OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_util.h" | 5 #include "net/cert/x509_util.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <memory> | 8 #include <memory> |
9 | 9 |
10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
12 #include "crypto/rsa_private_key.h" | 12 #include "crypto/rsa_private_key.h" |
13 #include "net/cert/x509_certificate.h" | 13 #include "net/cert/x509_certificate.h" |
14 #include "testing/gtest/include/gtest/gtest.h" | 14 #include "testing/gtest/include/gtest/gtest.h" |
15 | 15 |
16 namespace net { | 16 namespace net { |
17 | 17 |
18 namespace x509_util { | 18 namespace x509_util { |
19 | 19 |
20 TEST(X509UtilTest, SortClientCertificates) { | |
21 CertificateList certs; | |
22 certs.push_back(nullptr); | |
23 | |
24 std::unique_ptr<crypto::RSAPrivateKey> key( | |
25 crypto::RSAPrivateKey::Create(1024)); | |
26 ASSERT_TRUE(key); | |
27 | |
28 scoped_refptr<X509Certificate> cert; | |
29 std::string der_cert; | |
30 | |
31 ASSERT_TRUE(CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1, | |
32 "CN=expired", 1, base::Time::UnixEpoch(), | |
33 base::Time::UnixEpoch(), &der_cert)); | |
34 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size()); | |
35 ASSERT_TRUE(cert); | |
36 certs.push_back(cert); | |
37 | |
38 const base::Time now = base::Time::Now(); | |
39 | |
40 ASSERT_TRUE(CreateSelfSignedCert( | |
41 key.get(), x509_util::DIGEST_SHA1, "CN=not yet valid", 2, | |
42 now + base::TimeDelta::FromDays(10), now + base::TimeDelta::FromDays(15), | |
43 &der_cert)); | |
44 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size()); | |
45 ASSERT_TRUE(cert); | |
46 certs.push_back(cert); | |
47 | |
48 ASSERT_TRUE( | |
49 CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1, "CN=older cert", | |
50 3, now - base::TimeDelta::FromDays(5), | |
51 now + base::TimeDelta::FromDays(5), &der_cert)); | |
52 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size()); | |
53 ASSERT_TRUE(cert); | |
54 certs.push_back(cert); | |
55 | |
56 certs.push_back(nullptr); | |
57 | |
58 ASSERT_TRUE( | |
59 CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1, "CN=newer cert", | |
60 2, now - base::TimeDelta::FromDays(3), | |
61 now + base::TimeDelta::FromDays(5), &der_cert)); | |
62 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size()); | |
63 ASSERT_TRUE(cert); | |
64 certs.push_back(cert); | |
65 | |
66 std::sort(certs.begin(), certs.end(), ClientCertSorter()); | |
67 | |
68 ASSERT_EQ(6u, certs.size()); | |
69 ASSERT_TRUE(certs[0].get()); | |
70 EXPECT_EQ("newer cert", certs[0]->subject().common_name); | |
71 ASSERT_TRUE(certs[1].get()); | |
72 EXPECT_EQ("older cert", certs[1]->subject().common_name); | |
73 ASSERT_TRUE(certs[2].get()); | |
74 EXPECT_EQ("not yet valid", certs[2]->subject().common_name); | |
75 ASSERT_TRUE(certs[3].get()); | |
76 EXPECT_EQ("expired", certs[3]->subject().common_name); | |
77 ASSERT_FALSE(certs[4].get()); | |
78 ASSERT_FALSE(certs[5].get()); | |
79 } | |
80 | |
81 // This test creates a self-signed cert and a private key and then verifies the | 20 // This test creates a self-signed cert and a private key and then verifies the |
82 // content of the certificate. | 21 // content of the certificate. |
83 TEST(X509UtilTest, CreateKeyAndSelfSigned) { | 22 TEST(X509UtilTest, CreateKeyAndSelfSigned) { |
84 std::unique_ptr<crypto::RSAPrivateKey> private_key; | 23 std::unique_ptr<crypto::RSAPrivateKey> private_key; |
85 | 24 |
86 std::string der_cert; | 25 std::string der_cert; |
87 ASSERT_TRUE(x509_util::CreateKeyAndSelfSignedCert( | 26 ASSERT_TRUE(x509_util::CreateKeyAndSelfSignedCert( |
88 "CN=subject", | 27 "CN=subject", |
89 1, | 28 1, |
90 base::Time::Now(), | 29 base::Time::Now(), |
(...skipping 634 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
725 | 664 |
726 std::string channel_bindings; | 665 std::string channel_bindings; |
727 ASSERT_FALSE( | 666 ASSERT_FALSE( |
728 x509_util::GetTLSServerEndPointChannelBinding(*cert, &channel_bindings)); | 667 x509_util::GetTLSServerEndPointChannelBinding(*cert, &channel_bindings)); |
729 EXPECT_TRUE(channel_bindings.empty()); | 668 EXPECT_TRUE(channel_bindings.empty()); |
730 } | 669 } |
731 | 670 |
732 } // namespace x509_util | 671 } // namespace x509_util |
733 | 672 |
734 } // namespace net | 673 } // namespace net |
OLD | NEW |