Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_certificate_chain_unittest.cc

Issue 2225493003: Don't treat trust anchors as certificates during path building. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: address moar feedback Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/verify_certificate_chain_typed_unittest.h ('k') | net/data/verify_certificate_chain_unittest/expired-root.pem » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_certificate_chain.h" 5 #include "net/cert/internal/verify_certificate_chain.h"
6 6
7 #include "net/cert/internal/signature_policy.h" 7 #include "net/cert/internal/signature_policy.h"
8 #include "net/cert/internal/trust_store.h" 8 #include "net/cert/internal/trust_store.h"
9 #include "net/cert/internal/verify_certificate_chain_typed_unittest.h" 9 #include "net/cert/internal/verify_certificate_chain_typed_unittest.h"
10 10
11 namespace net { 11 namespace net {
12 12
13 namespace { 13 namespace {
14 14
15 class VerifyCertificateChainAssumingTrustedRootDelegate { 15 class VerifyCertificateChainDelegate {
16 public: 16 public:
17 static void Verify(const ParsedCertificateList& chain, 17 static void Verify(const ParsedCertificateList& chain,
18 const ParsedCertificateList& roots, 18 const TrustAnchors& anchors,
19 const der::GeneralizedTime& time, 19 const der::GeneralizedTime& time,
20 bool expected_result) { 20 bool expected_result) {
21 TrustStore trust_store; 21 ASSERT_EQ(1U, anchors.size());
22 ASSERT_EQ(1U, roots.size()); 22 ASSERT_TRUE(anchors.front().get());
23 trust_store.AddTrustedCertificate(roots[0]);
24
25 ParsedCertificateList full_chain(chain);
26 full_chain.push_back(roots[0]);
27 23
28 SimpleSignaturePolicy signature_policy(1024); 24 SimpleSignaturePolicy signature_policy(1024);
29 25
30 bool result = VerifyCertificateChainAssumingTrustedRoot( 26 bool result = VerifyCertificateChain(chain, anchors.front().get(),
31 full_chain, trust_store, &signature_policy, time); 27 &signature_policy, time);
32 28
33 ASSERT_EQ(expected_result, result); 29 ASSERT_EQ(expected_result, result);
34 } 30 }
35 }; 31 };
36 32
37 } // namespace 33 } // namespace
38 34
39 INSTANTIATE_TYPED_TEST_CASE_P( 35 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,
40 VerifyCertificateChainAssumingTrustedRoot, 36 VerifyCertificateChainSingleRootTest,
41 VerifyCertificateChainSingleRootTest, 37 VerifyCertificateChainDelegate);
42 VerifyCertificateChainAssumingTrustedRootDelegate);
43 38
44 } // namespace net 39 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/verify_certificate_chain_typed_unittest.h ('k') | net/data/verify_certificate_chain_unittest/expired-root.pem » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698