Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(140)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/client_cert_identity_unittest.cc

Issue 2898573002: Refactor client cert private key handling. (Closed)
Patch Set: removed no longer needed forward declaration Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/client_cert_identity_test_util.cc ('k') | net/ssl/client_cert_store.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/ssl/client_cert_identity.h"
6
7 #include "base/memory/ptr_util.h"
8 #include "crypto/rsa_private_key.h"
9 #include "net/cert/x509_util.h"
10 #include "net/ssl/client_cert_identity_test_util.h"
11 #include "net/ssl/ssl_private_key.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13
14 namespace net {
15
16 TEST(ClientCertIdentitySorter, SortClientCertificates) {
17 ClientCertIdentityList certs;
18
19 std::unique_ptr<crypto::RSAPrivateKey> key(
20 crypto::RSAPrivateKey::Create(1024));
21 ASSERT_TRUE(key);
22
23 scoped_refptr<X509Certificate> cert;
24 std::string der_cert;
25
26 ASSERT_TRUE(x509_util::CreateSelfSignedCert(
27 key.get(), x509_util::DIGEST_SHA1, "CN=expired", 1,
28 base::Time::UnixEpoch(), base::Time::UnixEpoch(), &der_cert));
29 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
30 ASSERT_TRUE(cert);
31 certs.push_back(base::MakeUnique<FakeClientCertIdentity>(cert, nullptr));
32
33 const base::Time now = base::Time::Now();
34
35 ASSERT_TRUE(x509_util::CreateSelfSignedCert(
36 key.get(), x509_util::DIGEST_SHA1, "CN=not yet valid", 2,
37 now + base::TimeDelta::FromDays(10), now + base::TimeDelta::FromDays(15),
38 &der_cert));
39 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
40 ASSERT_TRUE(cert);
41 certs.push_back(base::MakeUnique<FakeClientCertIdentity>(cert, nullptr));
42
43 ASSERT_TRUE(x509_util::CreateSelfSignedCert(
44 key.get(), x509_util::DIGEST_SHA1, "CN=older cert", 3,
45 now - base::TimeDelta::FromDays(5), now + base::TimeDelta::FromDays(5),
46 &der_cert));
47 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
48 ASSERT_TRUE(cert);
49 certs.push_back(base::MakeUnique<FakeClientCertIdentity>(cert, nullptr));
50
51 ASSERT_TRUE(x509_util::CreateSelfSignedCert(
52 key.get(), x509_util::DIGEST_SHA1, "CN=newer cert", 2,
53 now - base::TimeDelta::FromDays(3), now + base::TimeDelta::FromDays(5),
54 &der_cert));
55 cert = X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size());
56 ASSERT_TRUE(cert);
57 certs.push_back(base::MakeUnique<FakeClientCertIdentity>(cert, nullptr));
58
59 std::sort(certs.begin(), certs.end(), ClientCertIdentitySorter());
60
61 ASSERT_EQ(4u, certs.size());
62 ASSERT_TRUE(certs[0].get());
63 EXPECT_EQ("newer cert", certs[0]->certificate()->subject().common_name);
64 ASSERT_TRUE(certs[1].get());
65 EXPECT_EQ("older cert", certs[1]->certificate()->subject().common_name);
66 ASSERT_TRUE(certs[2].get());
67 EXPECT_EQ("not yet valid", certs[2]->certificate()->subject().common_name);
68 ASSERT_TRUE(certs[3].get());
69 EXPECT_EQ("expired", certs[3]->certificate()->subject().common_name);
70 }
71
72 } // namespace net
OLDNEW
« no previous file with comments | « net/ssl/client_cert_identity_test_util.cc ('k') | net/ssl/client_cert_store.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698