Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(256)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/nss_profile_filter_chromeos_unittest.cc

Issue 2000503002: Remove the fingerprint and ca_fingerprint from X509Certificate (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@move_cache
Patch Set: Feedback Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« ios/web/net/cert_host_pair.h ('K') | « net/cert/nss_cert_database_unittest.cc ('k') | net/cert/x509_certificate.h » ('j') | net/cert/x509_certificate.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/nss_profile_filter_chromeos.h" 5 #include "net/cert/nss_profile_filter_chromeos.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 #include <secmod.h> 9 #include <secmod.h>
10
11 #include <algorithm>
10 #include <utility> 12 #include <utility>
11 13
12 #include "crypto/nss_util_internal.h" 14 #include "crypto/nss_util_internal.h"
13 #include "crypto/scoped_nss_types.h" 15 #include "crypto/scoped_nss_types.h"
14 #include "crypto/scoped_test_nss_chromeos_user.h" 16 #include "crypto/scoped_test_nss_chromeos_user.h"
15 #include "crypto/scoped_test_nss_db.h" 17 #include "crypto/scoped_test_nss_db.h"
18 #include "net/base/hash_value.h"
16 #include "net/base/test_data_directory.h" 19 #include "net/base/test_data_directory.h"
17 #include "net/test/cert_test_util.h" 20 #include "net/test/cert_test_util.h"
18 #include "testing/gtest/include/gtest/gtest.h" 21 #include "testing/gtest/include/gtest/gtest.h"
19 22
20 namespace net { 23 namespace net {
21 24
22 namespace { 25 namespace {
23 26
24 crypto::ScopedPK11Slot GetRootCertsSlot() { 27 crypto::ScopedPK11Slot GetRootCertsSlot() {
25 crypto::AutoSECMODListReadLock auto_lock; 28 crypto::AutoSECMODListReadLock auto_lock;
(...skipping 16 matching lines...) Expand all
42 CERTCertList* cert_list = PK11_ListCertsInSlot(slot); 45 CERTCertList* cert_list = PK11_ListCertsInSlot(slot);
43 for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list); 46 for (CERTCertListNode* node = CERT_LIST_HEAD(cert_list);
44 !CERT_LIST_END(node, cert_list); 47 !CERT_LIST_END(node, cert_list);
45 node = CERT_LIST_NEXT(node)) { 48 node = CERT_LIST_NEXT(node)) {
46 result.push_back(X509Certificate::CreateFromHandle( 49 result.push_back(X509Certificate::CreateFromHandle(
47 node->cert, X509Certificate::OSCertHandles())); 50 node->cert, X509Certificate::OSCertHandles()));
48 } 51 }
49 CERT_DestroyCertList(cert_list); 52 CERT_DestroyCertList(cert_list);
50 53
51 // Sort the result so that test comparisons can be deterministic. 54 // Sort the result so that test comparisons can be deterministic.
52 std::sort(result.begin(), result.end(), X509Certificate::LessThan()); 55 std::sort(
eroman 2016/06/09 22:18:25 Consider extracting this to something like net/tes
Ryan Sleevi 2016/06/09 22:59:36 Yeah, I opted for duplication as a discouragement
56 result.begin(), result.end(),
57 [](const scoped_refptr<X509Certificate>& lhs,
58 const scoped_refptr<X509Certificate>& rhs) {
59 return SHA256HashValueLessThan()(
60 X509Certificate::CalculateFingerprint256(lhs->os_cert_handle()),
61 X509Certificate::CalculateFingerprint256(rhs->os_cert_handle()));
62 });
53 return result; 63 return result;
54 } 64 }
55 65
56 } 66 }
57 67
58 class NSSProfileFilterChromeOSTest : public testing::Test { 68 class NSSProfileFilterChromeOSTest : public testing::Test {
59 public: 69 public:
60 NSSProfileFilterChromeOSTest() : user_1_("user1"), user_2_("user2") {} 70 NSSProfileFilterChromeOSTest() : user_1_("user1"), user_2_("user2") {}
61 71
62 void SetUp() override { 72 void SetUp() override {
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after
210 EXPECT_TRUE(profile_filter_1_.IsCertAllowed(system_cert->os_cert_handle())); 220 EXPECT_TRUE(profile_filter_1_.IsCertAllowed(system_cert->os_cert_handle()));
211 EXPECT_TRUE( 221 EXPECT_TRUE(
212 profile_filter_1_copy_.IsCertAllowed(system_cert->os_cert_handle())); 222 profile_filter_1_copy_.IsCertAllowed(system_cert->os_cert_handle()));
213 223
214 EXPECT_FALSE(profile_filter_2_.IsCertAllowed(cert_1->os_cert_handle())); 224 EXPECT_FALSE(profile_filter_2_.IsCertAllowed(cert_1->os_cert_handle()));
215 EXPECT_TRUE(profile_filter_2_.IsCertAllowed(cert_2->os_cert_handle())); 225 EXPECT_TRUE(profile_filter_2_.IsCertAllowed(cert_2->os_cert_handle()));
216 EXPECT_FALSE(profile_filter_2_.IsCertAllowed(system_cert->os_cert_handle())); 226 EXPECT_FALSE(profile_filter_2_.IsCertAllowed(system_cert->os_cert_handle()));
217 } 227 }
218 228
219 } // namespace net 229 } // namespace net
OLDNEW
« ios/web/net/cert_host_pair.h ('K') | « net/cert/nss_cert_database_unittest.cc ('k') | net/cert/x509_certificate.h » ('j') | net/cert/x509_certificate.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698