Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(178)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_verify_proc_unittest.cc

Issue 1987793002: Remove Windows Vista/XP specific code from net/cert and net/ssl. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/cert/test_root_certs_win.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc.h" 5 #include "net/cert/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after
303 certs[0]->os_cert_handle(), intermediates); 303 certs[0]->os_cert_handle(), intermediates);
304 304
305 int flags = 0; 305 int flags = 0;
306 CertVerifyResult verify_result; 306 CertVerifyResult verify_result;
307 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, 307 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_,
308 &verify_result); 308 &verify_result);
309 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); 309 EXPECT_EQ(ERR_CERT_DATE_INVALID, error);
310 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_DATE_INVALID); 310 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_DATE_INVALID);
311 } 311 }
312 312
313 // Test that verifying an ECDSA certificate doesn't crash on XP. (See
314 // crbug.com/144466).
315 TEST_F(CertVerifyProcTest, ECDSA_RSA) {
316 base::FilePath certs_dir = GetTestCertsDirectory();
317
318 scoped_refptr<X509Certificate> cert =
319 ImportCertFromFile(certs_dir,
320 "prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem");
321
322 CertVerifyResult verify_result;
323 Verify(cert.get(), "127.0.0.1", 0, NULL, empty_cert_list_, &verify_result);
324
325 // We don't check verify_result because the certificate is signed by an
326 // unknown CA and will be considered invalid on XP because of the ECDSA
327 // public key.
328 }
329
330 // Currently, only RSA and DSA keys are checked for weakness, and our example 313 // Currently, only RSA and DSA keys are checked for weakness, and our example
331 // weak size is 768. These could change in the future. 314 // weak size is 768. These could change in the future.
332 // 315 //
333 // Note that this means there may be false negatives: keys for other 316 // Note that this means there may be false negatives: keys for other
334 // algorithms and which are weak will pass this test. 317 // algorithms and which are weak will pass this test.
335 static bool IsWeakKeyType(const std::string& key_type) { 318 static bool IsWeakKeyType(const std::string& key_type) {
336 size_t pos = key_type.find("-"); 319 size_t pos = key_type.find("-");
337 std::string size = key_type.substr(0, pos); 320 std::string size = key_type.substr(0, pos);
338 std::string type = key_type.substr(pos + 1); 321 std::string type = key_type.substr(pos + 1);
339 322
(...skipping 1360 matching lines...) Expand 10 before | Expand all | Expand 10 after
1700 int flags = 0; 1683 int flags = 0;
1701 CertVerifyResult verify_result; 1684 CertVerifyResult verify_result;
1702 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, 1685 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_,
1703 &verify_result); 1686 &verify_result);
1704 EXPECT_EQ(ERR_CERT_INVALID, error); 1687 EXPECT_EQ(ERR_CERT_INVALID, error);
1705 EXPECT_EQ(CERT_STATUS_INVALID, verify_result.cert_status); 1688 EXPECT_EQ(CERT_STATUS_INVALID, verify_result.cert_status);
1706 } 1689 }
1707 #endif // defined(OS_MACOSX) && !defined(OS_IOS) 1690 #endif // defined(OS_MACOSX) && !defined(OS_IOS)
1708 1691
1709 } // namespace net 1692 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/cert/test_root_certs_win.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698