OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_verify_proc.h" | 5 #include "net/cert/cert_verify_proc.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
(...skipping 469 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
480 // TODO(crbug.com/649017): What expectations to use for the other verifiers? | 480 // TODO(crbug.com/649017): What expectations to use for the other verifiers? |
481 } | 481 } |
482 | 482 |
483 #if BUILDFLAG(USE_BYTE_CERTS) | 483 #if BUILDFLAG(USE_BYTE_CERTS) |
484 // Tests the case where the target certificate is accepted by | 484 // Tests the case where the target certificate is accepted by |
485 // X509CertificateBytes, but has errors that should cause verification to fail. | 485 // X509CertificateBytes, but has errors that should cause verification to fail. |
486 TEST_P(CertVerifyProcInternalTest, InvalidTarget) { | 486 TEST_P(CertVerifyProcInternalTest, InvalidTarget) { |
487 base::FilePath certs_dir = | 487 base::FilePath certs_dir = |
488 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); | 488 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
489 scoped_refptr<X509Certificate> bad_cert = | 489 scoped_refptr<X509Certificate> bad_cert = |
490 ImportCertFromFile(certs_dir, "extensions_data_after_sequence.pem"); | 490 ImportCertFromFile(certs_dir, "signature_algorithm_null.pem"); |
491 ASSERT_TRUE(bad_cert); | 491 ASSERT_TRUE(bad_cert); |
492 | 492 |
493 scoped_refptr<X509Certificate> ok_cert( | 493 scoped_refptr<X509Certificate> ok_cert( |
494 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); | 494 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); |
495 ASSERT_TRUE(ok_cert); | 495 ASSERT_TRUE(ok_cert); |
496 | 496 |
497 scoped_refptr<X509Certificate> cert_with_bad_target( | 497 scoped_refptr<X509Certificate> cert_with_bad_target( |
498 X509Certificate::CreateFromHandle(bad_cert->os_cert_handle(), | 498 X509Certificate::CreateFromHandle(bad_cert->os_cert_handle(), |
499 {ok_cert->os_cert_handle()})); | 499 {ok_cert->os_cert_handle()})); |
500 ASSERT_TRUE(cert_with_bad_target); | 500 ASSERT_TRUE(cert_with_bad_target); |
501 EXPECT_EQ(1U, cert_with_bad_target->GetIntermediateCertificates().size()); | 501 EXPECT_EQ(1U, cert_with_bad_target->GetIntermediateCertificates().size()); |
502 | 502 |
503 int flags = 0; | 503 int flags = 0; |
504 CertVerifyResult verify_result; | 504 CertVerifyResult verify_result; |
505 int error = Verify(cert_with_bad_target.get(), "127.0.0.1", flags, NULL, | 505 int error = Verify(cert_with_bad_target.get(), "127.0.0.1", flags, NULL, |
506 CertificateList(), &verify_result); | 506 CertificateList(), &verify_result); |
507 | 507 |
508 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_INVALID); | 508 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_INVALID); |
509 EXPECT_THAT(error, IsError(ERR_CERT_INVALID)); | 509 EXPECT_THAT(error, IsError(ERR_CERT_INVALID)); |
510 } | 510 } |
511 | 511 |
512 // Tests the case where an intermediate certificate is accepted by | 512 // Tests the case where an intermediate certificate is accepted by |
513 // X509CertificateBytes, but has errors that should cause verification to fail. | 513 // X509CertificateBytes, but has errors that should cause verification to fail. |
514 TEST_P(CertVerifyProcInternalTest, InvalidIntermediate) { | 514 TEST_P(CertVerifyProcInternalTest, InvalidIntermediate) { |
515 base::FilePath certs_dir = | 515 base::FilePath certs_dir = |
516 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); | 516 GetTestNetDataDirectory().AppendASCII("parse_certificate_unittest"); |
517 scoped_refptr<X509Certificate> bad_cert = | 517 scoped_refptr<X509Certificate> bad_cert = |
518 ImportCertFromFile(certs_dir, "extensions_data_after_sequence.pem"); | 518 ImportCertFromFile(certs_dir, "signature_algorithm_null.pem"); |
519 ASSERT_TRUE(bad_cert); | 519 ASSERT_TRUE(bad_cert); |
520 | 520 |
521 scoped_refptr<X509Certificate> ok_cert( | 521 scoped_refptr<X509Certificate> ok_cert( |
522 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); | 522 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem")); |
523 ASSERT_TRUE(ok_cert); | 523 ASSERT_TRUE(ok_cert); |
524 | 524 |
525 scoped_refptr<X509Certificate> cert_with_bad_intermediate( | 525 scoped_refptr<X509Certificate> cert_with_bad_intermediate( |
526 X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), | 526 X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), |
527 {bad_cert->os_cert_handle()})); | 527 {bad_cert->os_cert_handle()})); |
528 ASSERT_TRUE(cert_with_bad_intermediate); | 528 ASSERT_TRUE(cert_with_bad_intermediate); |
(...skipping 1993 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2522 int flags = 0; | 2522 int flags = 0; |
2523 CertVerifyResult verify_result; | 2523 CertVerifyResult verify_result; |
2524 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags, | 2524 int error = verify_proc->Verify(cert.get(), "127.0.0.1", std::string(), flags, |
2525 NULL, CertificateList(), &verify_result); | 2525 NULL, CertificateList(), &verify_result); |
2526 EXPECT_EQ(OK, error); | 2526 EXPECT_EQ(OK, error); |
2527 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); | 2527 histograms.ExpectTotalCount(kTLSFeatureExtensionHistogram, 0); |
2528 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); | 2528 histograms.ExpectTotalCount(kTLSFeatureExtensionOCSPHistogram, 0); |
2529 } | 2529 } |
2530 | 2530 |
2531 } // namespace net | 2531 } // namespace net |
OLD | NEW |