| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_verify_proc.h" | 5 #include "net/cert/cert_verify_proc.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 verify_result->verified_cert = cert; | 105 verify_result->verified_cert = cert; |
| 106 return OK; | 106 return OK; |
| 107 } | 107 } |
| 108 | 108 |
| 109 // This enum identifies a concrete implemenation of CertVerifyProc. | 109 // This enum identifies a concrete implemenation of CertVerifyProc. |
| 110 // | 110 // |
| 111 // The type is erased by CertVerifyProc::CreateDefault(), however | 111 // The type is erased by CertVerifyProc::CreateDefault(), however |
| 112 // needs to be known for some of the test expectations. | 112 // needs to be known for some of the test expectations. |
| 113 enum CertVerifyProcType { | 113 enum CertVerifyProcType { |
| 114 CERT_VERIFY_PROC_NSS, | 114 CERT_VERIFY_PROC_NSS, |
| 115 CERT_VERIFY_PROC_OPENSSL, | |
| 116 CERT_VERIFY_PROC_ANDROID, | 115 CERT_VERIFY_PROC_ANDROID, |
| 117 CERT_VERIFY_PROC_IOS, | 116 CERT_VERIFY_PROC_IOS, |
| 118 CERT_VERIFY_PROC_MAC, | 117 CERT_VERIFY_PROC_MAC, |
| 119 CERT_VERIFY_PROC_WIN, | 118 CERT_VERIFY_PROC_WIN, |
| 120 CERT_VERIFY_PROC_BUILTIN, | 119 CERT_VERIFY_PROC_BUILTIN, |
| 121 }; | 120 }; |
| 122 | 121 |
| 123 // Returns the CertVerifyProcType corresponding to what | 122 // Returns the CertVerifyProcType corresponding to what |
| 124 // CertVerifyProc::CreateDefault() returns. This needs to be kept in sync with | 123 // CertVerifyProc::CreateDefault() returns. This needs to be kept in sync with |
| 125 // CreateDefault(). | 124 // CreateDefault(). |
| 126 CertVerifyProcType GetDefaultCertVerifyProcType() { | 125 CertVerifyProcType GetDefaultCertVerifyProcType() { |
| 127 #if defined(USE_NSS_CERTS) | 126 #if defined(USE_NSS_CERTS) |
| 128 return CERT_VERIFY_PROC_NSS; | 127 return CERT_VERIFY_PROC_NSS; |
| 129 #elif defined(USE_OPENSSL_CERTS) && !defined(OS_ANDROID) | |
| 130 return CERT_VERIFY_PROC_OPENSSL; | |
| 131 #elif defined(OS_ANDROID) | 128 #elif defined(OS_ANDROID) |
| 132 return CERT_VERIFY_PROC_ANDROID; | 129 return CERT_VERIFY_PROC_ANDROID; |
| 133 #elif defined(OS_IOS) | 130 #elif defined(OS_IOS) |
| 134 return CERT_VERIFY_PROC_IOS; | 131 return CERT_VERIFY_PROC_IOS; |
| 135 #elif defined(OS_MACOSX) | 132 #elif defined(OS_MACOSX) |
| 136 return CERT_VERIFY_PROC_MAC; | 133 return CERT_VERIFY_PROC_MAC; |
| 137 #elif defined(OS_WIN) | 134 #elif defined(OS_WIN) |
| 138 return CERT_VERIFY_PROC_WIN; | 135 return CERT_VERIFY_PROC_WIN; |
| 139 #else | 136 #else |
| 140 // Will fail to compile. | 137 // Will fail to compile. |
| 141 #endif | 138 #endif |
| 142 } | 139 } |
| 143 | 140 |
| 144 // Whether the test is running within the iphone simulator. | 141 // Whether the test is running within the iphone simulator. |
| 145 const bool kTargetIsIphoneSimulator = | 142 const bool kTargetIsIphoneSimulator = |
| 146 #if TARGET_IPHONE_SIMULATOR | 143 #if TARGET_IPHONE_SIMULATOR |
| 147 true; | 144 true; |
| 148 #else | 145 #else |
| 149 false; | 146 false; |
| 150 #endif | 147 #endif |
| 151 | 148 |
| 152 // Returns a textual description of the CertVerifyProc implementation | 149 // Returns a textual description of the CertVerifyProc implementation |
| 153 // that is being tested, used to give better names to parameterized | 150 // that is being tested, used to give better names to parameterized |
| 154 // tests. | 151 // tests. |
| 155 std::string VerifyProcTypeToName( | 152 std::string VerifyProcTypeToName( |
| 156 const testing::TestParamInfo<CertVerifyProcType>& params) { | 153 const testing::TestParamInfo<CertVerifyProcType>& params) { |
| 157 switch (params.param) { | 154 switch (params.param) { |
| 158 case CERT_VERIFY_PROC_NSS: | 155 case CERT_VERIFY_PROC_NSS: |
| 159 return "CertVerifyProcNSS"; | 156 return "CertVerifyProcNSS"; |
| 160 case CERT_VERIFY_PROC_OPENSSL: | |
| 161 return "CertVerifyProcOpenSSL"; | |
| 162 case CERT_VERIFY_PROC_ANDROID: | 157 case CERT_VERIFY_PROC_ANDROID: |
| 163 return "CertVerifyProcAndroid"; | 158 return "CertVerifyProcAndroid"; |
| 164 case CERT_VERIFY_PROC_IOS: | 159 case CERT_VERIFY_PROC_IOS: |
| 165 return "CertVerifyProcIOS"; | 160 return "CertVerifyProcIOS"; |
| 166 case CERT_VERIFY_PROC_MAC: | 161 case CERT_VERIFY_PROC_MAC: |
| 167 return "CertVerifyProcMac"; | 162 return "CertVerifyProcMac"; |
| 168 case CERT_VERIFY_PROC_WIN: | 163 case CERT_VERIFY_PROC_WIN: |
| 169 return "CertVerifyProcWin"; | 164 return "CertVerifyProcWin"; |
| 170 case CERT_VERIFY_PROC_BUILTIN: | 165 case CERT_VERIFY_PROC_BUILTIN: |
| 171 return "CertVerifyProcBuiltin"; | 166 return "CertVerifyProcBuiltin"; |
| (...skipping 1049 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1221 | 1216 |
| 1222 // TODO(wtc): fix http://crbug.com/75520 to get all the certificate errors | 1217 // TODO(wtc): fix http://crbug.com/75520 to get all the certificate errors |
| 1223 // from NSS. | 1218 // from NSS. |
| 1224 if (verify_proc_type() != CERT_VERIFY_PROC_NSS && | 1219 if (verify_proc_type() != CERT_VERIFY_PROC_NSS && |
| 1225 verify_proc_type() != CERT_VERIFY_PROC_ANDROID) { | 1220 verify_proc_type() != CERT_VERIFY_PROC_ANDROID) { |
| 1226 // The certificate is issued by an unknown CA. | 1221 // The certificate is issued by an unknown CA. |
| 1227 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); | 1222 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); |
| 1228 } | 1223 } |
| 1229 | 1224 |
| 1230 // TODO(crbug.com/649017): Don't special-case builtin verifier. | 1225 // TODO(crbug.com/649017): Don't special-case builtin verifier. |
| 1231 if (verify_proc_type() == CERT_VERIFY_PROC_OPENSSL || | 1226 if (verify_proc_type() == CERT_VERIFY_PROC_BUILTIN) { |
| 1232 verify_proc_type() == CERT_VERIFY_PROC_BUILTIN) { | |
| 1233 EXPECT_THAT(error, IsError(ERR_CERT_AUTHORITY_INVALID)); | 1227 EXPECT_THAT(error, IsError(ERR_CERT_AUTHORITY_INVALID)); |
| 1234 } else { | 1228 } else { |
| 1235 EXPECT_THAT(error, IsError(ERR_CERT_INVALID)); | 1229 EXPECT_THAT(error, IsError(ERR_CERT_INVALID)); |
| 1236 } | 1230 } |
| 1237 } | 1231 } |
| 1238 | 1232 |
| 1239 // Basic test for returning the chain in CertVerifyResult. Note that the | 1233 // Basic test for returning the chain in CertVerifyResult. Note that the |
| 1240 // returned chain may just be a reflection of the originally supplied chain; | 1234 // returned chain may just be a reflection of the originally supplied chain; |
| 1241 // that is, if any errors occur, the default chain returned is an exact copy | 1235 // that is, if any errors occur, the default chain returned is an exact copy |
| 1242 // of the certificate to be verified. The remaining VerifyReturn* tests are | 1236 // of the certificate to be verified. The remaining VerifyReturn* tests are |
| (...skipping 1142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2385 int flags = 0; | 2379 int flags = 0; |
| 2386 CertVerifyResult verify_result; | 2380 CertVerifyResult verify_result; |
| 2387 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags, | 2381 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags, |
| 2388 NULL, CertificateList(), &verify_result); | 2382 NULL, CertificateList(), &verify_result); |
| 2389 EXPECT_EQ(OK, error); | 2383 EXPECT_EQ(OK, error); |
| 2390 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); | 2384 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); |
| 2391 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); | 2385 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); |
| 2392 } | 2386 } |
| 2393 | 2387 |
| 2394 } // namespace net | 2388 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2862543003:
Remove CertVerifyProcOpenSSL. (Closed)
