Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Side by Side Diff: net/base/x509_certificate_unittest.cc

Issue 9950065: Properly parse IPv6 subjectAltNames when USE_OPENSSL is set (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Pedantry Created 8 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/x509_certificate_openssl.cc ('k') | net/data/ssl/certificates/README » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/file_path.h" 5 #include "base/file_path.h"
6 #include "base/memory/scoped_ptr.h" 6 #include "base/memory/scoped_ptr.h"
7 #include "base/pickle.h" 7 #include "base/pickle.h"
8 #include "base/sha1.h" 8 #include "base/sha1.h"
9 #include "base/string_number_conversions.h" 9 #include "base/string_number_conversions.h"
10 #include "base/string_split.h" 10 #include "base/string_split.h"
(...skipping 420 matching lines...) Expand 10 before | Expand all | Expand 10 after
431 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09 431 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09
432 }; 432 };
433 EXPECT_TRUE(memcmp(cert_chain1->ca_fingerprint().data, 433 EXPECT_TRUE(memcmp(cert_chain1->ca_fingerprint().data,
434 cert_chain1_ca_fingerprint, 20) == 0); 434 cert_chain1_ca_fingerprint, 20) == 0);
435 EXPECT_TRUE(memcmp(cert_chain2->ca_fingerprint().data, 435 EXPECT_TRUE(memcmp(cert_chain2->ca_fingerprint().data,
436 cert_chain2_ca_fingerprint, 20) == 0); 436 cert_chain2_ca_fingerprint, 20) == 0);
437 EXPECT_TRUE(memcmp(cert_chain3->ca_fingerprint().data, 437 EXPECT_TRUE(memcmp(cert_chain3->ca_fingerprint().data,
438 cert_chain3_ca_fingerprint, 20) == 0); 438 cert_chain3_ca_fingerprint, 20) == 0);
439 } 439 }
440 440
441 TEST(X509CertificateTest, ParseSubjectAltNames) {
442 FilePath certs_dir = GetTestCertsDirectory();
443
444 scoped_refptr<X509Certificate> san_cert =
445 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem");
446 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert);
447
448 std::vector<std::string> dns_names;
449 std::vector<std::string> ip_addresses;
450 san_cert->GetSubjectAltName(&dns_names, &ip_addresses);
451
452 // Ensure that DNS names are correctly parsed.
453 ASSERT_EQ(1U, dns_names.size());
454 EXPECT_EQ("test.example", dns_names[0]);
455
456 // Ensure that both IPv4 and IPv6 addresses are correctly parsed.
457 ASSERT_EQ(2U, ip_addresses.size());
458
459 static const unsigned char kIPv4Address[] = {
agl 2012/04/03 10:41:22 s/unsigned char/uint8 ?
Ryan Sleevi 2012/04/03 17:17:18 Done. Since this file was a mixed of unsigned char
460 0x7F, 0x00, 0x00, 0x02
461 };
462 ASSERT_EQ(arraysize(kIPv4Address), ip_addresses[0].size());
463 EXPECT_EQ(0, memcmp(ip_addresses[0].data(), kIPv4Address,
464 arraysize(kIPv4Address)));
465
466 static const unsigned char kIPv6Address[] = {
agl 2012/04/03 10:41:22 ditto
467 0xFE, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
468 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
469 };
470 ASSERT_EQ(arraysize(kIPv6Address), ip_addresses[1].size());
471 EXPECT_EQ(0, memcmp(ip_addresses[1].data(), kIPv6Address,
472 arraysize(kIPv6Address)));
473
474 // Ensure the subjectAltName dirName has not influenced the handling of
475 // the subject commonName.
476 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name);
477 }
478
441 TEST(X509CertificateTest, ExtractSPKIFromDERCert) { 479 TEST(X509CertificateTest, ExtractSPKIFromDERCert) {
442 FilePath certs_dir = GetTestCertsDirectory(); 480 FilePath certs_dir = GetTestCertsDirectory();
443 scoped_refptr<X509Certificate> cert = 481 scoped_refptr<X509Certificate> cert =
444 ImportCertFromFile(certs_dir, "nist.der"); 482 ImportCertFromFile(certs_dir, "nist.der");
445 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); 483 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert);
446 484
447 std::string derBytes; 485 std::string derBytes;
448 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), 486 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(),
449 &derBytes)); 487 &derBytes));
450 488
(...skipping 614 matching lines...) Expand 10 before | Expand all | Expand 10 after
1065 } 1103 }
1066 1104
1067 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname( 1105 EXPECT_EQ(test_data.expected, X509Certificate::VerifyHostname(
1068 test_data.hostname, common_name, dns_names, ip_addressses)); 1106 test_data.hostname, common_name, dns_names, ip_addressses));
1069 } 1107 }
1070 1108
1071 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest, 1109 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest,
1072 testing::ValuesIn(kNameVerifyTestData)); 1110 testing::ValuesIn(kNameVerifyTestData));
1073 1111
1074 } // namespace net 1112 } // namespace net
OLDNEW
« no previous file with comments | « net/base/x509_certificate_openssl.cc ('k') | net/data/ssl/certificates/README » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698