Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(285)

Side by Side Diff: net/cert/cert_verify_proc_unittest.cc

Issue 2556963002: Enable CertVerifyProcWeakDigestTest tests on android (Closed)
Patch Set: Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc.h" 5 #include "net/cert/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 1741 matching lines...) Expand 10 before | Expand all | Expand 10 after
1752 {"weak_digest_md5_root.pem", "weak_digest_sha1_intermediate.pem", 1752 {"weak_digest_md5_root.pem", "weak_digest_sha1_intermediate.pem",
1753 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1753 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1754 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1754 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1755 // MD4 is not supported by OS X / NSS 1755 // MD4 is not supported by OS X / NSS
1756 {"weak_digest_md4_root.pem", "weak_digest_sha1_intermediate.pem", 1756 {"weak_digest_md4_root.pem", "weak_digest_sha1_intermediate.pem",
1757 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1757 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1758 #endif 1758 #endif
1759 {"weak_digest_md2_root.pem", "weak_digest_sha1_intermediate.pem", 1759 {"weak_digest_md2_root.pem", "weak_digest_sha1_intermediate.pem",
1760 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1760 "weak_digest_sha1_ee.pem", EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1761 }; 1761 };
1762 #if defined(OS_ANDROID) 1762 INSTANTIATE_TEST_CASE_P(VerifyRoot,
1763 #define MAYBE_VerifyRoot DISABLED_VerifyRoot
1764 #else
1765 #define MAYBE_VerifyRoot VerifyRoot
1766 #endif
1767 INSTANTIATE_TEST_CASE_P(MAYBE_VerifyRoot,
1768 CertVerifyProcWeakDigestTest, 1763 CertVerifyProcWeakDigestTest,
1769 testing::ValuesIn(kVerifyRootCATestData)); 1764 testing::ValuesIn(kVerifyRootCATestData));
1770 1765
1771 // The signature algorithm of intermediates should be properly detected. 1766 // The signature algorithm of intermediates should be properly detected.
1772 const WeakDigestTestData kVerifyIntermediateCATestData[] = { 1767 const WeakDigestTestData kVerifyIntermediateCATestData[] = {
1773 {"weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem", 1768 {"weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem",
1774 "weak_digest_sha1_ee.pem", EXPECT_MD5 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1769 "weak_digest_sha1_ee.pem", EXPECT_MD5 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1775 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1770 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1776 // MD4 is not supported by OS X / NSS 1771 // MD4 is not supported by OS X / NSS
1777 {"weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem", 1772 {"weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem",
1778 "weak_digest_sha1_ee.pem", EXPECT_MD4 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1773 "weak_digest_sha1_ee.pem", EXPECT_MD4 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1779 #endif 1774 #endif
1780 {"weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem", 1775 {"weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem",
1781 "weak_digest_sha1_ee.pem", EXPECT_MD2 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1776 "weak_digest_sha1_ee.pem", EXPECT_MD2 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1782 }; 1777 };
1783 // Disabled on NSS - MD4 is not supported, and MD2 and MD5 are disabled. 1778 // Disabled on NSS - MD4 is not supported, and MD2 and MD5 are disabled.
1784 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_ANDROID) 1779 #if defined(USE_NSS_CERTS) || defined(OS_IOS)
davidben 2016/12/07 01:13:58 Probably for separate, but now that iOS doesn't us
mattm 2016/12/07 02:50:50 Thanks, I gave that a shot (https://codereview.chr
1785 #define MAYBE_VerifyIntermediate DISABLED_VerifyIntermediate 1780 #define MAYBE_VerifyIntermediate DISABLED_VerifyIntermediate
1786 #else 1781 #else
1787 #define MAYBE_VerifyIntermediate VerifyIntermediate 1782 #define MAYBE_VerifyIntermediate VerifyIntermediate
1788 #endif 1783 #endif
1789 WRAPPED_INSTANTIATE_TEST_CASE_P( 1784 WRAPPED_INSTANTIATE_TEST_CASE_P(
1790 MAYBE_VerifyIntermediate, 1785 MAYBE_VerifyIntermediate,
1791 CertVerifyProcWeakDigestTest, 1786 CertVerifyProcWeakDigestTest,
1792 testing::ValuesIn(kVerifyIntermediateCATestData)); 1787 testing::ValuesIn(kVerifyIntermediateCATestData));
1793 1788
1794 // The signature algorithm of end-entity should be properly detected. 1789 // The signature algorithm of end-entity should be properly detected.
1795 const WeakDigestTestData kVerifyEndEntityTestData[] = { 1790 const WeakDigestTestData kVerifyEndEntityTestData[] = {
1796 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1791 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem",
1797 "weak_digest_md5_ee.pem", EXPECT_MD5 | EXPECT_SHA1 }, 1792 "weak_digest_md5_ee.pem", EXPECT_MD5 | EXPECT_SHA1 },
1798 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1793 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1799 // MD4 is not supported by OS X / NSS 1794 // MD4 is not supported by OS X / NSS
1800 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1795 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem",
1801 "weak_digest_md4_ee.pem", EXPECT_MD4 | EXPECT_SHA1 }, 1796 "weak_digest_md4_ee.pem", EXPECT_MD4 | EXPECT_SHA1 },
1802 #endif 1797 #endif
1803 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1798 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem",
1804 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_SHA1 }, 1799 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_SHA1 },
1805 }; 1800 };
1806 // Disabled on NSS - NSS caches chains/signatures in such a way that cannot 1801 // Disabled on NSS - NSS caches chains/signatures in such a way that cannot
1807 // be cleared until NSS is cleanly shutdown, which is not presently supported 1802 // be cleared until NSS is cleanly shutdown, which is not presently supported
1808 // in Chromium. 1803 // in Chromium.
1809 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_ANDROID) 1804 #if defined(USE_NSS_CERTS) || defined(OS_IOS)
1810 #define MAYBE_VerifyEndEntity DISABLED_VerifyEndEntity 1805 #define MAYBE_VerifyEndEntity DISABLED_VerifyEndEntity
1811 #else 1806 #else
1812 #define MAYBE_VerifyEndEntity VerifyEndEntity 1807 #define MAYBE_VerifyEndEntity VerifyEndEntity
1813 #endif 1808 #endif
1814 WRAPPED_INSTANTIATE_TEST_CASE_P(MAYBE_VerifyEndEntity, 1809 WRAPPED_INSTANTIATE_TEST_CASE_P(MAYBE_VerifyEndEntity,
1815 CertVerifyProcWeakDigestTest, 1810 CertVerifyProcWeakDigestTest,
1816 testing::ValuesIn(kVerifyEndEntityTestData)); 1811 testing::ValuesIn(kVerifyEndEntityTestData));
1817 1812
1818 // Incomplete chains should still report the status of the intermediate. 1813 // Incomplete chains should still report the status of the intermediate.
1819 const WeakDigestTestData kVerifyIncompleteIntermediateTestData[] = { 1814 const WeakDigestTestData kVerifyIncompleteIntermediateTestData[] = {
1820 {NULL, "weak_digest_md5_intermediate.pem", "weak_digest_sha1_ee.pem", 1815 {NULL, "weak_digest_md5_intermediate.pem", "weak_digest_sha1_ee.pem",
1821 EXPECT_MD5 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1816 EXPECT_MD5 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1822 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1817 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1823 // MD4 is not supported by OS X / NSS 1818 // MD4 is not supported by OS X / NSS
1824 {NULL, "weak_digest_md4_intermediate.pem", "weak_digest_sha1_ee.pem", 1819 {NULL, "weak_digest_md4_intermediate.pem", "weak_digest_sha1_ee.pem",
1825 EXPECT_MD4 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1820 EXPECT_MD4 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1826 #endif 1821 #endif
1827 {NULL, "weak_digest_md2_intermediate.pem", "weak_digest_sha1_ee.pem", 1822 {NULL, "weak_digest_md2_intermediate.pem", "weak_digest_sha1_ee.pem",
1828 EXPECT_MD2 | EXPECT_SHA1 | EXPECT_SHA1_LEAF}, 1823 EXPECT_MD2 | EXPECT_SHA1 | EXPECT_SHA1_LEAF},
1829 }; 1824 };
1830 // Disabled on NSS - libpkix does not return constructed chains on error, 1825 // Disabled on NSS - libpkix does not return constructed chains on error,
1831 // preventing us from detecting/inspecting the verified chain. 1826 // preventing us from detecting/inspecting the verified chain.
1832 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_ANDROID) 1827 #if defined(USE_NSS_CERTS) || defined(OS_IOS)
1833 #define MAYBE_VerifyIncompleteIntermediate \ 1828 #define MAYBE_VerifyIncompleteIntermediate \
1834 DISABLED_VerifyIncompleteIntermediate 1829 DISABLED_VerifyIncompleteIntermediate
1835 #else 1830 #else
1836 #define MAYBE_VerifyIncompleteIntermediate VerifyIncompleteIntermediate 1831 #define MAYBE_VerifyIncompleteIntermediate VerifyIncompleteIntermediate
1837 #endif 1832 #endif
1838 WRAPPED_INSTANTIATE_TEST_CASE_P( 1833 WRAPPED_INSTANTIATE_TEST_CASE_P(
1839 MAYBE_VerifyIncompleteIntermediate, 1834 MAYBE_VerifyIncompleteIntermediate,
1840 CertVerifyProcWeakDigestTest, 1835 CertVerifyProcWeakDigestTest,
1841 testing::ValuesIn(kVerifyIncompleteIntermediateTestData)); 1836 testing::ValuesIn(kVerifyIncompleteIntermediateTestData));
1842 1837
1843 // Incomplete chains should still report the status of the end-entity. 1838 // Incomplete chains should still report the status of the end-entity.
1844 const WeakDigestTestData kVerifyIncompleteEETestData[] = { 1839 const WeakDigestTestData kVerifyIncompleteEETestData[] = {
1845 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md5_ee.pem", 1840 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md5_ee.pem",
1846 EXPECT_MD5 | EXPECT_SHA1 }, 1841 EXPECT_MD5 | EXPECT_SHA1 },
1847 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1842 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1848 // MD4 is not supported by OS X / NSS 1843 // MD4 is not supported by OS X / NSS
1849 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md4_ee.pem", 1844 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md4_ee.pem",
1850 EXPECT_MD4 | EXPECT_SHA1 }, 1845 EXPECT_MD4 | EXPECT_SHA1 },
1851 #endif 1846 #endif
1852 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md2_ee.pem", 1847 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md2_ee.pem",
1853 EXPECT_MD2 | EXPECT_SHA1 }, 1848 EXPECT_MD2 | EXPECT_SHA1 },
1854 }; 1849 };
1855 // Disabled on NSS - libpkix does not return constructed chains on error, 1850 // Disabled on NSS - libpkix does not return constructed chains on error,
1856 // preventing us from detecting/inspecting the verified chain. 1851 // preventing us from detecting/inspecting the verified chain.
1857 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_ANDROID) 1852 #if defined(USE_NSS_CERTS) || defined(OS_IOS)
1858 #define MAYBE_VerifyIncompleteEndEntity DISABLED_VerifyIncompleteEndEntity 1853 #define MAYBE_VerifyIncompleteEndEntity DISABLED_VerifyIncompleteEndEntity
1859 #else 1854 #else
1860 #define MAYBE_VerifyIncompleteEndEntity VerifyIncompleteEndEntity 1855 #define MAYBE_VerifyIncompleteEndEntity VerifyIncompleteEndEntity
1861 #endif 1856 #endif
1862 WRAPPED_INSTANTIATE_TEST_CASE_P( 1857 WRAPPED_INSTANTIATE_TEST_CASE_P(
1863 MAYBE_VerifyIncompleteEndEntity, 1858 MAYBE_VerifyIncompleteEndEntity,
1864 CertVerifyProcWeakDigestTest, 1859 CertVerifyProcWeakDigestTest,
1865 testing::ValuesIn(kVerifyIncompleteEETestData)); 1860 testing::ValuesIn(kVerifyIncompleteEETestData));
1866 1861
1867 // Differing algorithms between the intermediate and the EE should still be 1862 // Differing algorithms between the intermediate and the EE should still be
1868 // reported. 1863 // reported.
1869 const WeakDigestTestData kVerifyMixedTestData[] = { 1864 const WeakDigestTestData kVerifyMixedTestData[] = {
1870 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem", 1865 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem",
1871 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1866 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD5 },
1872 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem", 1867 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem",
1873 "weak_digest_md5_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1868 "weak_digest_md5_ee.pem", EXPECT_MD2 | EXPECT_MD5 },
1874 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1869 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1875 // MD4 is not supported by OS X / NSS 1870 // MD4 is not supported by OS X / NSS
1876 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem", 1871 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem",
1877 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD4 }, 1872 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD4 },
1878 #endif 1873 #endif
1879 }; 1874 };
1880 // NSS does not support MD4 and does not enable MD2 by default, making all 1875 // NSS does not support MD4 and does not enable MD2 by default, making all
1881 // permutations invalid. 1876 // permutations invalid.
1882 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_ANDROID) 1877 #if defined(USE_NSS_CERTS) || defined(OS_IOS)
1883 #define MAYBE_VerifyMixed DISABLED_VerifyMixed 1878 #define MAYBE_VerifyMixed DISABLED_VerifyMixed
1884 #else 1879 #else
1885 #define MAYBE_VerifyMixed VerifyMixed 1880 #define MAYBE_VerifyMixed VerifyMixed
1886 #endif 1881 #endif
1887 WRAPPED_INSTANTIATE_TEST_CASE_P( 1882 WRAPPED_INSTANTIATE_TEST_CASE_P(
1888 MAYBE_VerifyMixed, 1883 MAYBE_VerifyMixed,
1889 CertVerifyProcWeakDigestTest, 1884 CertVerifyProcWeakDigestTest,
1890 testing::ValuesIn(kVerifyMixedTestData)); 1885 testing::ValuesIn(kVerifyMixedTestData));
1891 1886
1892 // For the list of valid hostnames, see 1887 // For the list of valid hostnames, see
(...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after
2076 int flags = 0; 2071 int flags = 0;
2077 CertVerifyResult verify_result; 2072 CertVerifyResult verify_result;
2078 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, 2073 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_,
2079 &verify_result); 2074 &verify_result);
2080 EXPECT_EQ(OK, error); 2075 EXPECT_EQ(OK, error);
2081 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); 2076 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0);
2082 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); 2077 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0);
2083 } 2078 }
2084 2079
2085 } // namespace net 2080 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698