Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(732)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/path_builder_pkits_unittest.cc

Issue 2225493003: Don't treat trust anchors as certificates during path building. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: address moar feedback Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/path_builder.cc ('k') | net/cert/internal/path_builder_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/path_builder.h" 5 #include "net/cert/internal/path_builder.h"
6 6
7 #include "net/base/net_errors.h" 7 #include "net/base/net_errors.h"
8 #include "net/cert/internal/cert_issuer_source_static.h" 8 #include "net/cert/internal/cert_issuer_source_static.h"
9 #include "net/cert/internal/parse_certificate.h" 9 #include "net/cert/internal/parse_certificate.h"
10 #include "net/cert/internal/parsed_certificate.h" 10 #include "net/cert/internal/parsed_certificate.h"
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
60 for (const std::string& der : cert_ders) { 60 for (const std::string& der : cert_ders) {
61 certs.push_back(ParsedCertificate::CreateFromCertificateCopy(der, {})); 61 certs.push_back(ParsedCertificate::CreateFromCertificateCopy(der, {}));
62 if (!certs.back()) { 62 if (!certs.back()) {
63 ADD_FAILURE() << "ParsedCertificate::CreateFromCertificateCopy failed"; 63 ADD_FAILURE() << "ParsedCertificate::CreateFromCertificateCopy failed";
64 return false; 64 return false;
65 } 65 }
66 } 66 }
67 // First entry in the PKITS chain is the trust anchor. 67 // First entry in the PKITS chain is the trust anchor.
68 // TODO(mattm): test with all possible trust anchors in the trust store? 68 // TODO(mattm): test with all possible trust anchors in the trust store?
69 TrustStore trust_store; 69 TrustStore trust_store;
70 trust_store.AddTrustedCertificate(certs[0]); 70
71 scoped_refptr<TrustAnchor> trust_anchor =
72 TrustAnchor::CreateFromCertificateNoConstraints(certs[0]);
73 trust_store.AddTrustAnchor(std::move(trust_anchor));
71 74
72 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? 75 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources?
73 CertIssuerSourceStatic cert_issuer_source; 76 CertIssuerSourceStatic cert_issuer_source;
74 for (size_t i = 1; i < cert_ders.size() - 1; ++i) 77 for (size_t i = 1; i < cert_ders.size() - 1; ++i)
75 cert_issuer_source.AddCert(certs[i]); 78 cert_issuer_source.AddCert(certs[i]);
76 79
77 scoped_refptr<ParsedCertificate> target_cert(certs.back()); 80 scoped_refptr<ParsedCertificate> target_cert(certs.back());
78 81
79 SimpleSignaturePolicy signature_policy(1024); 82 SimpleSignaturePolicy signature_policy(1024);
80 83
(...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after
218 221
219 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, 222 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests,
220 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, 223 // PkitsTest05VerifyingPathswithSelfIssuedCertificates,
221 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs 224 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs
222 225
223 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, 226 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies,
224 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, 227 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings,
225 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy 228 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy
226 229
227 } // namespace net 230 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/path_builder.cc ('k') | net/cert/internal/path_builder_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698