Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/cast_certificate/cast_cert_validator_unittest.cc

Issue 2079273004: Allow Cast certificates to have serial numbers greater than 20 bytes. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove allowance of invalid serial numbers for cast roots Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/cast_certificate/cast_cert_validator.cc ('k') | components/test/data/cast_certificate/certificates/intermediate_serialnumber_toolong.pem » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/cast_certificate/cast_cert_validator.h" 5 #include "components/cast_certificate/cast_cert_validator.h"
6 6
7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h" 7 #include "components/cast_certificate/cast_cert_validator_test_helpers.h"
8 #include "testing/gtest/include/gtest/gtest.h" 8 #include "testing/gtest/include/gtest/gtest.h"
9 9
10 namespace cast_certificate { 10 namespace cast_certificate {
(...skipping 261 matching lines...) Expand 10 before | Expand all | Expand 10 after
272 // 272 //
273 // This device certificate has a policy that means it is valid only for audio 273 // This device certificate has a policy that means it is valid only for audio
274 // devices. 274 // devices.
275 TEST(VerifyCastDeviceCertTest, AudioRefDevTestChain3) { 275 TEST(VerifyCastDeviceCertTest, AudioRefDevTestChain3) {
276 RunTest(RESULT_SUCCESS, "Audio Reference Dev Test", 276 RunTest(RESULT_SUCCESS, "Audio Reference Dev Test",
277 CastDeviceCertPolicy::AUDIO_ONLY, 277 CastDeviceCertPolicy::AUDIO_ONLY,
278 "certificates/audio_ref_dev_test_chain_3.pem", AprilFirst2016(), 278 "certificates/audio_ref_dev_test_chain_3.pem", AprilFirst2016(),
279 "signeddata/AudioReferenceDevTest.pem"); 279 "signeddata/AudioReferenceDevTest.pem");
280 } 280 }
281 281
282 // Tests verifying a valid certificate chain of length 3. Note that the first
283 // intermediate has a serial number that is 21 octets long, which violates RFC
284 // 5280. However cast verification accepts this certificate for compatibility
285 // reasons.
286 //
287 // 0: 8C579B806FFC8A9DFFFF F8:8F:CA:6B:E6:DA
288 // 1: Sony so16vic CA
289 // 2: Cast Audio Sony CA
290 //
291 // Chains to trust anchor:
292 // Cast Root CA (not included)
293 //
294 // This device certificate has a policy that means it is valid only for audio
295 // devices.
296 TEST(VerifyCastDeviceCertTest, IntermediateSerialNumberTooLong) {
297 RunTest(RESULT_SUCCESS, "8C579B806FFC8A9DFFFF F8:8F:CA:6B:E6:DA",
298 CastDeviceCertPolicy::AUDIO_ONLY,
299 "certificates/intermediate_serialnumber_toolong.pem",
300 AprilFirst2016(), "");
301 }
302
282 // ------------------------------------------------------ 303 // ------------------------------------------------------
283 // Valid signature using 1024-bit RSA key 304 // Valid signature using 1024-bit RSA key
284 // ------------------------------------------------------ 305 // ------------------------------------------------------
285 306
286 // This test vector comes from the NIST test vectors (pkcs1v15sign-vectors.txt), 307 // This test vector comes from the NIST test vectors (pkcs1v15sign-vectors.txt),
287 // PKCS#1 v1.5 Signature Example 1.2. 308 // PKCS#1 v1.5 Signature Example 1.2.
288 // 309 //
289 // It is a valid signature using a 1024 bit key and SHA-1. 310 // It is a valid signature using a 1024 bit key and SHA-1.
290 311
291 const uint8_t kEx1Message[] = { 312 const uint8_t kEx1Message[] = {
(...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after
407 auto context = 428 auto context =
408 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki)); 429 CertVerificationContextImplForTest(CreateString(kEx2PublicKeySpki));
409 430
410 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature), 431 EXPECT_TRUE(context->VerifySignatureOverData(CreateString(kEx2Signature),
411 CreateString(kEx2Message))); 432 CreateString(kEx2Message)));
412 } 433 }
413 434
414 } // namespace 435 } // namespace
415 436
416 } // namespace cast_certificate 437 } // namespace cast_certificate
OLDNEW
« no previous file with comments | « components/cast_certificate/cast_cert_validator.cc ('k') | components/test/data/cast_certificate/certificates/intermediate_serialnumber_toolong.pem » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698