Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(71)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_verify_proc_unittest.cc

Issue 2913253003: Convert Windows to use X509CertificateBytes. (Closed)
Patch Set: rebase Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/ui/cryptuiapi_shim.h ('K') | « net/BUILD.gn ('k') | net/cert/cert_verify_proc_win.cc » ('j') | net/cert/x509_util_win.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_verify_proc.h" 5 #include "net/cert/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/files/file_path.h" 10 #include "base/files/file_path.h"
(...skipping 385 matching lines...) Expand 10 before | Expand all | Expand 10 after
396 // TODO(crbug.com/649017): What expectations to use for the other verifiers? 396 // TODO(crbug.com/649017): What expectations to use for the other verifiers?
397 } 397 }
398 398
399 #if BUILDFLAG(USE_BYTE_CERTS) 399 #if BUILDFLAG(USE_BYTE_CERTS)
400 // Tests the case where the target certificate is accepted by 400 // Tests the case where the target certificate is accepted by
401 // X509CertificateBytes, but has errors that should cause verification to fail. 401 // X509CertificateBytes, but has errors that should cause verification to fail.
402 TEST_P(CertVerifyProcInternalTest, InvalidTarget) { 402 TEST_P(CertVerifyProcInternalTest, InvalidTarget) {
403 base::FilePath certs_dir = 403 base::FilePath certs_dir =
404 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); 404 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest");
405 scoped_refptr<X509Certificate> bad_cert = 405 scoped_refptr<X509Certificate> bad_cert =
406 ImportCertFromFile(certs_dir, "extensions_data_after_sequence.pem"); 406 ImportCertFromFile(certs_dir, "signature_algorithm_null.pem");
407 ASSERT_TRUE(bad_cert); 407 ASSERT_TRUE(bad_cert);
408 408
409 scoped_refptr<X509Certificate> ok_cert( 409 scoped_refptr<X509Certificate> ok_cert(
410 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); 410 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
411 ASSERT_TRUE(ok_cert); 411 ASSERT_TRUE(ok_cert);
412 412
413 scoped_refptr<X509Certificate> cert_with_bad_target( 413 scoped_refptr<X509Certificate> cert_with_bad_target(
414 X509Certificate::CreateFromHandle(bad_cert->os_cert_handle(), 414 X509Certificate::CreateFromHandle(bad_cert->os_cert_handle(),
415 {ok_cert->os_cert_handle()})); 415 {ok_cert->os_cert_handle()}));
416 ASSERT_TRUE(cert_with_bad_target); 416 ASSERT_TRUE(cert_with_bad_target);
417 EXPECT_EQ(1U, cert_with_bad_target->GetIntermediateCertificates().size()); 417 EXPECT_EQ(1U, cert_with_bad_target->GetIntermediateCertificates().size());
418 418
419 int flags = 0; 419 int flags = 0;
420 CertVerifyResult verify_result; 420 CertVerifyResult verify_result;
421 int error = Verify(cert_with_bad_target.get(), "127.0.0.1", flags, NULL, 421 int error = Verify(cert_with_bad_target.get(), "127.0.0.1", flags, NULL,
422 CertificateList(), &verify_result); 422 CertificateList(), &verify_result);
423 423
424 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_INVALID); 424 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_INVALID);
425 EXPECT_THAT(error, IsError(ERR_CERT_INVALID)); 425 EXPECT_THAT(error, IsError(ERR_CERT_INVALID));
426 } 426 }
427 427
428 // Tests the case where an intermediate certificate is accepted by 428 // Tests the case where an intermediate certificate is accepted by
429 // X509CertificateBytes, but has errors that should cause verification to fail. 429 // X509CertificateBytes, but has errors that should cause verification to fail.
430 TEST_P(CertVerifyProcInternalTest, InvalidIntermediate) { 430 TEST_P(CertVerifyProcInternalTest, InvalidIntermediate) {
431 base::FilePath certs_dir = 431 base::FilePath certs_dir =
432 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); 432 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest");
433 scoped_refptr<X509Certificate> bad_cert = 433 scoped_refptr<X509Certificate> bad_cert =
434 ImportCertFromFile(certs_dir, "extensions_data_after_sequence.pem"); 434 ImportCertFromFile(certs_dir, "signature_algorithm_null.pem");
435 ASSERT_TRUE(bad_cert); 435 ASSERT_TRUE(bad_cert);
436 436
437 scoped_refptr<X509Certificate> ok_cert( 437 scoped_refptr<X509Certificate> ok_cert(
438 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); 438 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
439 ASSERT_TRUE(ok_cert); 439 ASSERT_TRUE(ok_cert);
440 440
441 scoped_refptr<X509Certificate> cert_with_bad_intermediate( 441 scoped_refptr<X509Certificate> cert_with_bad_intermediate(
442 X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), 442 X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(),
443 {bad_cert->os_cert_handle()})); 443 {bad_cert->os_cert_handle()}));
444 ASSERT_TRUE(cert_with_bad_intermediate); 444 ASSERT_TRUE(cert_with_bad_intermediate);
(...skipping 1993 matching lines...) Expand 10 before | Expand all | Expand 10 after
2438 int flags = 0; 2438 int flags = 0;
2439 CertVerifyResult verify_result; 2439 CertVerifyResult verify_result;
2440 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags, 2440 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags,
2441 NULL, CertificateList(), &verify_result); 2441 NULL, CertificateList(), &verify_result);
2442 EXPECT_EQ(OK, error); 2442 EXPECT_EQ(OK, error);
2443 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); 2443 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0);
2444 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); 2444 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0);
2445 } 2445 }
2446 2446
2447 } // namespace net 2447 } // namespace net
OLDNEW
« chrome/browser/ui/cryptuiapi_shim.h ('K') | « net/BUILD.gn ('k') | net/cert/cert_verify_proc_win.cc » ('j') | net/cert/x509_util_win.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698