Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(209)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_certificate_chain_pkits_unittest.cc

Issue 2126803004: WIP: NSS trust store integration for path builder. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert-command-line-path-builder-add_certpathbuilder
Patch Set: . Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/verify_certificate_chain.cc ('k') | net/cert/internal/verify_certificate_chain_typed_unittest.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_certificate_chain.h" 5 #include "net/cert/internal/verify_certificate_chain.h"
6 6
7 #include "net/cert/internal/parsed_certificate.h" 7 #include "net/cert/internal/parsed_certificate.h"
8 #include "net/cert/internal/signature_policy.h" 8 #include "net/cert/internal/signature_policy.h"
9 #include "net/cert/internal/trust_store.h" 9 #include "net/cert/internal/trust_store_static.h"
10 #include "net/der/input.h" 10 #include "net/der/input.h"
11 11
12 // Disable tests that require DSA signatures (DSA signatures are intentionally 12 // Disable tests that require DSA signatures (DSA signatures are intentionally
13 // unsupported). Custom versions of the DSA tests are defined below which expect 13 // unsupported). Custom versions of the DSA tests are defined below which expect
14 // verification to fail. 14 // verification to fail.
15 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4 15 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4
16 #define Section1ValidDSAParameterInheritanceTest5 \ 16 #define Section1ValidDSAParameterInheritanceTest5 \
17 DISABLED_Section1ValidDSAParameterInheritanceTest5 17 DISABLED_Section1ValidDSAParameterInheritanceTest5
18 18
19 // Disable tests that require name constraints with name types that are 19 // Disable tests that require name constraints with name types that are
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after
59 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) { 59 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) {
60 if (!net::ParsedCertificate::CreateAndAddToVector( 60 if (!net::ParsedCertificate::CreateAndAddToVector(
61 reinterpret_cast<const uint8_t*>(i->data()), i->size(), 61 reinterpret_cast<const uint8_t*>(i->data()), i->size(),
62 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {}, 62 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {},
63 &input_chain)) { 63 &input_chain)) {
64 ADD_FAILURE() << "cert failed to parse"; 64 ADD_FAILURE() << "cert failed to parse";
65 return false; 65 return false;
66 } 66 }
67 } 67 }
68 68
69 TrustStore trust_store;
70 trust_store.AddTrustedCertificate(input_chain.back());
71
72 SimpleSignaturePolicy signature_policy(1024); 69 SimpleSignaturePolicy signature_policy(1024);
73 70
74 // Run all tests at the time the PKITS was published. 71 // Run all tests at the time the PKITS was published.
75 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; 72 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0};
76 73
77 return VerifyCertificateChainAssumingTrustedRoot(input_chain, trust_store, 74 return VerifyCertificateChainAssumingTrustedRoot(input_chain,
78 &signature_policy, time); 75 &signature_policy, time);
79 } 76 }
80 }; 77 };
81 78
82 } // namespace 79 } // namespace
83 80
84 class PkitsTest01SignatureVerificationCustom 81 class PkitsTest01SignatureVerificationCustom
85 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {}; 82 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {};
86 83
87 // Modified version of 4.1.4 Valid DSA Signatures Test4 84 // Modified version of 4.1.4 Valid DSA Signatures Test4
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after
204 201
205 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, 202 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests,
206 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, 203 // PkitsTest05VerifyingPathswithSelfIssuedCertificates,
207 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs 204 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs
208 205
209 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, 206 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies,
210 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, 207 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings,
211 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy 208 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy
212 209
213 } // namespace net 210 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/verify_certificate_chain.cc ('k') | net/cert/internal/verify_certificate_chain_typed_unittest.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698