| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc.h" | 5 #include "net/cert/cert_verify_proc.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| (...skipping 610 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 621 for (size_t i = 0; i < arraysize(tests); ++i) { | 621 for (size_t i = 0; i < arraysize(tests); ++i) { |
| 622 scoped_refptr<X509Certificate> certificate = | 622 scoped_refptr<X509Certificate> certificate = |
| 623 ImportCertFromFile(certs_dir, tests[i].file); | 623 ImportCertFromFile(certs_dir, tests[i].file); |
| 624 SCOPED_TRACE(tests[i].file); | 624 SCOPED_TRACE(tests[i].file); |
| 625 ASSERT_TRUE(certificate); | 625 ASSERT_TRUE(certificate); |
| 626 EXPECT_EQ(tests[i].is_valid_too_long, | 626 EXPECT_EQ(tests[i].is_valid_too_long, |
| 627 CertVerifyProc::HasTooLongValidity(*certificate)); | 627 CertVerifyProc::HasTooLongValidity(*certificate)); |
| 628 } | 628 } |
| 629 } | 629 } |
| 630 | 630 |
| 631 TEST_F(CertVerifyProcTest, TestKnownRoot) { | 631 // TODO(crbug.com/610546): Fix and re-enable this test. |
| 632 TEST_F(CertVerifyProcTest, DISABLED_TestKnownRoot) { |
| 632 if (!SupportsDetectingKnownRoots()) { | 633 if (!SupportsDetectingKnownRoots()) { |
| 633 LOG(INFO) << "Skipping this test on this platform."; | 634 LOG(INFO) << "Skipping this test on this platform."; |
| 634 return; | 635 return; |
| 635 } | 636 } |
| 636 | 637 |
| 637 base::FilePath certs_dir = GetTestCertsDirectory(); | 638 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 638 CertificateList certs = CreateCertificateListFromFile( | 639 CertificateList certs = CreateCertificateListFromFile( |
| 639 certs_dir, "twitter-chain.pem", X509Certificate::FORMAT_AUTO); | 640 certs_dir, "twitter-chain.pem", X509Certificate::FORMAT_AUTO); |
| 640 ASSERT_EQ(3U, certs.size()); | 641 ASSERT_EQ(3U, certs.size()); |
| 641 | 642 |
| 642 X509Certificate::OSCertHandles intermediates; | 643 X509Certificate::OSCertHandles intermediates; |
| 643 intermediates.push_back(certs[1]->os_cert_handle()); | 644 intermediates.push_back(certs[1]->os_cert_handle()); |
| 644 | 645 |
| 645 scoped_refptr<X509Certificate> cert_chain = | 646 scoped_refptr<X509Certificate> cert_chain = |
| 646 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), | 647 X509Certificate::CreateFromHandle(certs[0]->os_cert_handle(), |
| 647 intermediates); | 648 intermediates); |
| 648 | 649 |
| 649 int flags = 0; | 650 int flags = 0; |
| 650 CertVerifyResult verify_result; | 651 CertVerifyResult verify_result; |
| 651 // This will blow up, May 9th, 2016. Sorry! Please disable and file a bug | 652 // This will blow up, May 9th, 2016. Sorry! Please disable and file a bug |
| 652 // against agl. See also PublicKeyHashes. | 653 // against agl. See also PublicKeyHashes. |
| 653 int error = Verify(cert_chain.get(), "twitter.com", flags, NULL, | 654 int error = Verify(cert_chain.get(), "twitter.com", flags, NULL, |
| 654 empty_cert_list_, &verify_result); | 655 empty_cert_list_, &verify_result); |
| 655 EXPECT_EQ(OK, error); | 656 EXPECT_EQ(OK, error); |
| 656 EXPECT_TRUE(verify_result.is_issued_by_known_root); | 657 EXPECT_TRUE(verify_result.is_issued_by_known_root); |
| 657 } | 658 } |
| 658 | 659 |
| 659 TEST_F(CertVerifyProcTest, PublicKeyHashes) { | 660 // TODO(crbug.com/610546): Fix and re-enable this test. |
| 661 TEST_F(CertVerifyProcTest, DISABLED_PublicKeyHashes) { |
| 660 if (!SupportsReturningVerifiedChain()) { | 662 if (!SupportsReturningVerifiedChain()) { |
| 661 LOG(INFO) << "Skipping this test in this platform."; | 663 LOG(INFO) << "Skipping this test in this platform."; |
| 662 return; | 664 return; |
| 663 } | 665 } |
| 664 | 666 |
| 665 base::FilePath certs_dir = GetTestCertsDirectory(); | 667 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 666 CertificateList certs = CreateCertificateListFromFile( | 668 CertificateList certs = CreateCertificateListFromFile( |
| 667 certs_dir, "twitter-chain.pem", X509Certificate::FORMAT_AUTO); | 669 certs_dir, "twitter-chain.pem", X509Certificate::FORMAT_AUTO); |
| 668 ASSERT_EQ(3U, certs.size()); | 670 ASSERT_EQ(3U, certs.size()); |
| 669 | 671 |
| (...skipping 1002 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1672 int flags = 0; | 1674 int flags = 0; |
| 1673 CertVerifyResult verify_result; | 1675 CertVerifyResult verify_result; |
| 1674 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, | 1676 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, |
| 1675 &verify_result); | 1677 &verify_result); |
| 1676 EXPECT_EQ(ERR_CERT_INVALID, error); | 1678 EXPECT_EQ(ERR_CERT_INVALID, error); |
| 1677 EXPECT_EQ(CERT_STATUS_INVALID, verify_result.cert_status); | 1679 EXPECT_EQ(CERT_STATUS_INVALID, verify_result.cert_status); |
| 1678 } | 1680 } |
| 1679 #endif // defined(OS_MACOSX) && !defined(OS_IOS) | 1681 #endif // defined(OS_MACOSX) && !defined(OS_IOS) |
| 1680 | 1682 |
| 1681 } // namespace net | 1683 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1962363002:
Disable CertVerifyProcTest TestKnownRoot and PublicKeyHashes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@2704