OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include <memory> | 9 #include <memory> |
10 | 10 |
11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
12 #include "base/pickle.h" | 12 #include "base/pickle.h" |
13 #include "base/sha1.h" | 13 #include "base/sha1.h" |
14 #include "base/strings/string_number_conversions.h" | 14 #include "base/strings/string_number_conversions.h" |
15 #include "base/strings/string_split.h" | 15 #include "base/strings/string_split.h" |
16 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
17 #include "crypto/rsa_private_key.h" | 17 #include "crypto/rsa_private_key.h" |
18 #include "net/base/net_errors.h" | 18 #include "net/base/net_errors.h" |
19 #include "net/cert/asn1_util.h" | 19 #include "net/cert/asn1_util.h" |
20 #include "net/cert/x509_util_nss.h" | 20 #include "net/cert/x509_util_nss.h" |
21 #include "net/test/cert_test_util.h" | 21 #include "net/test/cert_test_util.h" |
22 #include "net/test/test_certificate_data.h" | 22 #include "net/test/test_certificate_data.h" |
23 #include "net/test/test_data_directory.h" | 23 #include "net/test/test_data_directory.h" |
24 #include "testing/gtest/include/gtest/gtest.h" | 24 #include "testing/gtest/include/gtest/gtest.h" |
| 25 #include "url/url_features.h" |
25 | 26 |
26 #if defined(USE_NSS_CERTS) | 27 #if defined(USE_NSS_CERTS) |
27 #include <cert.h> | 28 #include <cert.h> |
28 #endif | 29 #endif |
29 | 30 |
30 using base::HexEncode; | 31 using base::HexEncode; |
31 using base::Time; | 32 using base::Time; |
32 | 33 |
33 namespace net { | 34 namespace net { |
34 | 35 |
(...skipping 225 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 ASSERT_EQ(1U, subject.street_addresses.size()); | 261 ASSERT_EQ(1U, subject.street_addresses.size()); |
261 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); | 262 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); |
262 ASSERT_EQ(1U, subject.organization_names.size()); | 263 ASSERT_EQ(1U, subject.organization_names.size()); |
263 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); | 264 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); |
264 ASSERT_EQ(2U, subject.organization_unit_names.size()); | 265 ASSERT_EQ(2U, subject.organization_unit_names.size()); |
265 EXPECT_EQ("net_unittests", subject.organization_unit_names[0]); | 266 EXPECT_EQ("net_unittests", subject.organization_unit_names[0]); |
266 EXPECT_EQ("Chromium", subject.organization_unit_names[1]); | 267 EXPECT_EQ("Chromium", subject.organization_unit_names[1]); |
267 EXPECT_EQ(0U, subject.domain_components.size()); | 268 EXPECT_EQ(0U, subject.domain_components.size()); |
268 } | 269 } |
269 | 270 |
| 271 TEST(X509CertificateTest, TeletexStringIsLatin1) { |
| 272 base::FilePath certs_dir = |
| 273 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
| 274 |
| 275 scoped_refptr<X509Certificate> cert = |
| 276 ImportCertFromFile(certs_dir, "subject_t61string.pem"); |
| 277 ASSERT_TRUE(cert); |
| 278 |
| 279 const CertPrincipal& subject = cert->subject(); |
| 280 EXPECT_EQ( |
| 281 " !\"#$%&'()*+,-./" |
| 282 "0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`" |
| 283 "abcdefghijklmnopqrstuvwxyz{|}~" |
| 284 " ¡¢£¤¥¦§¨©ª«¬®¯°±²³´µ¶·¸¹º»¼½¾¿ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞßàáâãäåæç" |
| 285 "èéêëìíîïðñòóôõö÷øùúûüýþÿ", |
| 286 subject.organization_names[0]); |
| 287 } |
| 288 |
| 289 TEST(X509CertificateTest, TeletexStringControlChars) { |
| 290 base::FilePath certs_dir = |
| 291 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
| 292 |
| 293 scoped_refptr<X509Certificate> cert = |
| 294 ImportCertFromFile(certs_dir, "subject_t61string_1-32.pem"); |
| 295 ASSERT_TRUE(cert); |
| 296 |
| 297 const CertPrincipal& subject = cert->subject(); |
| 298 EXPECT_EQ( |
| 299 "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12" |
| 300 "\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20", |
| 301 subject.organization_names[0]); |
| 302 } |
| 303 |
| 304 TEST(X509CertificateTest, TeletexStringIsLatin1OrCp1252) { |
| 305 base::FilePath certs_dir = |
| 306 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
| 307 |
| 308 scoped_refptr<X509Certificate> cert = |
| 309 ImportCertFromFile(certs_dir, "subject_t61string_126-160.pem"); |
| 310 ASSERT_TRUE(cert); |
| 311 |
| 312 const CertPrincipal& subject = cert->subject(); |
| 313 #if (defined(OS_MACOSX) && !defined(OS_IOS)) || \ |
| 314 (BUILDFLAG(USE_BYTE_CERTS) && !BUILDFLAG(USE_PLATFORM_ICU_ALTERNATIVES)) |
| 315 // Mac: TeletexString is decoded as CP1252. |
| 316 // use_byte_certs: ICU ISO-8859-1 seems to be CP1252 actually. |
| 317 // (but with use_platform_icu_alternatives it's not.) |
| 318 EXPECT_EQ( |
| 319 "~\x7F\xE2\x82\xAC\xC2\x81\xE2\x80\x9A\xC6\x92\xE2\x80\x9E\xE2\x80\xA6" |
| 320 "\xE2\x80\xA0\xE2\x80\xA1\xCB\x86\xE2\x80\xB0\xC5\xA0\xE2\x80\xB9\xC5\x92" |
| 321 "\xC2\x8D\xC5\xBD\xC2\x8F\xC2\x90\xE2\x80\x98\xE2\x80\x99\xE2\x80\x9C\xE2" |
| 322 "\x80\x9D\xE2\x80\xA2\xE2\x80\x93\xE2\x80\x94\xCB\x9C\xE2\x84\xA2\xC5\xA1" |
| 323 "\xE2\x80\xBA\xC5\x93\xC2\x9D\xC5\xBE\xC5\xB8\xC2\xA0", |
| 324 subject.organization_names[0]); |
| 325 #else |
| 326 // NSS, Win, Android, iOS: TeletexString is decoded as latin1, so 127-160 get |
| 327 // decoded to equivalent unicode control chars. |
| 328 EXPECT_EQ( |
| 329 "~\x7F\xC2\x80\xC2\x81\xC2\x82\xC2\x83\xC2\x84\xC2\x85\xC2\x86\xC2\x87" |
| 330 "\xC2\x88\xC2\x89\xC2\x8A\xC2\x8B\xC2\x8C\xC2\x8D\xC2\x8E\xC2\x8F\xC2\x90" |
| 331 "\xC2\x91\xC2\x92\xC2\x93\xC2\x94\xC2\x95\xC2\x96\xC2\x97\xC2\x98\xC2\x99" |
| 332 "\xC2\x9A\xC2\x9B\xC2\x9C\xC2\x9D\xC2\x9E\xC2\x9F\xC2\xA0", |
| 333 subject.organization_names[0]); |
| 334 #endif |
| 335 } |
| 336 |
| 337 TEST(X509CertificateTest, TeletexStringIsNotARealT61String) { |
| 338 base::FilePath certs_dir = |
| 339 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
| 340 |
| 341 scoped_refptr<X509Certificate> cert = |
| 342 ImportCertFromFile(certs_dir, "subject_t61string_actual.pem"); |
| 343 ASSERT_TRUE(cert); |
| 344 |
| 345 const CertPrincipal& subject = cert->subject(); |
| 346 // If TeletexStrings were actually parsed according to T.61, this would be |
| 347 // "あ". (Probably. Not verified against a real implementation.) |
| 348 EXPECT_EQ("\x1B$@$\"", subject.organization_names[0]); |
| 349 } |
| 350 |
270 TEST(X509CertificateTest, SerialNumbers) { | 351 TEST(X509CertificateTest, SerialNumbers) { |
271 scoped_refptr<X509Certificate> google_cert( | 352 scoped_refptr<X509Certificate> google_cert( |
272 X509Certificate::CreateFromBytes( | 353 X509Certificate::CreateFromBytes( |
273 reinterpret_cast<const char*>(google_der), sizeof(google_der))); | 354 reinterpret_cast<const char*>(google_der), sizeof(google_der))); |
274 ASSERT_TRUE(google_cert); | 355 ASSERT_TRUE(google_cert); |
275 | 356 |
276 static const uint8_t google_serial[16] = { | 357 static const uint8_t google_serial[16] = { |
277 0x01,0x2a,0x39,0x76,0x0d,0x3f,0x4f,0xc9, | 358 0x01,0x2a,0x39,0x76,0x0d,0x3f,0x4f,0xc9, |
278 0x0b,0xe7,0xbd,0x2b,0xcf,0x95,0x2e,0x7a, | 359 0x0b,0xe7,0xbd,0x2b,0xcf,0x95,0x2e,0x7a, |
279 }; | 360 }; |
(...skipping 956 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1236 &actual_type); | 1317 &actual_type); |
1237 | 1318 |
1238 EXPECT_EQ(data.expected_bits, actual_bits); | 1319 EXPECT_EQ(data.expected_bits, actual_bits); |
1239 EXPECT_EQ(data.expected_type, actual_type); | 1320 EXPECT_EQ(data.expected_type, actual_type); |
1240 } | 1321 } |
1241 | 1322 |
1242 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, | 1323 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, |
1243 testing::ValuesIn(kPublicKeyInfoTestData)); | 1324 testing::ValuesIn(kPublicKeyInfoTestData)); |
1244 | 1325 |
1245 } // namespace net | 1326 } // namespace net |
OLD | NEW |