Add X509CertificateBytes which uses CRYPTO_BUFFER instead of macOS-native certificate types.

net/cert/x509_certificate_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/cert/x509_certificate.h"
 
 #include <stdint.h>
 
 #include <memory>
 
@@ skipping 264 matching lines @@
 
   static const uint8_t google_serial[16] = {
     0x01,0x2a,0x39,0x76,0x0d,0x3f,0x4f,0xc9,
     0x0b,0xe7,0xbd,0x2b,0xcf,0x95,0x2e,0x7a,
   };
 
   ASSERT_EQ(sizeof(google_serial), google_cert->serial_number().size());
   EXPECT_TRUE(memcmp(google_cert->serial_number().data(), google_serial,
                      sizeof(google_serial)) == 0);
 
-// TODO(mattm): Creating the X509Certificate fails on windows due to the null
-// in the subject. Generate a new test cert specifically for this case rather
-// than reusing paypal_null_cert.
-#if !defined(OS_WIN)
+// TODO(mattm): Creating the X509Certificate fails on some platforms due to the
+// null in the subject. Generate a new test cert specifically for this case
+// rather than reusing paypal_null_cert.
+#if !defined(OS_WIN) && !BUILDFLAG(USE_BYTE_CERTS)
   // Check a serial number where the first byte is >= 0x80, the DER returned by
   // serial() should contain the leading 0 padding byte.
   scoped_refptr<X509Certificate> paypal_null_cert(
       X509Certificate::CreateFromBytes(
           reinterpret_cast<const char*>(paypal_null_der),
           sizeof(paypal_null_der)));
   ASSERT_TRUE(paypal_null_cert);
 
   static const uint8_t paypal_null_serial[3] = {0x00, 0xf0, 0x9b};
   ASSERT_EQ(sizeof(paypal_null_serial),
@@ skipping 895 matching lines @@
 }
 
 INSTANTIATE_TEST_CASE_P(, X509CertificateNameVerifyTest,
                         testing::ValuesIn(kNameVerifyTestData));
 
 const struct PublicKeyInfoTestData {
   const char* cert_file;
   size_t expected_bits;
   X509Certificate::PublicKeyType expected_type;
 } kPublicKeyInfoTestData[] = {
-    {"768-rsa-ee-by-768-rsa-intermediate.pem",
-     768,
+    {"768-rsa-ee-by-768-rsa-intermediate.pem", 768,
      X509Certificate::kPublicKeyTypeRSA},
-    {"1024-rsa-ee-by-768-rsa-intermediate.pem",
-     1024,
+    {"1024-rsa-ee-by-768-rsa-intermediate.pem", 1024,
      X509Certificate::kPublicKeyTypeRSA},
-    {"prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem",
-     256,
+    {"prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem", 256,
      X509Certificate::kPublicKeyTypeECDSA},
-#if defined(OS_MACOSX) && !defined(OS_IOS)
+#if defined(OS_MACOSX) && !defined(OS_IOS) && !BUILDFLAG(USE_BYTE_CERTS)
     // OS X has an key length limit of 4096 bits. This should manifest as an
     // unknown key. If a future version of OS X changes this, large_key.pem may
     // need to be renegerated with a larger key. See https://crbug.com/472291.
     {"large_key.pem", 0, X509Certificate::kPublicKeyTypeUnknown},
 #else
     {"large_key.pem", 8200, X509Certificate::kPublicKeyTypeRSA},
 #endif
 };
 
 class X509CertificatePublicKeyInfoTest
@@ skipping 15 matching lines @@
                                     &actual_type);
 
   EXPECT_EQ(data.expected_bits, actual_bits);
   EXPECT_EQ(data.expected_type, actual_type);
 }
 
 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest,
                         testing::ValuesIn(kPublicKeyInfoTestData));
 
 }  // namespace net