Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(428)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_verify_proc_unittest.cc

Issue 2558983002: Update CertVerifyProcWeakDigestTest for Sierra (Mac OS 10.12) (Closed)
Patch Set: simpler, less precise approach Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc.h" 5 #include "net/cert/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 1783 matching lines...) Expand 10 before | Expand all | Expand 10 after
1794 // MD4 is not supported by OS X / NSS 1794 // MD4 is not supported by OS X / NSS
1795 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1795 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem",
1796 "weak_digest_md4_ee.pem", EXPECT_MD4 | EXPECT_SHA1 }, 1796 "weak_digest_md4_ee.pem", EXPECT_MD4 | EXPECT_SHA1 },
1797 #endif 1797 #endif
1798 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem", 1798 { "weak_digest_sha1_root.pem", "weak_digest_sha1_intermediate.pem",
1799 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_SHA1 }, 1799 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_SHA1 },
1800 }; 1800 };
1801 // Disabled on NSS - NSS caches chains/signatures in such a way that cannot 1801 // Disabled on NSS - NSS caches chains/signatures in such a way that cannot
1802 // be cleared until NSS is cleanly shutdown, which is not presently supported 1802 // be cleared until NSS is cleanly shutdown, which is not presently supported
1803 // in Chromium. 1803 // in Chromium.
1804 #if defined(USE_NSS_CERTS) || defined(OS_IOS) 1804 // OSX 10.12+ stops building the chain at the first weak digest.
1805 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_MACOSX)
1805 #define MAYBE_VerifyEndEntity DISABLED_VerifyEndEntity 1806 #define MAYBE_VerifyEndEntity DISABLED_VerifyEndEntity
1806 #else 1807 #else
1807 #define MAYBE_VerifyEndEntity VerifyEndEntity 1808 #define MAYBE_VerifyEndEntity VerifyEndEntity
1808 #endif 1809 #endif
1809 WRAPPED_INSTANTIATE_TEST_CASE_P(MAYBE_VerifyEndEntity, 1810 WRAPPED_INSTANTIATE_TEST_CASE_P(MAYBE_VerifyEndEntity,
1810 CertVerifyProcWeakDigestTest, 1811 CertVerifyProcWeakDigestTest,
1811 testing::ValuesIn(kVerifyEndEntityTestData)); 1812 testing::ValuesIn(kVerifyEndEntityTestData));
1812 1813
1813 // Incomplete chains should still report the status of the intermediate. 1814 // Incomplete chains should still report the status of the intermediate.
1814 const WeakDigestTestData kVerifyIncompleteIntermediateTestData[] = { 1815 const WeakDigestTestData kVerifyIncompleteIntermediateTestData[] = {
(...skipping 27 matching lines...) Expand all
1842 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1843 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1843 // MD4 is not supported by OS X / NSS 1844 // MD4 is not supported by OS X / NSS
1844 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md4_ee.pem", 1845 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md4_ee.pem",
1845 EXPECT_MD4 | EXPECT_SHA1 }, 1846 EXPECT_MD4 | EXPECT_SHA1 },
1846 #endif 1847 #endif
1847 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md2_ee.pem", 1848 { NULL, "weak_digest_sha1_intermediate.pem", "weak_digest_md2_ee.pem",
1848 EXPECT_MD2 | EXPECT_SHA1 }, 1849 EXPECT_MD2 | EXPECT_SHA1 },
1849 }; 1850 };
1850 // Disabled on NSS - libpkix does not return constructed chains on error, 1851 // Disabled on NSS - libpkix does not return constructed chains on error,
1851 // preventing us from detecting/inspecting the verified chain. 1852 // preventing us from detecting/inspecting the verified chain.
1852 #if defined(USE_NSS_CERTS) || defined(OS_IOS) 1853 // OSX 10.12+ stops building the chain at the first weak digest.
1854 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_MACOSX)
1853 #define MAYBE_VerifyIncompleteEndEntity DISABLED_VerifyIncompleteEndEntity 1855 #define MAYBE_VerifyIncompleteEndEntity DISABLED_VerifyIncompleteEndEntity
1854 #else 1856 #else
1855 #define MAYBE_VerifyIncompleteEndEntity VerifyIncompleteEndEntity 1857 #define MAYBE_VerifyIncompleteEndEntity VerifyIncompleteEndEntity
1856 #endif 1858 #endif
1857 WRAPPED_INSTANTIATE_TEST_CASE_P( 1859 WRAPPED_INSTANTIATE_TEST_CASE_P(
1858 MAYBE_VerifyIncompleteEndEntity, 1860 MAYBE_VerifyIncompleteEndEntity,
1859 CertVerifyProcWeakDigestTest, 1861 CertVerifyProcWeakDigestTest,
1860 testing::ValuesIn(kVerifyIncompleteEETestData)); 1862 testing::ValuesIn(kVerifyIncompleteEETestData));
1861 1863
1862 // Differing algorithms between the intermediate and the EE should still be 1864 // Differing algorithms between the intermediate and the EE should still be
1863 // reported. 1865 // reported.
1864 const WeakDigestTestData kVerifyMixedTestData[] = { 1866 const WeakDigestTestData kVerifyMixedTestData[] = {
1865 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem", 1867 { "weak_digest_sha1_root.pem", "weak_digest_md5_intermediate.pem",
1866 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1868 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD5 },
1867 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem", 1869 { "weak_digest_sha1_root.pem", "weak_digest_md2_intermediate.pem",
1868 "weak_digest_md5_ee.pem", EXPECT_MD2 | EXPECT_MD5 }, 1870 "weak_digest_md5_ee.pem", EXPECT_MD2 | EXPECT_MD5 },
1869 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN) 1871 #if defined(USE_OPENSSL_CERTS) || defined(OS_WIN)
1870 // MD4 is not supported by OS X / NSS 1872 // MD4 is not supported by OS X / NSS
1871 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem", 1873 { "weak_digest_sha1_root.pem", "weak_digest_md4_intermediate.pem",
1872 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD4 }, 1874 "weak_digest_md2_ee.pem", EXPECT_MD2 | EXPECT_MD4 },
1873 #endif 1875 #endif
1874 }; 1876 };
1875 // NSS does not support MD4 and does not enable MD2 by default, making all 1877 // NSS does not support MD4 and does not enable MD2 by default, making all
1876 // permutations invalid. 1878 // permutations invalid.
1877 #if defined(USE_NSS_CERTS) || defined(OS_IOS) 1879 // OSX 10.12+ stops building the chain at the first weak digest.
1880 #if defined(USE_NSS_CERTS) || defined(OS_IOS) || defined(OS_MACOSX)
1878 #define MAYBE_VerifyMixed DISABLED_VerifyMixed 1881 #define MAYBE_VerifyMixed DISABLED_VerifyMixed
1879 #else 1882 #else
1880 #define MAYBE_VerifyMixed VerifyMixed 1883 #define MAYBE_VerifyMixed VerifyMixed
1881 #endif 1884 #endif
1882 WRAPPED_INSTANTIATE_TEST_CASE_P( 1885 WRAPPED_INSTANTIATE_TEST_CASE_P(
1883 MAYBE_VerifyMixed, 1886 MAYBE_VerifyMixed,
1884 CertVerifyProcWeakDigestTest, 1887 CertVerifyProcWeakDigestTest,
1885 testing::ValuesIn(kVerifyMixedTestData)); 1888 testing::ValuesIn(kVerifyMixedTestData));
1886 1889
1887 // For the list of valid hostnames, see 1890 // For the list of valid hostnames, see
(...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after
2071 int flags = 0; 2074 int flags = 0;
2072 CertVerifyResult verify_result; 2075 CertVerifyResult verify_result;
2073 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_, 2076 int error = Verify(cert.get(), "127.0.0.1", flags, NULL, empty_cert_list_,
2074 &verify_result); 2077 &verify_result);
2075 EXPECT_EQ(OK, error); 2078 EXPECT_EQ(OK, error);
2076 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); 2079 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0);
2077 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); 2080 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0);
2078 } 2081 }
2079 2082
2080 } // namespace net 2083 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698