net/cert/internal/verify_certificate_chain_pkits_unittest.cc - Issue 1923433002: Certificate path builder for new certificate verification library

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/internal/verify_certificate_chain_pkits_unittest.cc

Issue 1923433002: Certificate path builder for new certificate verification library (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: changes for comment #16 Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/cert/internal/verify_certificate_chain.h ('K') | « net/cert/internal/verify_certificate_chain.cc ('k') | net/cert/internal/verify_certificate_chain_typed_unittest.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/cert/internal/verify_certificate_chain_pkits_unittest.cc

diff --git a/net/cert/internal/verify_certificate_chain_pkits_unittest.cc b/net/cert/internal/verify_certificate_chain_pkits_unittest.cc

index 4c543f46baba31fffd125ddd57299cf5720f75ea..33a11562ad1be4593e1c78cfd488b937bb564ea2 100644

--- a/net/cert/internal/verify_certificate_chain_pkits_unittest.cc

+++ b/net/cert/internal/verify_certificate_chain_pkits_unittest.cc

@@ -52,35 +52,30 @@ class VerifyCertificateChainPkitsTestDelegate {

ADD_FAILURE() << "cert_ders is empty";

return false;

}

- // First entry in the PKITS chain is the trust anchor.

- TrustStore trust_store;

- scoped_refptr<ParsedCertificate> anchor(

- ParsedCertificate::CreateFromCertificateCopy(cert_ders[0], {}));

- EXPECT_TRUE(anchor);

- if (anchor)

- trust_store.AddTrustedCertificate(std::move(anchor));

// PKITS lists chains from trust anchor to target, VerifyCertificateChain

// takes them starting with the target and not including the trust anchor.

std::vector<scoped_refptr<net::ParsedCertificate>> input_chain;

- for (size_t i = cert_ders.size() - 1; i > 0; --i) {

+ for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) {

if (!net::ParsedCertificate::CreateAndAddToVector(

- reinterpret_cast<const uint8_t*>(cert_ders[i].data()),

- cert_ders[i].size(),

+ reinterpret_cast<const uint8_t*>(i->data()), i->size(),

net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {},

&input_chain)) {

- ADD_FAILURE() << "cert " << i << " failed to parse";

+ ADD_FAILURE() << "cert failed to parse";

return false;

}

+ TrustStore trust_store;

+ trust_store.AddTrustedCertificate(input_chain.back());

SimpleSignaturePolicy signature_policy(1024);

// Run all tests at the time the PKITS was published.

der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0};

- return VerifyCertificateChain(input_chain, trust_store, &signature_policy,

- time, nullptr);

+ return VerifyCertificateChainAssumingTrustedRoot(input_chain, trust_store,

+ &signature_policy, time);

}

};