OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/files/file_path.h" | 5 #include "base/files/file_path.h" |
6 #include "net/base/ip_endpoint.h" | 6 #include "net/base/ip_endpoint.h" |
7 #include "net/base/net_errors.h" | 7 #include "net/base/net_errors.h" |
8 #include "net/base/test_completion_callback.h" | 8 #include "net/base/test_completion_callback.h" |
9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
10 #include "net/cert/cert_status_flags.h" | 10 #include "net/cert/cert_status_flags.h" |
(...skipping 376 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
387 // same server_config. | 387 // same server_config. |
388 vector<string> signatures(3); | 388 vector<string> signatures(3); |
389 signatures[0].assign(reinterpret_cast<const char*>(signature_data_0), | 389 signatures[0].assign(reinterpret_cast<const char*>(signature_data_0), |
390 sizeof(signature_data_0)); | 390 sizeof(signature_data_0)); |
391 signatures[1].assign(reinterpret_cast<const char*>(signature_data_1), | 391 signatures[1].assign(reinterpret_cast<const char*>(signature_data_1), |
392 sizeof(signature_data_1)); | 392 sizeof(signature_data_1)); |
393 signatures[2].assign(reinterpret_cast<const char*>(signature_data_2), | 393 signatures[2].assign(reinterpret_cast<const char*>(signature_data_2), |
394 sizeof(signature_data_2)); | 394 sizeof(signature_data_2)); |
395 | 395 |
396 for (size_t i = 0; i < signatures.size(); i++) { | 396 for (size_t i = 0; i < signatures.size(); i++) { |
397 LOG(ERROR) << "====================" << i << "======================"; | |
398 const string& signature = signatures[i]; | 397 const string& signature = signatures[i]; |
399 | 398 |
400 LOG(ERROR) << "=================== expect ok ====================="; | |
401 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 399 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
402 chlo_hash, certs, signature, true); | 400 chlo_hash, certs, signature, true); |
403 LOG(ERROR) << "=================== hose_name = foo.com ============="; | |
404 RunVerification(verifier.get(), "foo.com", port, server_config, | 401 RunVerification(verifier.get(), "foo.com", port, server_config, |
405 quic_version, chlo_hash, certs, signature, false); | 402 quic_version, chlo_hash, certs, signature, false); |
406 LOG(ERROR) << "================== server_config ===================="; | |
407 RunVerification(verifier.get(), hostname, port, | 403 RunVerification(verifier.get(), hostname, port, |
408 server_config.substr(1, string::npos), quic_version, | 404 server_config.substr(1, string::npos), quic_version, |
409 chlo_hash, certs, signature, false); | 405 chlo_hash, certs, signature, false); |
410 | 406 |
411 // An ECDSA signature is DER-encoded. Corrupt the last byte so that the | 407 // An ECDSA signature is DER-encoded. Corrupt the last byte so that the |
412 // signature can still be DER-decoded correctly. | 408 // signature can still be DER-decoded correctly. |
413 string corrupt_signature = signature; | 409 string corrupt_signature = signature; |
414 corrupt_signature[corrupt_signature.size() - 1] += 1; | 410 corrupt_signature[corrupt_signature.size() - 1] += 1; |
415 LOG(ERROR) << "================= corrupt signature ======================="; | |
416 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 411 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
417 chlo_hash, certs, corrupt_signature, false); | 412 chlo_hash, certs, corrupt_signature, false); |
418 | 413 |
419 // Prepending a "1" makes the DER invalid. | 414 // Prepending a "1" makes the DER invalid. |
420 const string bad_der_signature1 = "1" + signature; | 415 const string bad_der_signature1 = "1" + signature; |
421 LOG(ERROR) << "=========================bad der signature ==============="; | |
422 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 416 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
423 chlo_hash, certs, bad_der_signature1, false); | 417 chlo_hash, certs, bad_der_signature1, false); |
424 | 418 |
425 vector<string> wrong_certs; | 419 vector<string> wrong_certs; |
426 for (size_t i = 1; i < certs.size(); i++) { | 420 for (size_t i = 1; i < certs.size(); i++) { |
427 wrong_certs.push_back(certs[i]); | 421 wrong_certs.push_back(certs[i]); |
428 } | 422 } |
429 LOG(ERROR) << "==================== wrong certs ========================="; | |
430 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 423 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
431 chlo_hash, wrong_certs, signature, false); | 424 chlo_hash, wrong_certs, signature, false); |
432 } | 425 } |
433 } | 426 } |
434 | 427 |
435 } // namespace test | 428 } // namespace test |
436 } // namespace net | 429 } // namespace net |
OLD | NEW |