Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(343)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_util_unittest.cc

Issue 2898573002: Refactor client cert private key handling. (Closed)
Patch Set: removed no longer needed forward declaration Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_util.cc ('k') | net/http/failing_http_transaction_factory.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_util.h" 5 #include "net/cert/x509_util.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <memory> 8 #include <memory>
9 9
10 #include "base/memory/ref_counted.h" 10 #include "base/memory/ref_counted.h"
11 #include "base/time/time.h" 11 #include "base/time/time.h"
12 #include "crypto/rsa_private_key.h" 12 #include "crypto/rsa_private_key.h"
13 #include "net/cert/x509_certificate.h" 13 #include "net/cert/x509_certificate.h"
14 #include "testing/gtest/include/gtest/gtest.h" 14 #include "testing/gtest/include/gtest/gtest.h"
15 15
16 namespace net { 16 namespace net {
17 17
18 namespace x509_util { 18 namespace x509_util {
19 19
20 TEST(X509UtilTest, SortClientCertificates) {
21 CertificateList certs;
22 certs.push_back(nullptr);
23
24 std::unique_ptr<crypto::RSAPrivateKey> key(
25 crypto::RSAPrivateKey::Create(1024));
26 ASSERT_TRUE(key);
27
28 scoped_refptr<X509Certificate> cert;
29 std::string der_cert;
30
31 ASSERT_TRUE(CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1,
32 "CN=expired", 1, base::Time::UnixEpoch(),
33 base::Time::UnixEpoch(), &der_cert));
34 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
35 ASSERT_TRUE(cert);
36 certs.push_back(cert);
37
38 const base::Time now = base::Time::Now();
39
40 ASSERT_TRUE(CreateSelfSignedCert(
41 key.get(), x509_util::DIGEST_SHA1, "CN=not yet valid", 2,
42 now + base::TimeDelta::FromDays(10), now + base::TimeDelta::FromDays(15),
43 &der_cert));
44 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
45 ASSERT_TRUE(cert);
46 certs.push_back(cert);
47
48 ASSERT_TRUE(
49 CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1, "CN=older cert",
50 3, now - base::TimeDelta::FromDays(5),
51 now + base::TimeDelta::FromDays(5), &der_cert));
52 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
53 ASSERT_TRUE(cert);
54 certs.push_back(cert);
55
56 certs.push_back(nullptr);
57
58 ASSERT_TRUE(
59 CreateSelfSignedCert(key.get(), x509_util::DIGEST_SHA1, "CN=newer cert",
60 2, now - base::TimeDelta::FromDays(3),
61 now + base::TimeDelta::FromDays(5), &der_cert));
62 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
63 ASSERT_TRUE(cert);
64 certs.push_back(cert);
65
66 std::sort(certs.begin(), certs.end(), ClientCertSorter());
67
68 ASSERT_EQ(6u, certs.size());
69 ASSERT_TRUE(certs[0].get());
70 EXPECT_EQ("newer cert", certs[0]->subject().common_name);
71 ASSERT_TRUE(certs[1].get());
72 EXPECT_EQ("older cert", certs[1]->subject().common_name);
73 ASSERT_TRUE(certs[2].get());
74 EXPECT_EQ("not yet valid", certs[2]->subject().common_name);
75 ASSERT_TRUE(certs[3].get());
76 EXPECT_EQ("expired", certs[3]->subject().common_name);
77 ASSERT_FALSE(certs[4].get());
78 ASSERT_FALSE(certs[5].get());
79 }
80
81 // This test creates a self-signed cert and a private key and then verifies the 20 // This test creates a self-signed cert and a private key and then verifies the
82 // content of the certificate. 21 // content of the certificate.
83 TEST(X509UtilTest, CreateKeyAndSelfSigned) { 22 TEST(X509UtilTest, CreateKeyAndSelfSigned) {
84 std::unique_ptr<crypto::RSAPrivateKey> private_key; 23 std::unique_ptr<crypto::RSAPrivateKey> private_key;
85 24
86 std::string der_cert; 25 std::string der_cert;
87 ASSERT_TRUE(x509_util::CreateKeyAndSelfSignedCert( 26 ASSERT_TRUE(x509_util::CreateKeyAndSelfSignedCert(
88 "CN=subject", 27 "CN=subject",
89 1, 28 1,
90 base::Time::Now(), 29 base::Time::Now(),
(...skipping 634 matching lines...) Expand 10 before | Expand all | Expand 10 after
725 664
726 std::string channel_bindings; 665 std::string channel_bindings;
727 ASSERT_FALSE( 666 ASSERT_FALSE(
728 x509_util::GetTLSServerEndPointChannelBinding(*cert, &channel_bindings)); 667 x509_util::GetTLSServerEndPointChannelBinding(*cert, &channel_bindings));
729 EXPECT_TRUE(channel_bindings.empty()); 668 EXPECT_TRUE(channel_bindings.empty());
730 } 669 }
731 670
732 } // namespace x509_util 671 } // namespace x509_util
733 672
734 } // namespace net 673 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_util.cc ('k') | net/http/failing_http_transaction_factory.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698