OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/internal/verify_certificate_chain.h" | 5 #include "net/cert/internal/verify_certificate_chain.h" |
6 | 6 |
7 #include "net/cert/internal/parsed_certificate.h" | 7 #include "net/cert/internal/parsed_certificate.h" |
8 #include "net/cert/internal/signature_policy.h" | 8 #include "net/cert/internal/signature_policy.h" |
9 #include "net/cert/internal/trust_store.h" | 9 #include "net/cert/internal/trust_store_static.h" |
10 #include "net/der/input.h" | 10 #include "net/der/input.h" |
11 | 11 |
12 // Disable tests that require DSA signatures (DSA signatures are intentionally | 12 // Disable tests that require DSA signatures (DSA signatures are intentionally |
13 // unsupported). Custom versions of the DSA tests are defined below which expect | 13 // unsupported). Custom versions of the DSA tests are defined below which expect |
14 // verification to fail. | 14 // verification to fail. |
15 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4 | 15 #define Section1ValidDSASignaturesTest4 DISABLED_Section1ValidDSASignaturesTest4 |
16 #define Section1ValidDSAParameterInheritanceTest5 \ | 16 #define Section1ValidDSAParameterInheritanceTest5 \ |
17 DISABLED_Section1ValidDSAParameterInheritanceTest5 | 17 DISABLED_Section1ValidDSAParameterInheritanceTest5 |
18 | 18 |
19 // Disable tests that require name constraints with name types that are | 19 // Disable tests that require name constraints with name types that are |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
59 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) { | 59 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) { |
60 if (!net::ParsedCertificate::CreateAndAddToVector( | 60 if (!net::ParsedCertificate::CreateAndAddToVector( |
61 reinterpret_cast<const uint8_t*>(i->data()), i->size(), | 61 reinterpret_cast<const uint8_t*>(i->data()), i->size(), |
62 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {}, | 62 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {}, |
63 &input_chain)) { | 63 &input_chain)) { |
64 ADD_FAILURE() << "cert failed to parse"; | 64 ADD_FAILURE() << "cert failed to parse"; |
65 return false; | 65 return false; |
66 } | 66 } |
67 } | 67 } |
68 | 68 |
69 TrustStore trust_store; | |
70 trust_store.AddTrustedCertificate(input_chain.back()); | |
71 | |
72 SimpleSignaturePolicy signature_policy(1024); | 69 SimpleSignaturePolicy signature_policy(1024); |
73 | 70 |
74 // Run all tests at the time the PKITS was published. | 71 // Run all tests at the time the PKITS was published. |
75 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; | 72 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; |
76 | 73 |
77 return VerifyCertificateChainAssumingTrustedRoot(input_chain, trust_store, | 74 return VerifyCertificateChainAssumingTrustedRoot(input_chain, |
78 &signature_policy, time); | 75 &signature_policy, time); |
79 } | 76 } |
80 }; | 77 }; |
81 | 78 |
82 } // namespace | 79 } // namespace |
83 | 80 |
84 class PkitsTest01SignatureVerificationCustom | 81 class PkitsTest01SignatureVerificationCustom |
85 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {}; | 82 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {}; |
86 | 83 |
87 // Modified version of 4.1.4 Valid DSA Signatures Test4 | 84 // Modified version of 4.1.4 Valid DSA Signatures Test4 |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
204 | 201 |
205 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, | 202 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, |
206 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, | 203 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, |
207 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs | 204 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs |
208 | 205 |
209 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, | 206 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, |
210 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, | 207 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, |
211 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy | 208 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy |
212 | 209 |
213 } // namespace net | 210 } // namespace net |
OLD | NEW |