Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(288)

Side by Side Diff: net/cert/cert_verify_proc_unittest.cc

Issue 20628006: Reject certificates that are valid for too long. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: "Manual rebase" due to age. Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc.h" 5 #include "net/cert/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 597 matching lines...) Expand 10 before | Expand all | Expand 10 after
608 "test.example.com", 608 "test.example.com",
609 flags, 609 flags,
610 NULL, 610 NULL,
611 empty_cert_list_, 611 empty_cert_list_,
612 &verify_result); 612 &verify_result);
613 EXPECT_EQ(ERR_CERT_NAME_CONSTRAINT_VIOLATION, error); 613 EXPECT_EQ(ERR_CERT_NAME_CONSTRAINT_VIOLATION, error);
614 EXPECT_EQ(CERT_STATUS_NAME_CONSTRAINT_VIOLATION, 614 EXPECT_EQ(CERT_STATUS_NAME_CONSTRAINT_VIOLATION,
615 verify_result.cert_status & CERT_STATUS_NAME_CONSTRAINT_VIOLATION); 615 verify_result.cert_status & CERT_STATUS_NAME_CONSTRAINT_VIOLATION);
616 } 616 }
617 617
618 TEST_F(CertVerifyProcTest, TestHasTooLongValidity) {
619 base::FilePath certs_dir = GetTestCertsDirectory();
620 scoped_refptr<X509Certificate> ok_cert =
621 ImportCertFromFile(certs_dir, "ok_cert.pem");
622 EXPECT_TRUE(CertVerifyProc::HasTooLongValidity(*ok_cert));
623
624 scoped_refptr<X509Certificate> compliant_cert =
625 ImportCertFromFile(certs_dir, "br-compliant-validity.pem");
626 EXPECT_FALSE(CertVerifyProc::HasTooLongValidity(*compliant_cert));
627 }
628
629 // The certse.pem certificate has been revoked. crbug.com/259723.
618 TEST_F(CertVerifyProcTest, TestKnownRoot) { 630 TEST_F(CertVerifyProcTest, TestKnownRoot) {
619 if (!SupportsDetectingKnownRoots()) { 631 if (!SupportsDetectingKnownRoots()) {
620 LOG(INFO) << "Skipping this test in this platform."; 632 LOG(INFO) << "Skipping this test in this platform.";
621 return; 633 return;
622 } 634 }
623 635
624 base::FilePath certs_dir = GetTestCertsDirectory(); 636 base::FilePath certs_dir = GetTestCertsDirectory();
625 CertificateList certs = CreateCertificateListFromFile( 637 CertificateList certs = CreateCertificateListFromFile(
626 certs_dir, "satveda.pem", X509Certificate::FORMAT_AUTO); 638 certs_dir, "satveda.pem", X509Certificate::FORMAT_AUTO);
627 ASSERT_EQ(2U, certs.size()); 639 ASSERT_EQ(2U, certs.size());
(...skipping 942 matching lines...) Expand 10 before | Expand all | Expand 10 after
1570 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID); 1582 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_COMMON_NAME_INVALID);
1571 } 1583 }
1572 } 1584 }
1573 1585
1574 WRAPPED_INSTANTIATE_TEST_CASE_P( 1586 WRAPPED_INSTANTIATE_TEST_CASE_P(
1575 VerifyName, 1587 VerifyName,
1576 CertVerifyProcNameTest, 1588 CertVerifyProcNameTest,
1577 testing::ValuesIn(kVerifyNameData)); 1589 testing::ValuesIn(kVerifyNameData));
1578 1590
1579 } // namespace net 1591 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698