OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include <memory> | 9 #include <memory> |
10 | 10 |
(...skipping 379 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
390 cert_chain3->GetIntermediateCertificates())); | 390 cert_chain3->GetIntermediateCertificates())); |
391 } | 391 } |
392 | 392 |
393 TEST(X509CertificateTest, ParseSubjectAltNames) { | 393 TEST(X509CertificateTest, ParseSubjectAltNames) { |
394 base::FilePath certs_dir = GetTestCertsDirectory(); | 394 base::FilePath certs_dir = GetTestCertsDirectory(); |
395 | 395 |
396 scoped_refptr<X509Certificate> san_cert = | 396 scoped_refptr<X509Certificate> san_cert = |
397 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); | 397 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); |
398 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert.get()); | 398 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert.get()); |
399 | 399 |
400 // Ensure that testing for SAN without using it is accepted. | |
401 EXPECT_TRUE(san_cert->GetSubjectAltName(nullptr, nullptr)); | |
402 | |
403 // Ensure that it's possible to get just dNSNames. | |
400 std::vector<std::string> dns_names; | 404 std::vector<std::string> dns_names; |
405 EXPECT_TRUE(san_cert->GetSubjectAltName(&dns_names, nullptr)); | |
406 | |
407 // Ensure that it's possible to get just iPAddresses. | |
401 std::vector<std::string> ip_addresses; | 408 std::vector<std::string> ip_addresses; |
402 san_cert->GetSubjectAltName(&dns_names, &ip_addresses); | 409 EXPECT_TRUE(san_cert->GetSubjectAltName(nullptr, &ip_addresses)); |
eroman
2017/03/21 21:09:54
Add a test to verify the assign vs append behavior
Ryan Sleevi
2017/03/21 21:48:43
That's done in 443
| |
403 | 410 |
404 // Ensure that DNS names are correctly parsed. | 411 // Ensure that DNS names are correctly parsed. |
405 ASSERT_EQ(1U, dns_names.size()); | 412 ASSERT_EQ(1U, dns_names.size()); |
406 EXPECT_EQ("test.example", dns_names[0]); | 413 EXPECT_EQ("test.example", dns_names[0]); |
407 | 414 |
408 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. | 415 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. |
409 ASSERT_EQ(2U, ip_addresses.size()); | 416 ASSERT_EQ(2U, ip_addresses.size()); |
410 | 417 |
411 static const uint8_t kIPv4Address[] = { | 418 static const uint8_t kIPv4Address[] = { |
412 0x7F, 0x00, 0x00, 0x02 | 419 0x7F, 0x00, 0x00, 0x02 |
413 }; | 420 }; |
414 ASSERT_EQ(arraysize(kIPv4Address), ip_addresses[0].size()); | 421 ASSERT_EQ(arraysize(kIPv4Address), ip_addresses[0].size()); |
415 EXPECT_EQ(0, memcmp(ip_addresses[0].data(), kIPv4Address, | 422 EXPECT_EQ(0, memcmp(ip_addresses[0].data(), kIPv4Address, |
416 arraysize(kIPv4Address))); | 423 arraysize(kIPv4Address))); |
417 | 424 |
418 static const uint8_t kIPv6Address[] = { | 425 static const uint8_t kIPv6Address[] = { |
419 0xFE, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | 426 0xFE, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, |
420 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 | 427 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 |
421 }; | 428 }; |
422 ASSERT_EQ(arraysize(kIPv6Address), ip_addresses[1].size()); | 429 ASSERT_EQ(arraysize(kIPv6Address), ip_addresses[1].size()); |
423 EXPECT_EQ(0, memcmp(ip_addresses[1].data(), kIPv6Address, | 430 EXPECT_EQ(0, memcmp(ip_addresses[1].data(), kIPv6Address, |
424 arraysize(kIPv6Address))); | 431 arraysize(kIPv6Address))); |
425 | 432 |
426 // Ensure the subjectAltName dirName has not influenced the handling of | 433 // Ensure the subjectAltName dirName has not influenced the handling of |
427 // the subject commonName. | 434 // the subject commonName. |
428 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); | 435 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); |
436 | |
437 scoped_refptr<X509Certificate> no_san_cert = | |
438 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); | |
439 ASSERT_NE(static_cast<X509Certificate*>(NULL), no_san_cert.get()); | |
eroman
2017/03/21 21:09:54
nit: ASSERT_TRUE() -- is printing the pointer on f
Ryan Sleevi
2017/03/21 21:48:43
I opted not to include this, to keep with local st
| |
440 | |
441 EXPECT_NE(0u, dns_names.size()); | |
442 EXPECT_NE(0u, ip_addresses.size()); | |
443 EXPECT_FALSE(no_san_cert->GetSubjectAltName(&dns_names, &ip_addresses)); | |
444 EXPECT_EQ(0u, dns_names.size()); | |
445 EXPECT_EQ(0u, ip_addresses.size()); | |
429 } | 446 } |
430 | 447 |
431 #if defined(USE_NSS_CERTS) | 448 #if defined(USE_NSS_CERTS) |
432 TEST(X509CertificateTest, ParseClientSubjectAltNames) { | 449 TEST(X509CertificateTest, ParseClientSubjectAltNames) { |
433 base::FilePath certs_dir = GetTestCertsDirectory(); | 450 base::FilePath certs_dir = GetTestCertsDirectory(); |
434 | 451 |
435 // This cert contains one rfc822Name field, and one Microsoft UPN | 452 // This cert contains one rfc822Name field, and one Microsoft UPN |
436 // otherName field. | 453 // otherName field. |
437 scoped_refptr<X509Certificate> san_cert = | 454 scoped_refptr<X509Certificate> san_cert = |
438 ImportCertFromFile(certs_dir, "client_3.pem"); | 455 ImportCertFromFile(certs_dir, "client_3.pem"); |
(...skipping 763 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1202 &actual_type); | 1219 &actual_type); |
1203 | 1220 |
1204 EXPECT_EQ(data.expected_bits, actual_bits); | 1221 EXPECT_EQ(data.expected_bits, actual_bits); |
1205 EXPECT_EQ(data.expected_type, actual_type); | 1222 EXPECT_EQ(data.expected_type, actual_type); |
1206 } | 1223 } |
1207 | 1224 |
1208 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, | 1225 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, |
1209 testing::ValuesIn(kPublicKeyInfoTestData)); | 1226 testing::ValuesIn(kPublicKeyInfoTestData)); |
1210 | 1227 |
1211 } // namespace net | 1228 } // namespace net |
OLD | NEW |