Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(424)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/verify_certificate_chain_pkits_unittest.cc

Issue 2327973002: Add CertErrors* parameter to the main Certificate parsing functions. (Closed)
Patch Set: StringPiece is kind of dangerous... Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/trust_store_nss.cc ('k') | net/cert/x509_util.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/verify_certificate_chain.h" 5 #include "net/cert/internal/verify_certificate_chain.h"
6 6
7 #include "net/cert/internal/parsed_certificate.h" 7 #include "net/cert/internal/parsed_certificate.h"
8 #include "net/cert/internal/signature_policy.h" 8 #include "net/cert/internal/signature_policy.h"
9 #include "net/cert/internal/trust_store.h" 9 #include "net/cert/internal/trust_store.h"
10 #include "net/der/input.h" 10 #include "net/der/input.h"
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
49 static bool Verify(std::vector<std::string> cert_ders, 49 static bool Verify(std::vector<std::string> cert_ders,
50 std::vector<std::string> crl_ders) { 50 std::vector<std::string> crl_ders) {
51 if (cert_ders.empty()) { 51 if (cert_ders.empty()) {
52 ADD_FAILURE() << "cert_ders is empty"; 52 ADD_FAILURE() << "cert_ders is empty";
53 return false; 53 return false;
54 } 54 }
55 55
56 // PKITS lists chains from trust anchor to target, VerifyCertificateChain 56 // PKITS lists chains from trust anchor to target, VerifyCertificateChain
57 // takes them starting with the target and not including the trust anchor. 57 // takes them starting with the target and not including the trust anchor.
58 std::vector<scoped_refptr<net::ParsedCertificate>> input_chain; 58 std::vector<scoped_refptr<net::ParsedCertificate>> input_chain;
59 CertErrors errors;
59 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) { 60 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) {
60 if (!net::ParsedCertificate::CreateAndAddToVector( 61 if (!net::ParsedCertificate::CreateAndAddToVector(*i, {}, &input_chain,
61 reinterpret_cast<const uint8_t*>(i->data()), i->size(), 62 &errors)) {
62 net::ParsedCertificate::DataSource::EXTERNAL_REFERENCE, {}, 63 ADD_FAILURE() << "Cert failed to parse:\n" << errors.ToDebugString();
63 &input_chain)) {
64 ADD_FAILURE() << "cert failed to parse";
65 return false; 64 return false;
66 } 65 }
67 } 66 }
68 67
69 scoped_refptr<TrustAnchor> trust_anchor = 68 scoped_refptr<TrustAnchor> trust_anchor =
70 TrustAnchor::CreateFromCertificateNoConstraints(input_chain.back()); 69 TrustAnchor::CreateFromCertificateNoConstraints(input_chain.back());
71 input_chain.pop_back(); 70 input_chain.pop_back();
72 71
73 SimpleSignaturePolicy signature_policy(1024); 72 SimpleSignaturePolicy signature_policy(1024);
74 73
75 // Run all tests at the time the PKITS was published. 74 // Run all tests at the time the PKITS was published.
76 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0}; 75 der::GeneralizedTime time = {2011, 4, 15, 0, 0, 0};
77 76
78 // TODO(crbug.com/634443): Test errors on failure? 77 // TODO(crbug.com/634443): Test errors on failure?
79 CertErrors errors;
80 return VerifyCertificateChain(input_chain, trust_anchor.get(), 78 return VerifyCertificateChain(input_chain, trust_anchor.get(),
81 &signature_policy, time, &errors); 79 &signature_policy, time, &errors);
82 } 80 }
83 }; 81 };
84 82
85 } // namespace 83 } // namespace
86 84
87 class PkitsTest01SignatureVerificationCustom 85 class PkitsTest01SignatureVerificationCustom
88 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {}; 86 : public PkitsTest<VerifyCertificateChainPkitsTestDelegate> {};
89 87
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after
207 205
208 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, 206 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests,
209 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, 207 // PkitsTest05VerifyingPathswithSelfIssuedCertificates,
210 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs 208 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs
211 209
212 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, 210 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies,
213 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, 211 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings,
214 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy 212 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy
215 213
216 } // namespace net 214 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/trust_store_nss.cc ('k') | net/cert/x509_util.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698