OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
6 | 6 |
7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
10 #include "base/pickle.h" | 10 #include "base/pickle.h" |
(...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
84 }; | 84 }; |
85 | 85 |
86 // Dec 18 00:00:00 2009 GMT | 86 // Dec 18 00:00:00 2009 GMT |
87 const double kGoogleParseValidFrom = 1261094400; | 87 const double kGoogleParseValidFrom = 1261094400; |
88 // Dec 18 23:59:59 2011 GMT | 88 // Dec 18 23:59:59 2011 GMT |
89 const double kGoogleParseValidTo = 1324252799; | 89 const double kGoogleParseValidTo = 1324252799; |
90 | 90 |
91 void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert, | 91 void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert, |
92 uint8* expected_fingerprint, | 92 uint8* expected_fingerprint, |
93 double valid_from, double valid_to) { | 93 double valid_from, double valid_to) { |
94 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert); | 94 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert.get()); |
95 | 95 |
96 const CertPrincipal& subject = google_cert->subject(); | 96 const CertPrincipal& subject = google_cert->subject(); |
97 EXPECT_EQ("www.google.com", subject.common_name); | 97 EXPECT_EQ("www.google.com", subject.common_name); |
98 EXPECT_EQ("Mountain View", subject.locality_name); | 98 EXPECT_EQ("Mountain View", subject.locality_name); |
99 EXPECT_EQ("California", subject.state_or_province_name); | 99 EXPECT_EQ("California", subject.state_or_province_name); |
100 EXPECT_EQ("US", subject.country_name); | 100 EXPECT_EQ("US", subject.country_name); |
101 EXPECT_EQ(0U, subject.street_addresses.size()); | 101 EXPECT_EQ(0U, subject.street_addresses.size()); |
102 ASSERT_EQ(1U, subject.organization_names.size()); | 102 ASSERT_EQ(1U, subject.organization_names.size()); |
103 EXPECT_EQ("Google Inc", subject.organization_names[0]); | 103 EXPECT_EQ("Google Inc", subject.organization_names[0]); |
104 EXPECT_EQ(0U, subject.organization_unit_names.size()); | 104 EXPECT_EQ(0U, subject.organization_unit_names.size()); |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
139 | 139 |
140 CheckGoogleCert(google_cert, google_fingerprint, | 140 CheckGoogleCert(google_cert, google_fingerprint, |
141 1238192407, // Mar 27 22:20:07 2009 GMT | 141 1238192407, // Mar 27 22:20:07 2009 GMT |
142 1269728407); // Mar 27 22:20:07 2010 GMT | 142 1269728407); // Mar 27 22:20:07 2010 GMT |
143 } | 143 } |
144 | 144 |
145 TEST(X509CertificateTest, WebkitCertParsing) { | 145 TEST(X509CertificateTest, WebkitCertParsing) { |
146 scoped_refptr<X509Certificate> webkit_cert(X509Certificate::CreateFromBytes( | 146 scoped_refptr<X509Certificate> webkit_cert(X509Certificate::CreateFromBytes( |
147 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); | 147 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); |
148 | 148 |
149 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert); | 149 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert.get()); |
150 | 150 |
151 const CertPrincipal& subject = webkit_cert->subject(); | 151 const CertPrincipal& subject = webkit_cert->subject(); |
152 EXPECT_EQ("Cupertino", subject.locality_name); | 152 EXPECT_EQ("Cupertino", subject.locality_name); |
153 EXPECT_EQ("California", subject.state_or_province_name); | 153 EXPECT_EQ("California", subject.state_or_province_name); |
154 EXPECT_EQ("US", subject.country_name); | 154 EXPECT_EQ("US", subject.country_name); |
155 EXPECT_EQ(0U, subject.street_addresses.size()); | 155 EXPECT_EQ(0U, subject.street_addresses.size()); |
156 ASSERT_EQ(1U, subject.organization_names.size()); | 156 ASSERT_EQ(1U, subject.organization_names.size()); |
157 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); | 157 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); |
158 ASSERT_EQ(1U, subject.organization_unit_names.size()); | 158 ASSERT_EQ(1U, subject.organization_unit_names.size()); |
159 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); | 159 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
195 EXPECT_TRUE(webkit_cert->VerifyNameMatch("foo.webkit.org", &unused)); | 195 EXPECT_TRUE(webkit_cert->VerifyNameMatch("foo.webkit.org", &unused)); |
196 EXPECT_TRUE(webkit_cert->VerifyNameMatch("webkit.org", &unused)); | 196 EXPECT_TRUE(webkit_cert->VerifyNameMatch("webkit.org", &unused)); |
197 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.webkit.com", &unused)); | 197 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.webkit.com", &unused)); |
198 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.foo.webkit.com", &unused)); | 198 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.foo.webkit.com", &unused)); |
199 } | 199 } |
200 | 200 |
201 TEST(X509CertificateTest, ThawteCertParsing) { | 201 TEST(X509CertificateTest, ThawteCertParsing) { |
202 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( | 202 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( |
203 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); | 203 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); |
204 | 204 |
205 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); | 205 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert.get()); |
206 | 206 |
207 const CertPrincipal& subject = thawte_cert->subject(); | 207 const CertPrincipal& subject = thawte_cert->subject(); |
208 EXPECT_EQ("www.thawte.com", subject.common_name); | 208 EXPECT_EQ("www.thawte.com", subject.common_name); |
209 EXPECT_EQ("Mountain View", subject.locality_name); | 209 EXPECT_EQ("Mountain View", subject.locality_name); |
210 EXPECT_EQ("California", subject.state_or_province_name); | 210 EXPECT_EQ("California", subject.state_or_province_name); |
211 EXPECT_EQ("US", subject.country_name); | 211 EXPECT_EQ("US", subject.country_name); |
212 EXPECT_EQ(0U, subject.street_addresses.size()); | 212 EXPECT_EQ(0U, subject.street_addresses.size()); |
213 ASSERT_EQ(1U, subject.organization_names.size()); | 213 ASSERT_EQ(1U, subject.organization_names.size()); |
214 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); | 214 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); |
215 EXPECT_EQ(0U, subject.organization_unit_names.size()); | 215 EXPECT_EQ(0U, subject.organization_unit_names.size()); |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
247 | 247 |
248 // Test that all desired AttributeAndValue pairs can be extracted when only | 248 // Test that all desired AttributeAndValue pairs can be extracted when only |
249 // a single RelativeDistinguishedName is present. "Normally" there is only | 249 // a single RelativeDistinguishedName is present. "Normally" there is only |
250 // one AVA per RDN, but some CAs place all AVAs within a single RDN. | 250 // one AVA per RDN, but some CAs place all AVAs within a single RDN. |
251 // This is a regression test for http://crbug.com/101009 | 251 // This is a regression test for http://crbug.com/101009 |
252 TEST(X509CertificateTest, MultivalueRDN) { | 252 TEST(X509CertificateTest, MultivalueRDN) { |
253 base::FilePath certs_dir = GetTestCertsDirectory(); | 253 base::FilePath certs_dir = GetTestCertsDirectory(); |
254 | 254 |
255 scoped_refptr<X509Certificate> multivalue_rdn_cert = | 255 scoped_refptr<X509Certificate> multivalue_rdn_cert = |
256 ImportCertFromFile(certs_dir, "multivalue_rdn.pem"); | 256 ImportCertFromFile(certs_dir, "multivalue_rdn.pem"); |
257 ASSERT_NE(static_cast<X509Certificate*>(NULL), multivalue_rdn_cert); | 257 ASSERT_NE(static_cast<X509Certificate*>(NULL), multivalue_rdn_cert.get()); |
258 | 258 |
259 const CertPrincipal& subject = multivalue_rdn_cert->subject(); | 259 const CertPrincipal& subject = multivalue_rdn_cert->subject(); |
260 EXPECT_EQ("Multivalue RDN Test", subject.common_name); | 260 EXPECT_EQ("Multivalue RDN Test", subject.common_name); |
261 EXPECT_EQ("", subject.locality_name); | 261 EXPECT_EQ("", subject.locality_name); |
262 EXPECT_EQ("", subject.state_or_province_name); | 262 EXPECT_EQ("", subject.state_or_province_name); |
263 EXPECT_EQ("US", subject.country_name); | 263 EXPECT_EQ("US", subject.country_name); |
264 EXPECT_EQ(0U, subject.street_addresses.size()); | 264 EXPECT_EQ(0U, subject.street_addresses.size()); |
265 ASSERT_EQ(1U, subject.organization_names.size()); | 265 ASSERT_EQ(1U, subject.organization_names.size()); |
266 EXPECT_EQ("Chromium", subject.organization_names[0]); | 266 EXPECT_EQ("Chromium", subject.organization_names[0]); |
267 ASSERT_EQ(1U, subject.organization_unit_names.size()); | 267 ASSERT_EQ(1U, subject.organization_unit_names.size()); |
268 EXPECT_EQ("Chromium net_unittests", subject.organization_unit_names[0]); | 268 EXPECT_EQ("Chromium net_unittests", subject.organization_unit_names[0]); |
269 ASSERT_EQ(1U, subject.domain_components.size()); | 269 ASSERT_EQ(1U, subject.domain_components.size()); |
270 EXPECT_EQ("Chromium", subject.domain_components[0]); | 270 EXPECT_EQ("Chromium", subject.domain_components[0]); |
271 } | 271 } |
272 | 272 |
273 // Test that characters which would normally be escaped in the string form, | 273 // Test that characters which would normally be escaped in the string form, |
274 // such as '=' or '"', are not escaped when parsed as individual components. | 274 // such as '=' or '"', are not escaped when parsed as individual components. |
275 // This is a regression test for http://crbug.com/102839 | 275 // This is a regression test for http://crbug.com/102839 |
276 TEST(X509CertificateTest, UnescapedSpecialCharacters) { | 276 TEST(X509CertificateTest, UnescapedSpecialCharacters) { |
277 base::FilePath certs_dir = GetTestCertsDirectory(); | 277 base::FilePath certs_dir = GetTestCertsDirectory(); |
278 | 278 |
279 scoped_refptr<X509Certificate> unescaped_cert = | 279 scoped_refptr<X509Certificate> unescaped_cert = |
280 ImportCertFromFile(certs_dir, "unescaped.pem"); | 280 ImportCertFromFile(certs_dir, "unescaped.pem"); |
281 ASSERT_NE(static_cast<X509Certificate*>(NULL), unescaped_cert); | 281 ASSERT_NE(static_cast<X509Certificate*>(NULL), unescaped_cert.get()); |
282 | 282 |
283 const CertPrincipal& subject = unescaped_cert->subject(); | 283 const CertPrincipal& subject = unescaped_cert->subject(); |
284 EXPECT_EQ("127.0.0.1", subject.common_name); | 284 EXPECT_EQ("127.0.0.1", subject.common_name); |
285 EXPECT_EQ("Mountain View", subject.locality_name); | 285 EXPECT_EQ("Mountain View", subject.locality_name); |
286 EXPECT_EQ("California", subject.state_or_province_name); | 286 EXPECT_EQ("California", subject.state_or_province_name); |
287 EXPECT_EQ("US", subject.country_name); | 287 EXPECT_EQ("US", subject.country_name); |
288 ASSERT_EQ(1U, subject.street_addresses.size()); | 288 ASSERT_EQ(1U, subject.street_addresses.size()); |
289 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); | 289 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); |
290 ASSERT_EQ(1U, subject.organization_names.size()); | 290 ASSERT_EQ(1U, subject.organization_names.size()); |
291 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); | 291 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); |
(...skipping 29 matching lines...) Expand all Loading... |
321 paypal_null_cert->serial_number().size()); | 321 paypal_null_cert->serial_number().size()); |
322 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), | 322 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), |
323 paypal_null_serial, sizeof(paypal_null_serial)) == 0); | 323 paypal_null_serial, sizeof(paypal_null_serial)) == 0); |
324 } | 324 } |
325 | 325 |
326 TEST(X509CertificateTest, CAFingerprints) { | 326 TEST(X509CertificateTest, CAFingerprints) { |
327 base::FilePath certs_dir = GetTestCertsDirectory(); | 327 base::FilePath certs_dir = GetTestCertsDirectory(); |
328 | 328 |
329 scoped_refptr<X509Certificate> server_cert = | 329 scoped_refptr<X509Certificate> server_cert = |
330 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); | 330 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); |
331 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); | 331 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); |
332 | 332 |
333 scoped_refptr<X509Certificate> intermediate_cert1 = | 333 scoped_refptr<X509Certificate> intermediate_cert1 = |
334 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem"); | 334 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem"); |
335 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1); | 335 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1.get()); |
336 | 336 |
337 scoped_refptr<X509Certificate> intermediate_cert2 = | 337 scoped_refptr<X509Certificate> intermediate_cert2 = |
338 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem"); | 338 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem"); |
339 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2); | 339 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2.get()); |
340 | 340 |
341 X509Certificate::OSCertHandles intermediates; | 341 X509Certificate::OSCertHandles intermediates; |
342 intermediates.push_back(intermediate_cert1->os_cert_handle()); | 342 intermediates.push_back(intermediate_cert1->os_cert_handle()); |
343 scoped_refptr<X509Certificate> cert_chain1 = | 343 scoped_refptr<X509Certificate> cert_chain1 = |
344 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), | 344 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), |
345 intermediates); | 345 intermediates); |
346 | 346 |
347 intermediates.clear(); | 347 intermediates.clear(); |
348 intermediates.push_back(intermediate_cert2->os_cert_handle()); | 348 intermediates.push_back(intermediate_cert2->os_cert_handle()); |
349 scoped_refptr<X509Certificate> cert_chain2 = | 349 scoped_refptr<X509Certificate> cert_chain2 = |
(...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
449 cert_chain2_chain_fingerprint_256, 32) == 0); | 449 cert_chain2_chain_fingerprint_256, 32) == 0); |
450 EXPECT_TRUE(memcmp(chain_fingerprint_256_3.data, | 450 EXPECT_TRUE(memcmp(chain_fingerprint_256_3.data, |
451 cert_chain3_chain_fingerprint_256, 32) == 0); | 451 cert_chain3_chain_fingerprint_256, 32) == 0); |
452 } | 452 } |
453 | 453 |
454 TEST(X509CertificateTest, ParseSubjectAltNames) { | 454 TEST(X509CertificateTest, ParseSubjectAltNames) { |
455 base::FilePath certs_dir = GetTestCertsDirectory(); | 455 base::FilePath certs_dir = GetTestCertsDirectory(); |
456 | 456 |
457 scoped_refptr<X509Certificate> san_cert = | 457 scoped_refptr<X509Certificate> san_cert = |
458 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); | 458 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); |
459 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert); | 459 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert.get()); |
460 | 460 |
461 std::vector<std::string> dns_names; | 461 std::vector<std::string> dns_names; |
462 std::vector<std::string> ip_addresses; | 462 std::vector<std::string> ip_addresses; |
463 san_cert->GetSubjectAltName(&dns_names, &ip_addresses); | 463 san_cert->GetSubjectAltName(&dns_names, &ip_addresses); |
464 | 464 |
465 // Ensure that DNS names are correctly parsed. | 465 // Ensure that DNS names are correctly parsed. |
466 ASSERT_EQ(1U, dns_names.size()); | 466 ASSERT_EQ(1U, dns_names.size()); |
467 EXPECT_EQ("test.example", dns_names[0]); | 467 EXPECT_EQ("test.example", dns_names[0]); |
468 | 468 |
469 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. | 469 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. |
(...skipping 16 matching lines...) Expand all Loading... |
486 | 486 |
487 // Ensure the subjectAltName dirName has not influenced the handling of | 487 // Ensure the subjectAltName dirName has not influenced the handling of |
488 // the subject commonName. | 488 // the subject commonName. |
489 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); | 489 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); |
490 } | 490 } |
491 | 491 |
492 TEST(X509CertificateTest, ExtractSPKIFromDERCert) { | 492 TEST(X509CertificateTest, ExtractSPKIFromDERCert) { |
493 base::FilePath certs_dir = GetTestCertsDirectory(); | 493 base::FilePath certs_dir = GetTestCertsDirectory(); |
494 scoped_refptr<X509Certificate> cert = | 494 scoped_refptr<X509Certificate> cert = |
495 ImportCertFromFile(certs_dir, "nist.der"); | 495 ImportCertFromFile(certs_dir, "nist.der"); |
496 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); | 496 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert.get()); |
497 | 497 |
498 std::string derBytes; | 498 std::string derBytes; |
499 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), | 499 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), |
500 &derBytes)); | 500 &derBytes)); |
501 | 501 |
502 base::StringPiece spkiBytes; | 502 base::StringPiece spkiBytes; |
503 EXPECT_TRUE(asn1::ExtractSPKIFromDERCert(derBytes, &spkiBytes)); | 503 EXPECT_TRUE(asn1::ExtractSPKIFromDERCert(derBytes, &spkiBytes)); |
504 | 504 |
505 uint8 hash[base::kSHA1Length]; | 505 uint8 hash[base::kSHA1Length]; |
506 base::SHA1HashBytes(reinterpret_cast<const uint8*>(spkiBytes.data()), | 506 base::SHA1HashBytes(reinterpret_cast<const uint8*>(spkiBytes.data()), |
507 spkiBytes.size(), hash); | 507 spkiBytes.size(), hash); |
508 | 508 |
509 EXPECT_EQ(0, memcmp(hash, kNistSPKIHash, sizeof(hash))); | 509 EXPECT_EQ(0, memcmp(hash, kNistSPKIHash, sizeof(hash))); |
510 } | 510 } |
511 | 511 |
512 TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { | 512 TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { |
513 base::FilePath certs_dir = GetTestCertsDirectory(); | 513 base::FilePath certs_dir = GetTestCertsDirectory(); |
514 scoped_refptr<X509Certificate> cert = | 514 scoped_refptr<X509Certificate> cert = |
515 ImportCertFromFile(certs_dir, "nist.der"); | 515 ImportCertFromFile(certs_dir, "nist.der"); |
516 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); | 516 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert.get()); |
517 | 517 |
518 std::string derBytes; | 518 std::string derBytes; |
519 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), | 519 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), |
520 &derBytes)); | 520 &derBytes)); |
521 | 521 |
522 std::vector<base::StringPiece> crl_urls; | 522 std::vector<base::StringPiece> crl_urls; |
523 EXPECT_TRUE(asn1::ExtractCRLURLsFromDERCert(derBytes, &crl_urls)); | 523 EXPECT_TRUE(asn1::ExtractCRLURLsFromDERCert(derBytes, &crl_urls)); |
524 | 524 |
525 EXPECT_EQ(1u, crl_urls.size()); | 525 EXPECT_EQ(1u, crl_urls.size()); |
526 if (crl_urls.size() > 0) { | 526 if (crl_urls.size() > 0) { |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
596 X509Certificate::FreeOSCertHandle(google_cert_handle); | 596 X509Certificate::FreeOSCertHandle(google_cert_handle); |
597 X509Certificate::FreeOSCertHandle(thawte_cert_handle); | 597 X509Certificate::FreeOSCertHandle(thawte_cert_handle); |
598 | 598 |
599 Pickle pickle; | 599 Pickle pickle; |
600 cert->Persist(&pickle); | 600 cert->Persist(&pickle); |
601 | 601 |
602 PickleIterator iter(pickle); | 602 PickleIterator iter(pickle); |
603 scoped_refptr<X509Certificate> cert_from_pickle = | 603 scoped_refptr<X509Certificate> cert_from_pickle = |
604 X509Certificate::CreateFromPickle( | 604 X509Certificate::CreateFromPickle( |
605 pickle, &iter, X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V3); | 605 pickle, &iter, X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V3); |
606 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert_from_pickle); | 606 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert_from_pickle.get()); |
607 EXPECT_TRUE(X509Certificate::IsSameOSCert( | 607 EXPECT_TRUE(X509Certificate::IsSameOSCert( |
608 cert->os_cert_handle(), cert_from_pickle->os_cert_handle())); | 608 cert->os_cert_handle(), cert_from_pickle->os_cert_handle())); |
609 const X509Certificate::OSCertHandles& cert_intermediates = | 609 const X509Certificate::OSCertHandles& cert_intermediates = |
610 cert->GetIntermediateCertificates(); | 610 cert->GetIntermediateCertificates(); |
611 const X509Certificate::OSCertHandles& pickle_intermediates = | 611 const X509Certificate::OSCertHandles& pickle_intermediates = |
612 cert_from_pickle->GetIntermediateCertificates(); | 612 cert_from_pickle->GetIntermediateCertificates(); |
613 ASSERT_EQ(cert_intermediates.size(), pickle_intermediates.size()); | 613 ASSERT_EQ(cert_intermediates.size(), pickle_intermediates.size()); |
614 for (size_t i = 0; i < cert_intermediates.size(); ++i) { | 614 for (size_t i = 0; i < cert_intermediates.size(); ++i) { |
615 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert_intermediates[i], | 615 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert_intermediates[i], |
616 pickle_intermediates[i])); | 616 pickle_intermediates[i])); |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
759 // Cleanup | 759 // Cleanup |
760 X509Certificate::FreeOSCertHandle(google_handle); | 760 X509Certificate::FreeOSCertHandle(google_handle); |
761 } | 761 } |
762 | 762 |
763 TEST(X509CertificateTest, IsIssuedByEncoded) { | 763 TEST(X509CertificateTest, IsIssuedByEncoded) { |
764 base::FilePath certs_dir = GetTestCertsDirectory(); | 764 base::FilePath certs_dir = GetTestCertsDirectory(); |
765 | 765 |
766 // Test a client certificate from MIT. | 766 // Test a client certificate from MIT. |
767 scoped_refptr<X509Certificate> mit_davidben_cert( | 767 scoped_refptr<X509Certificate> mit_davidben_cert( |
768 ImportCertFromFile(certs_dir, "mit.davidben.der")); | 768 ImportCertFromFile(certs_dir, "mit.davidben.der")); |
769 ASSERT_NE(static_cast<X509Certificate*>(NULL), mit_davidben_cert); | 769 ASSERT_NE(static_cast<X509Certificate*>(NULL), mit_davidben_cert.get()); |
770 | 770 |
771 std::string mit_issuer(reinterpret_cast<const char*>(MITDN), | 771 std::string mit_issuer(reinterpret_cast<const char*>(MITDN), |
772 sizeof(MITDN)); | 772 sizeof(MITDN)); |
773 | 773 |
774 // Test a certificate from Google, issued by Thawte | 774 // Test a certificate from Google, issued by Thawte |
775 scoped_refptr<X509Certificate> google_cert( | 775 scoped_refptr<X509Certificate> google_cert( |
776 ImportCertFromFile(certs_dir, "google.single.der")); | 776 ImportCertFromFile(certs_dir, "google.single.der")); |
777 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert); | 777 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert.get()); |
778 | 778 |
779 std::string thawte_issuer(reinterpret_cast<const char*>(ThawteDN), | 779 std::string thawte_issuer(reinterpret_cast<const char*>(ThawteDN), |
780 sizeof(ThawteDN)); | 780 sizeof(ThawteDN)); |
781 | 781 |
782 // Check that the David Ben certificate is issued by MIT, but not | 782 // Check that the David Ben certificate is issued by MIT, but not |
783 // by Thawte. | 783 // by Thawte. |
784 std::vector<std::string> issuers; | 784 std::vector<std::string> issuers; |
785 issuers.clear(); | 785 issuers.clear(); |
786 issuers.push_back(mit_issuer); | 786 issuers.push_back(mit_issuer); |
787 EXPECT_TRUE(mit_davidben_cert->IsIssuedByEncoded(issuers)); | 787 EXPECT_TRUE(mit_davidben_cert->IsIssuedByEncoded(issuers)); |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
869 TEST(X509CertificateTest, FreeNullHandle) { | 869 TEST(X509CertificateTest, FreeNullHandle) { |
870 X509Certificate::FreeOSCertHandle(NULL); | 870 X509Certificate::FreeOSCertHandle(NULL); |
871 } | 871 } |
872 | 872 |
873 #if defined(USE_NSS) | 873 #if defined(USE_NSS) |
874 TEST(X509CertificateTest, GetDefaultNickname) { | 874 TEST(X509CertificateTest, GetDefaultNickname) { |
875 base::FilePath certs_dir = GetTestCertsDirectory(); | 875 base::FilePath certs_dir = GetTestCertsDirectory(); |
876 | 876 |
877 scoped_refptr<X509Certificate> test_cert( | 877 scoped_refptr<X509Certificate> test_cert( |
878 ImportCertFromFile(certs_dir, "no_subject_common_name_cert.pem")); | 878 ImportCertFromFile(certs_dir, "no_subject_common_name_cert.pem")); |
879 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); | 879 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert.get()); |
880 | 880 |
881 std::string nickname = test_cert->GetDefaultNickname(USER_CERT); | 881 std::string nickname = test_cert->GetDefaultNickname(USER_CERT); |
882 EXPECT_EQ("wtc@google.com's COMODO Client Authentication and " | 882 EXPECT_EQ("wtc@google.com's COMODO Client Authentication and " |
883 "Secure Email CA ID", nickname); | 883 "Secure Email CA ID", nickname); |
884 } | 884 } |
885 #endif | 885 #endif |
886 | 886 |
887 const struct CertificateFormatTestData { | 887 const struct CertificateFormatTestData { |
888 const char* file_name; | 888 const char* file_name; |
889 X509Certificate::Format format; | 889 X509Certificate::Format format; |
(...skipping 377 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1267 &actual_type); | 1267 &actual_type); |
1268 | 1268 |
1269 EXPECT_EQ(data.expected_bits, actual_bits); | 1269 EXPECT_EQ(data.expected_bits, actual_bits); |
1270 EXPECT_EQ(data.expected_type, actual_type); | 1270 EXPECT_EQ(data.expected_type, actual_type); |
1271 } | 1271 } |
1272 | 1272 |
1273 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, | 1273 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, |
1274 testing::ValuesIn(kPublicKeyInfoTestData)); | 1274 testing::ValuesIn(kPublicKeyInfoTestData)); |
1275 | 1275 |
1276 } // namespace net | 1276 } // namespace net |
OLD | NEW |