Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(459)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_certificate_chain_unittest.cc

Issue 2078653002: Add an out parameter to VerifyCertificateChain for retrieving the trusted chain. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed nit Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/verify_certificate_chain_pkits_unittest.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_certificate_chain.h" 5 #include "net/cert/internal/verify_certificate_chain.h"
6 6
7 #include "base/base_paths.h" 7 #include "base/base_paths.h"
8 #include "base/files/file_util.h" 8 #include "base/files/file_util.h"
9 #include "base/path_service.h" 9 #include "base/path_service.h"
10 #include "base/strings/string_split.h" 10 #include "base/strings/string_split.h"
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
107 107
108 std::vector<scoped_refptr<net::ParsedCertificate>> input_chain; 108 std::vector<scoped_refptr<net::ParsedCertificate>> input_chain;
109 for (const auto& cert_der : chain) { 109 for (const auto& cert_der : chain) {
110 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector( 110 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(
111 reinterpret_cast<const uint8_t*>(cert_der.data()), cert_der.size(), 111 reinterpret_cast<const uint8_t*>(cert_der.data()), cert_der.size(),
112 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, &input_chain)); 112 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, &input_chain));
113 } 113 }
114 114
115 SimpleSignaturePolicy signature_policy(1024); 115 SimpleSignaturePolicy signature_policy(1024);
116 116
117 bool result = 117 std::vector<scoped_refptr<ParsedCertificate>> trusted_chain;
118 VerifyCertificateChain(input_chain, trust_store, &signature_policy, time); 118 bool result = VerifyCertificateChain(input_chain, trust_store,
119 &signature_policy, time, &trusted_chain);
120 if (result) {
121 ASSERT_EQ(trusted_chain.size(), input_chain.size() + 1);
122 ASSERT_TRUE(std::equal(input_chain.begin(), input_chain.end(),
123 trusted_chain.begin()));
124 ASSERT_TRUE(trust_store.IsTrustedCertificate(trusted_chain.back().get()));
125 } else {
126 ASSERT_EQ(trusted_chain.size(), 0u);
127 }
119 128
120 ASSERT_EQ(expected_result, result); 129 ASSERT_EQ(expected_result, result);
121 } 130 }
122 131
123 TEST(VerifyCertificateChainTest, TargetAndIntermediary) { 132 TEST(VerifyCertificateChainTest, TargetAndIntermediary) {
124 RunTest("target-and-intermediary.pem"); 133 RunTest("target-and-intermediary.pem");
125 } 134 }
126 135
127 TEST(VerifyCertificateChainTest, UnknownRoot) { 136 TEST(VerifyCertificateChainTest, UnknownRoot) {
128 RunTest("unknown-root.pem"); 137 RunTest("unknown-root.pem");
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after
228 RunTest("non-self-signed-root.pem"); 237 RunTest("non-self-signed-root.pem");
229 } 238 }
230 239
231 // Tests that verifying a chain with no certificates fails. 240 // Tests that verifying a chain with no certificates fails.
232 TEST(VerifyCertificateChainTest, EmptyChainIsInvalid) { 241 TEST(VerifyCertificateChainTest, EmptyChainIsInvalid) {
233 TrustStore trust_store; 242 TrustStore trust_store;
234 der::GeneralizedTime time; 243 der::GeneralizedTime time;
235 std::vector<scoped_refptr<ParsedCertificate>> chain; 244 std::vector<scoped_refptr<ParsedCertificate>> chain;
236 SimpleSignaturePolicy signature_policy(2048); 245 SimpleSignaturePolicy signature_policy(2048);
237 246
238 ASSERT_FALSE( 247 ASSERT_FALSE(VerifyCertificateChain(chain, trust_store, &signature_policy,
239 VerifyCertificateChain(chain, trust_store, &signature_policy, time)); 248 time, nullptr));
240 } 249 }
241 250
242 // TODO(eroman): Add test that invalidate validity dates where the day or month 251 // TODO(eroman): Add test that invalidate validity dates where the day or month
243 // ordinal not in range, like "March 39, 2016" are rejected. 252 // ordinal not in range, like "March 39, 2016" are rejected.
244 253
245 } // namespace 254 } // namespace
246 255
247 } // namespace net 256 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/verify_certificate_chain_pkits_unittest.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698