der), sizeof(google_der))); |
@@ -1085,7 +1091,7 @@ TEST(X509CertificateTest, Policy) { |
EXPECT_TRUE(policy.HasDeniedCert()); |
} |
-TEST(X509CertificateTest, IntermediateCertificates) { |
+TEST_F(X509CertificateTest, IntermediateCertificates) { |
scoped_refptr<X509Certificate> webkit_cert( |
X509Certificate::CreateFromBytes( |
reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); |
@@ -1129,7 +1135,7 @@ TEST(X509CertificateTest, IntermediateCertificates) { |
// of the certificate to be verified. The remaining VerifyReturn* tests are |
// used to ensure that the actual, verified chain is being returned by |
// Verify(). |
-TEST(X509CertificateTest, VerifyReturnChainBasic) { |
+TEST_F(X509CertificateTest, VerifyReturnChainBasic) { |
FilePath certs_dir = GetTestCertsDirectory(); |
CertificateList certs = CreateCertificateListFromFile( |
certs_dir, "x509_verify_results.chain.pem", |
@@ -1150,7 +1156,7 @@ TEST(X509CertificateTest, VerifyReturnChainBasic) { |
CertVerifyResult verify_result; |
EXPECT_EQ(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
- int error = google_full_chain->Verify("127.0.0.1", 0, NULL, &verify_result); |
+ int error = Verify(google_full_chain, "127.0.0.1", 0, NULL, &verify_result); |
EXPECT_EQ(OK, error); |
ASSERT_NE(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
@@ -1174,7 +1180,7 @@ TEST(X509CertificateTest, VerifyReturnChainBasic) { |
// a protocol violation if sent during a TLS handshake, if multiple sources |
// of intermediate certificates are combined, it's possible that order may |
// not be maintained. |
-TEST(X509CertificateTest, VerifyReturnChainProperlyOrdered) { |
+TEST_F(X509CertificateTest, VerifyReturnChainProperlyOrdered) { |
FilePath certs_dir = GetTestCertsDirectory(); |
CertificateList certs = CreateCertificateListFromFile( |
certs_dir, "x509_verify_results.chain.pem", |
@@ -1196,7 +1202,7 @@ TEST(X509CertificateTest, VerifyReturnChainProperlyOrdered) { |
CertVerifyResult verify_result; |
EXPECT_EQ(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
- int error = google_full_chain->Verify("127.0.0.1", 0, NULL, &verify_result); |
+ int error = Verify(google_full_chain, "127.0.0.1", 0, NULL, &verify_result); |
EXPECT_EQ(OK, error); |
ASSERT_NE(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
@@ -1217,7 +1223,7 @@ TEST(X509CertificateTest, VerifyReturnChainProperlyOrdered) { |
// Test that Verify() filters out certificates which are not related to |
// or part of the certificate chain being verified. |
-TEST(X509CertificateTest, VerifyReturnChainFiltersUnrelatedCerts) { |
+TEST_F(X509CertificateTest, VerifyReturnChainFiltersUnrelatedCerts) { |
FilePath certs_dir = GetTestCertsDirectory(); |
CertificateList certs = CreateCertificateListFromFile( |
certs_dir, "x509_verify_results.chain.pem", |
@@ -1247,7 +1253,7 @@ TEST(X509CertificateTest, VerifyReturnChainFiltersUnrelatedCerts) { |
CertVerifyResult verify_result; |
EXPECT_EQ(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
- int error = google_full_chain->Verify("127.0.0.1", 0, NULL, &verify_result); |
+ int error = Verify(google_full_chain, "127.0.0.1", 0, NULL, &verify_result); |
EXPECT_EQ(OK, error); |
ASSERT_NE(static_cast<X509Certificate*>(NULL), verify_result.verified_cert); |
@@ -1266,7 +1272,7 @@ TEST(X509CertificateTest, VerifyReturnChainFiltersUnrelatedCerts) { |
} |
#if defined(OS_MACOSX) |
-TEST(X509CertificateTest, IsIssuedBy) { |
+TEST_F(X509CertificateTest, IsIssuedBy) { |
FilePath certs_dir = GetTestCertsDirectory(); |
// Test a client certificate from MIT. |
@@ -1315,7 +1321,7 @@ TEST(X509CertificateTest, IsIssuedBy) { |
#if defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
// This test creates a self-signed cert from a private key and then verify the |
// content of the certificate. |
-TEST(X509CertificateTest, CreateSelfSigned) { |
+TEST_F(X509CertificateTest, CreateSelfSigned) { |
scoped_ptr<crypto::RSAPrivateKey> private_key( |
crypto::RSAPrivateKey::Create(1024)); |
scoped_refptr<X509Certificate> cert = |
@@ -1422,7 +1428,7 @@ TEST(X509CertificateTest, CreateSelfSigned) { |
EXPECT_FALSE(cert->HasExpired()); |
} |
-TEST(X509CertificateTest, GetDEREncoded) { |
+TEST_F(X509CertificateTest, GetDEREncoded) { |
scoped_ptr<crypto::RSAPrivateKey> private_key( |
crypto::RSAPrivateKey::Create(1024)); |
scoped_refptr<X509Certificate> cert = |
@@ -1487,7 +1493,7 @@ static const uint8 kCRLSetGoogleSerialBlocked[] = { |
// Test that CRLSets are effective in making a certificate appear to be |
// revoked. |
-TEST(X509CertificateTest, CRLSet) { |
+TEST_F(X509CertificateTest, CRLSet) { |
CertificateList certs = CreateCertificateListFromFile( |
GetTestCertsDirectory(), |
"googlenew.chain.pem", |
@@ -1501,8 +1507,8 @@ TEST(X509CertificateTest, CRLSet) { |
intermediates); |
CertVerifyResult verify_result; |
- int error = google_full_chain->Verify( |
- "www.google.com", 0, NULL, &verify_result); |
+ int error = Verify(google_full_chain, "www.google.com", 0, NULL, |
+ &verify_result); |
EXPECT_EQ(OK, error); |
// First test blocking by SPKI. |
@@ -1512,8 +1518,8 @@ TEST(X509CertificateTest, CRLSet) { |
scoped_refptr<CRLSet> crl_set; |
ASSERT_TRUE(CRLSet::Parse(crl_set_bytes, &crl_set)); |
- error = google_full_chain->Verify( |
- "www.google.com", 0, crl_set.get(), &verify_result); |
+ error = Verify(google_full_chain, "www.google.com", 0, crl_set.get(), |
+ &verify_result); |
EXPECT_EQ(ERR_CERT_REVOKED, error); |
// Second, test revocation by serial number of a cert directly under the |
@@ -1523,8 +1529,8 @@ TEST(X509CertificateTest, CRLSet) { |
sizeof(kCRLSetThawteSerialBlocked)); |
ASSERT_TRUE(CRLSet::Parse(crl_set_bytes, &crl_set)); |
- error = google_full_chain->Verify( |
- "www.google.com", 0, crl_set.get(), &verify_result); |
+ error = Verify(google_full_chain, "www.google.com", 0, crl_set.get(), |
+ &verify_result); |
EXPECT_EQ(ERR_CERT_REVOKED, error); |
// Lastly, test revocation by serial number of a certificate not under the |
@@ -1534,8 +1540,8 @@ TEST(X509CertificateTest, CRLSet) { |
sizeof(kCRLSetGoogleSerialBlocked)); |
ASSERT_TRUE(CRLSet::Parse(crl_set_bytes, &crl_set)); |
- error = google_full_chain->Verify( |
- "www.google.com", 0, crl_set.get(), &verify_result); |
+ error = Verify(google_full_chain, "www.google.com", 0, crl_set.get(), |
+ &verify_result); |
EXPECT_EQ(ERR_CERT_REVOKED, error); |
} |
#endif |
@@ -1823,7 +1829,8 @@ void PrintTo(const WeakDigestTestData& data, std::ostream* os) { |
} |
class X509CertificateWeakDigestTest |
- : public testing::TestWithParam<WeakDigestTestData> { |
+ : public X509CertificateTest, |
+ public testing::WithParamInterface<WeakDigestTestData> { |
public: |
X509CertificateWeakDigestTest() {} |
@@ -1860,7 +1867,7 @@ TEST_P(X509CertificateWeakDigestTest, Verify) { |
int flags = 0; |
CertVerifyResult verify_result; |
- int rv = ee_chain->Verify("127.0.0.1", flags, NULL, &verify_result); |
+ int rv = Verify(ee_chain, "127.0.0.1", flags, NULL, &verify_result); |
EXPECT_EQ(data.expected_has_md5, verify_result.has_md5); |
EXPECT_EQ(data.expected_has_md4, verify_result.has_md4); |
EXPECT_EQ(data.expected_has_md2, verify_result.has_md2); |