OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/internal/path_builder.h" | 5 #include "net/cert/internal/path_builder.h" |
6 | 6 |
7 #include "net/base/net_errors.h" | 7 #include "net/base/net_errors.h" |
8 #include "net/cert/internal/cert_issuer_source_static.h" | 8 #include "net/cert/internal/cert_issuer_source_static.h" |
9 #include "net/cert/internal/parse_certificate.h" | 9 #include "net/cert/internal/parse_certificate.h" |
10 #include "net/cert/internal/parsed_certificate.h" | 10 #include "net/cert/internal/parsed_certificate.h" |
11 #include "net/cert/internal/signature_policy.h" | 11 #include "net/cert/internal/signature_policy.h" |
12 #include "net/cert/internal/trust_store.h" | 12 #include "net/cert/internal/trust_store_static.h" |
13 #include "net/cert/internal/verify_certificate_chain.h" | 13 #include "net/cert/internal/verify_certificate_chain.h" |
14 #include "net/der/input.h" | 14 #include "net/der/input.h" |
15 | 15 |
16 // Disable tests that require DSA signatures (DSA signatures are intentionally | 16 // Disable tests that require DSA signatures (DSA signatures are intentionally |
17 // unsupported). Custom versions of the DSA tests are defined below which expect | 17 // unsupported). Custom versions of the DSA tests are defined below which expect |
18 // verification to fail. | 18 // verification to fail. |
19 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4 | 19 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4 |
20 #define Section1ValidDSAParameterInheritanceTest5 \ | 20 #define Section1ValidDSAParameterInheritanceTest5 \ |
21 DISABLED_Section1ValidDSAParameterInheritanceTest5 | 21 DISABLED_Section1ValidDSAParameterInheritanceTest5 |
22 | 22 |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
59 ParsedCertificateList certs; | 59 ParsedCertificateList certs; |
60 for (const std::string& der : cert_ders) { | 60 for (const std::string& der : cert_ders) { |
61 certs.push_back(ParsedCertificate::CreateFromCertificateCopy(der, {})); | 61 certs.push_back(ParsedCertificate::CreateFromCertificateCopy(der, {})); |
62 if (!certs.back()) { | 62 if (!certs.back()) { |
63 ADD_FAILURE() << "ParsedCertificate::CreateFromCertificateCopy failed"; | 63 ADD_FAILURE() << "ParsedCertificate::CreateFromCertificateCopy failed"; |
64 return false; | 64 return false; |
65 } | 65 } |
66 } | 66 } |
67 // First entry in the PKITS chain is the trust anchor. | 67 // First entry in the PKITS chain is the trust anchor. |
68 // TODO(mattm): test with all possible trust anchors in the trust store? | 68 // TODO(mattm): test with all possible trust anchors in the trust store? |
69 TrustStore trust_store; | 69 TrustStoreStatic trust_store; |
70 trust_store.AddTrustedCertificate(certs[0]); | 70 trust_store.AddTrustedCertificate(certs[0]); |
71 | 71 |
72 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? | 72 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? |
73 CertIssuerSourceStatic cert_issuer_source; | 73 CertIssuerSourceStatic cert_issuer_source; |
74 for (size_t i = 1; i < cert_ders.size() - 1; ++i) | 74 for (const auto& cert : certs) |
75 cert_issuer_source.AddCert(certs[i]); | 75 cert_issuer_source.AddCert(cert); |
76 | 76 |
77 scoped_refptr<ParsedCertificate> target_cert(certs.back()); | 77 scoped_refptr<ParsedCertificate> target_cert(certs.back()); |
78 | 78 |
79 SimpleSignaturePolicy signature_policy(1024); | 79 SimpleSignaturePolicy signature_policy(1024); |
80 | 80 |
81 // Run all tests at the time the PKITS was published. | 81 // Run all tests at the time the PKITS was published. |
82 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; | 82 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; |
83 | 83 |
84 CertPathBuilder::Result result; | 84 CertPathBuilder::Result result; |
85 CertPathBuilder path_builder(std::move(target_cert), &trust_store, | 85 CertPathBuilder path_builder(std::move(target_cert), &signature_policy, |
86 &signature_policy, time, &result); | 86 time, &result); |
| 87 path_builder.AddTrustStore(&trust_store); |
87 path_builder.AddCertIssuerSource(&cert_issuer_source); | 88 path_builder.AddCertIssuerSource(&cert_issuer_source); |
88 | 89 |
89 CompletionStatus rv = path_builder.Run(base::Closure()); | 90 CompletionStatus rv = path_builder.Run(base::Closure()); |
90 EXPECT_EQ(CompletionStatus::SYNC, rv); | 91 EXPECT_EQ(CompletionStatus::SYNC, rv); |
91 | 92 |
92 return result.is_success(); | 93 return result.is_success(); |
93 } | 94 } |
94 }; | 95 }; |
95 | 96 |
96 } // namespace | 97 } // namespace |
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
218 | 219 |
219 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, | 220 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, |
220 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, | 221 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, |
221 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs | 222 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs |
222 | 223 |
223 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, | 224 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, |
224 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, | 225 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, |
225 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy | 226 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy |
226 | 227 |
227 } // namespace net | 228 } // namespace net |
OLD | NEW |