net/cert/internal/verify_certificate_chain_pkits_unittest.cc - Issue 2918063002: Revert of Add policies support to VerifyCertificateChain().

Side by Side Diff: net/cert/internal/verify_certificate_chain_pkits_unittest.cc

Issue 2918063002: Revert of Add policies support to VerifyCertificateChain(). (Closed)

Patch Set: Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2016 The Chromium Authors. All rights reserved.	1 // Copyright 2016 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/internal/verify_certificate_chain.h"	5 #include "net/cert/internal/verify_certificate_chain.h"

6	6

7 #include "net/cert/internal/parsed_certificate.h"	7 #include "net/cert/internal/parsed_certificate.h"

8 #include "net/cert/internal/signature_policy.h"	8 #include "net/cert/internal/signature_policy.h"

9 #include "net/cert/internal/trust_store.h"	9 #include "net/cert/internal/trust_store.h"

10 #include "net/der/input.h"	10 #include "net/der/input.h"

(...skipping 49 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
60 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) {	60 for (auto i = cert_ders.rbegin(); i != cert_ders.rend(); ++i) {

61 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(	61 ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(

62 bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(	62 bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(

63 reinterpret_cast<const uint8_t*>(i->data()), i->size(), nullptr)),	63 reinterpret_cast<const uint8_t*>(i->data()), i->size(), nullptr)),

64 {}, &input_chain, &parsing_errors))	64 {}, &input_chain, &parsing_errors))

65 << parsing_errors.ToDebugString();	65 << parsing_errors.ToDebugString();

66 }	66 }

67	67

68 SimpleSignaturePolicy signature_policy(1024);	68 SimpleSignaturePolicy signature_policy(1024);

69	69

70 std::set<der::Input> user_constrained_policy_set;

71

72 CertPathErrors path_errors;	70 CertPathErrors path_errors;

73 VerifyCertificateChain(	71 VerifyCertificateChain(input_chain, CertificateTrust::ForTrustAnchor(),

74 input_chain, CertificateTrust::ForTrustAnchor(), &signature_policy,	72 &signature_policy, info.time, KeyPurpose::ANY_EKU,

75 info.time, KeyPurpose::ANY_EKU, info.initial_explicit_policy,	73 &path_errors);

76 info.initial_policy_set, info.initial_policy_mapping_inhibit,

77 info.initial_inhibit_any_policy, &user_constrained_policy_set,

78 &path_errors);

79 bool did_succeed = !path_errors.ContainsHighSeverityErrors();	74 bool did_succeed = !path_errors.ContainsHighSeverityErrors();

80	75

81 EXPECT_EQ(info.user_constrained_policy_set, user_constrained_policy_set);

82

83 // TODO(crbug.com/634443): Test errors on failure?	76 // TODO(crbug.com/634443): Test errors on failure?

84 if (info.should_validate != did_succeed) {	77 if (info.should_validate != did_succeed) {

85 ASSERT_EQ(info.should_validate, did_succeed)	78 ASSERT_EQ(info.should_validate, did_succeed)

86 << path_errors.ToDebugString(input_chain);	79 << path_errors.ToDebugString(input_chain);

87 }	80 }

88 }	81 }

89 };	82 };

90	83

91 } // namespace	84 } // namespace

92	85

(...skipping 129 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
222 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,	215 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

223 PkitsTest03VerifyingNameChaining,	216 PkitsTest03VerifyingNameChaining,

224 VerifyCertificateChainPkitsTestDelegate);	217 VerifyCertificateChainPkitsTestDelegate);

225 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,	218 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

226 PkitsTest06VerifyingBasicConstraints,	219 PkitsTest06VerifyingBasicConstraints,

227 VerifyCertificateChainPkitsTestDelegate);	220 VerifyCertificateChainPkitsTestDelegate);

228 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,	221 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

229 PkitsTest07KeyUsage,	222 PkitsTest07KeyUsage,

230 VerifyCertificateChainPkitsTestDelegate);	223 VerifyCertificateChainPkitsTestDelegate);

231 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,	224 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

232 PkitsTest08CertificatePolicies,

233 VerifyCertificateChainPkitsTestDelegate);

234 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

235 PkitsTest09RequireExplicitPolicy,

236 VerifyCertificateChainPkitsTestDelegate);

237 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

238 PkitsTest10PolicyMappings,

239 VerifyCertificateChainPkitsTestDelegate);

240 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

241 PkitsTest11InhibitPolicyMapping,

242 VerifyCertificateChainPkitsTestDelegate);

243 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

244 PkitsTest12InhibitAnyPolicy,

245 VerifyCertificateChainPkitsTestDelegate);

246 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

247 PkitsTest13NameConstraints,	225 PkitsTest13NameConstraints,

248 VerifyCertificateChainPkitsTestDelegate);	226 VerifyCertificateChainPkitsTestDelegate);

249 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,	227 INSTANTIATE_TYPED_TEST_CASE_P(VerifyCertificateChain,

250 PkitsTest16PrivateCertificateExtensions,	228 PkitsTest16PrivateCertificateExtensions,

251 VerifyCertificateChainPkitsTestDelegate);	229 VerifyCertificateChainPkitsTestDelegate);

252	230

253 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests,	231 // TODO(mattm): CRL support: PkitsTest04BasicCertificateRevocationTests,

254 // PkitsTest05VerifyingPathswithSelfIssuedCertificates,	232 // PkitsTest05VerifyingPathswithSelfIssuedCertificates,

255 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs	233 // PkitsTest14DistributionPoints, PkitsTest15DeltaCRLs

256	234

	235 // TODO(mattm): Certificate Policies support: PkitsTest08CertificatePolicies,

	236 // PkitsTest09RequireExplicitPolicy PkitsTest10PolicyMappings,

	237 // PkitsTest11InhibitPolicyMapping, PkitsTest12InhibitAnyPolicy

	238

257 } // namespace net	239 } // namespace net

OLD	NEW

« no previous file with comments | « net/cert/internal/verify_certificate_chain.cc ('k') | net/cert/internal/verify_certificate_chain_unittest.cc » ('j') | no next file with comments »