| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/trust_store_mac.h" | 5 #include "net/cert/internal/trust_store_mac.h" |
| 6 | 6 |
| 7 #include "base/base_paths.h" | 7 #include "base/base_paths.h" |
| 8 #include "base/files/file_util.h" | 8 #include "base/files/file_util.h" |
| 9 #include "base/files/scoped_temp_dir.h" | 9 #include "base/files/scoped_temp_dir.h" |
| 10 #include "base/path_service.h" | 10 #include "base/path_service.h" |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 189 SecCertificateArrayAsDER(scoped_matching_items), | 189 SecCertificateArrayAsDER(scoped_matching_items), |
| 190 UnorderedElementsAreArray(ParsedCertificateListAsDER({e_by_e}))); | 190 UnorderedElementsAreArray(ParsedCertificateListAsDER({e_by_e}))); |
| 191 } | 191 } |
| 192 | 192 |
| 193 // None of the certs should return any matching TrustAnchors, since the test | 193 // None of the certs should return any matching TrustAnchors, since the test |
| 194 // certs in the keychain aren't trusted (unless someone manually added and | 194 // certs in the keychain aren't trusted (unless someone manually added and |
| 195 // trusted the test certs on the machine the test is being run on). | 195 // trusted the test certs on the machine the test is being run on). |
| 196 for (const auto& cert : | 196 for (const auto& cert : |
| 197 {a_by_b, b_by_c, b_by_f, c_by_d, c_by_e, f_by_e, d_by_d, e_by_e}) { | 197 {a_by_b, b_by_c, b_by_f, c_by_d, c_by_e, f_by_e, d_by_d, e_by_e}) { |
| 198 TrustAnchors matching_anchors; | 198 TrustAnchors matching_anchors; |
| 199 trust_store.FindTrustAnchorsForCert(cert, &matching_anchors); | 199 ParsedCertificateList matching_intermediates; |
| 200 trust_store.FindIssuers(cert, &matching_anchors, &matching_intermediates); |
| 200 EXPECT_EQ(0u, matching_anchors.size()); | 201 EXPECT_EQ(0u, matching_anchors.size()); |
| 201 } | 202 } |
| 202 } | 203 } |
| 203 | 204 |
| 204 // Test against all the certificates in the default keychains. Confirms that | 205 // Test against all the certificates in the default keychains. Confirms that |
| 205 // the computed trust value matches that of SecTrustEvaluate. | 206 // the computed trust value matches that of SecTrustEvaluate. |
| 206 TEST(TrustStoreMacTest, SystemCerts) { | 207 TEST(TrustStoreMacTest, SystemCerts) { |
| 207 // Get the list of all certificates in the user & system keychains. | 208 // Get the list of all certificates in the user & system keychains. |
| 208 // This may include both trusted and untrusted certificates. | 209 // This may include both trusted and untrusted certificates. |
| 209 // | 210 // |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 310 bool expected_trust_anchor = | 311 bool expected_trust_anchor = |
| 311 ((trust_result == kSecTrustResultProceed) || | 312 ((trust_result == kSecTrustResultProceed) || |
| 312 (trust_result == kSecTrustResultUnspecified)) && | 313 (trust_result == kSecTrustResultUnspecified)) && |
| 313 (SecTrustGetCertificateCount(trust) == 1); | 314 (SecTrustGetCertificateCount(trust) == 1); |
| 314 EXPECT_EQ(expected_trust_anchor, is_trust_anchor); | 315 EXPECT_EQ(expected_trust_anchor, is_trust_anchor); |
| 315 } | 316 } |
| 316 } | 317 } |
| 317 } | 318 } |
| 318 | 319 |
| 319 } // namespace net | 320 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2832703002:
Allow the TrustStore interface to return matching intermediates, and identify distrusted certs. (Closed)
