| OLD | NEW |
|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/path_builder.h" | 5 #include "net/cert/internal/path_builder.h" |
| 6 | 6 |
| 7 #include "net/base/net_errors.h" | 7 #include "net/base/net_errors.h" |
| 8 #include "net/cert/internal/cert_issuer_source_static.h" | 8 #include "net/cert/internal/cert_issuer_source_static.h" |
| 9 #include "net/cert/internal/parse_certificate.h" | 9 #include "net/cert/internal/parse_certificate.h" |
| 10 #include "net/cert/internal/parsed_certificate.h" | 10 #include "net/cert/internal/parsed_certificate.h" |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 74 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? | 74 // TODO(mattm): test with other irrelevant certs in cert_issuer_sources? |
| 75 CertIssuerSourceStatic cert_issuer_source; | 75 CertIssuerSourceStatic cert_issuer_source; |
| 76 for (size_t i = 1; i < cert_ders.size() - 1; ++i) | 76 for (size_t i = 1; i < cert_ders.size() - 1; ++i) |
| 77 cert_issuer_source.AddCert(certs[i]); | 77 cert_issuer_source.AddCert(certs[i]); |
| 78 | 78 |
| 79 scoped_refptr<ParsedCertificate> target_cert(certs.back()); | 79 scoped_refptr<ParsedCertificate> target_cert(certs.back()); |
| 80 | 80 |
| 81 SimpleSignaturePolicy signature_policy(1024); | 81 SimpleSignaturePolicy signature_policy(1024); |
| 82 | 82 |
| 83 CertPathBuilder::Result result; | 83 CertPathBuilder::Result result; |
| 84 CertPathBuilder path_builder(std::move(target_cert), &trust_store, | 84 CertPathBuilder path_builder( |
| 85 &signature_policy, info.time, | 85 std::move(target_cert), &trust_store, &signature_policy, info.time, |
| 86 KeyPurpose::ANY_EKU, &result); | 86 KeyPurpose::ANY_EKU, info.initial_explicit_policy, |
| 87 info.initial_policy_set, info.initial_policy_mapping_inhibit, |
| 88 info.initial_inhibit_any_policy, &result); |
| 87 path_builder.AddCertIssuerSource(&cert_issuer_source); | 89 path_builder.AddCertIssuerSource(&cert_issuer_source); |
| 88 | 90 |
| 89 path_builder.Run(); | 91 path_builder.Run(); |
| 90 | 92 |
| 91 ASSERT_EQ(info.should_validate, result.HasValidPath()); | 93 ASSERT_EQ(info.should_validate, result.HasValidPath()); |
| 94 |
| 95 if (result.HasValidPath()) { |
| 96 EXPECT_EQ(info.user_constrained_policy_set, |
| 97 result.GetBestValidPath()->user_constrained_policy_set); |
| 98 } |
| 92 } | 99 } |
| 93 }; | 100 }; |
| 94 | 101 |
| 95 } // namespace | 102 } // namespace |
| 96 | 103 |
| 97 class PkitsTest01SignatureVerificationCustomPathBuilderFoo | 104 class PkitsTest01SignatureVerificationCustomPathBuilderFoo |
| 98 : public PkitsTest<PathBuilderPkitsTestDelegate> {}; | 105 : public PkitsTest<PathBuilderPkitsTestDelegate> {}; |
| 99 | 106 |
| 100 // Modified version of 4.1.4 Valid DSA Signatures Test4 | 107 // Modified version of 4.1.4 Valid DSA Signatures Test4 |
| 101 TEST_F(PkitsTest01SignatureVerificationCustomPathBuilderFoo, | 108 TEST_F(PkitsTest01SignatureVerificationCustomPathBuilderFoo, |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 226 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, | 233 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 227 PkitsTest03VerifyingNameChaining, | 234 PkitsTest03VerifyingNameChaining, |
| 228 PathBuilderPkitsTestDelegate); | 235 PathBuilderPkitsTestDelegate); |
| 229 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, | 236 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 230 PkitsTest06VerifyingBasicConstraints, | 237 PkitsTest06VerifyingBasicConstraints, |
| 231 PathBuilderPkitsTestDelegate); | 238 PathBuilderPkitsTestDelegate); |
| 232 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, | 239 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 233 PkitsTest07KeyUsage, | 240 PkitsTest07KeyUsage, |
| 234 PathBuilderPkitsTestDelegate); | 241 PathBuilderPkitsTestDelegate); |
| 235 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, | 242 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 243 PkitsTest08CertificatePolicies, |
| 244 PathBuilderPkitsTestDelegate); |
| 245 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 246 PkitsTest09RequireExplicitPolicy, |
| 247 PathBuilderPkitsTestDelegate); |
| 248 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 249 PkitsTest10PolicyMappings, |
| 250 PathBuilderPkitsTestDelegate); |
| 251 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 252 PkitsTest11InhibitPolicyMapping, |
| 253 PathBuilderPkitsTestDelegate); |
| 254 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 255 PkitsTest12InhibitAnyPolicy, |
| 256 PathBuilderPkitsTestDelegate); |
| 257 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 236 PkitsTest13NameConstraints, | 258 PkitsTest13NameConstraints, |
| 237 PathBuilderPkitsTestDelegate); | 259 PathBuilderPkitsTestDelegate); |
| 238 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, | 260 INSTANTIATE_TYPED_TEST_CASE_P(PathBuilder, |
| 239 PkitsTest16PrivateCertificateExtensions, | 261 PkitsTest16PrivateCertificateExtensions, |
| 240 PathBuilderPkitsTestDelegate); | 262 PathBuilderPkitsTestDelegate); |
| 241 | 263 |
| 242 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, | 264 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests, |
| 243 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, | 265 // PkitsTest05VerifyingPathswithSelfIssuedCertificates, |
| 244 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs | 266 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs |
| 245 | 267 |
| 246 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies, | |
| 247 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings, | |
| 248 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy | |
| 249 | |
| 250 } // namespace net | 268 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2898303005:
Wire up certificate policies support in PathBuilder. (Closed)
