| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/x509_certificate.h" | 5 #include "net/cert/x509_certificate.h" |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/pickle.h" | 10 #include "base/pickle.h" |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 84 }; | 84 }; |
| 85 | 85 |
| 86 // Dec 18 00:00:00 2009 GMT | 86 // Dec 18 00:00:00 2009 GMT |
| 87 const double kGoogleParseValidFrom = 1261094400; | 87 const double kGoogleParseValidFrom = 1261094400; |
| 88 // Dec 18 23:59:59 2011 GMT | 88 // Dec 18 23:59:59 2011 GMT |
| 89 const double kGoogleParseValidTo = 1324252799; | 89 const double kGoogleParseValidTo = 1324252799; |
| 90 | 90 |
| 91 void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert, | 91 void CheckGoogleCert(const scoped_refptr<X509Certificate>& google_cert, |
| 92 uint8* expected_fingerprint, | 92 uint8* expected_fingerprint, |
| 93 double valid_from, double valid_to) { | 93 double valid_from, double valid_to) { |
| 94 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert); | 94 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert.get()); |
| 95 | 95 |
| 96 const CertPrincipal& subject = google_cert->subject(); | 96 const CertPrincipal& subject = google_cert->subject(); |
| 97 EXPECT_EQ("www.google.com", subject.common_name); | 97 EXPECT_EQ("www.google.com", subject.common_name); |
| 98 EXPECT_EQ("Mountain View", subject.locality_name); | 98 EXPECT_EQ("Mountain View", subject.locality_name); |
| 99 EXPECT_EQ("California", subject.state_or_province_name); | 99 EXPECT_EQ("California", subject.state_or_province_name); |
| 100 EXPECT_EQ("US", subject.country_name); | 100 EXPECT_EQ("US", subject.country_name); |
| 101 EXPECT_EQ(0U, subject.street_addresses.size()); | 101 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 102 ASSERT_EQ(1U, subject.organization_names.size()); | 102 ASSERT_EQ(1U, subject.organization_names.size()); |
| 103 EXPECT_EQ("Google Inc", subject.organization_names[0]); | 103 EXPECT_EQ("Google Inc", subject.organization_names[0]); |
| 104 EXPECT_EQ(0U, subject.organization_unit_names.size()); | 104 EXPECT_EQ(0U, subject.organization_unit_names.size()); |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 139 | 139 |
| 140 CheckGoogleCert(google_cert, google_fingerprint, | 140 CheckGoogleCert(google_cert, google_fingerprint, |
| 141 1238192407, // Mar 27 22:20:07 2009 GMT | 141 1238192407, // Mar 27 22:20:07 2009 GMT |
| 142 1269728407); // Mar 27 22:20:07 2010 GMT | 142 1269728407); // Mar 27 22:20:07 2010 GMT |
| 143 } | 143 } |
| 144 | 144 |
| 145 TEST(X509CertificateTest, WebkitCertParsing) { | 145 TEST(X509CertificateTest, WebkitCertParsing) { |
| 146 scoped_refptr<X509Certificate> webkit_cert(X509Certificate::CreateFromBytes( | 146 scoped_refptr<X509Certificate> webkit_cert(X509Certificate::CreateFromBytes( |
| 147 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); | 147 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der))); |
| 148 | 148 |
| 149 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert); | 149 ASSERT_NE(static_cast<X509Certificate*>(NULL), webkit_cert.get()); |
| 150 | 150 |
| 151 const CertPrincipal& subject = webkit_cert->subject(); | 151 const CertPrincipal& subject = webkit_cert->subject(); |
| 152 EXPECT_EQ("Cupertino", subject.locality_name); | 152 EXPECT_EQ("Cupertino", subject.locality_name); |
| 153 EXPECT_EQ("California", subject.state_or_province_name); | 153 EXPECT_EQ("California", subject.state_or_province_name); |
| 154 EXPECT_EQ("US", subject.country_name); | 154 EXPECT_EQ("US", subject.country_name); |
| 155 EXPECT_EQ(0U, subject.street_addresses.size()); | 155 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 156 ASSERT_EQ(1U, subject.organization_names.size()); | 156 ASSERT_EQ(1U, subject.organization_names.size()); |
| 157 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); | 157 EXPECT_EQ("Apple Inc.", subject.organization_names[0]); |
| 158 ASSERT_EQ(1U, subject.organization_unit_names.size()); | 158 ASSERT_EQ(1U, subject.organization_unit_names.size()); |
| 159 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); | 159 EXPECT_EQ("Mac OS Forge", subject.organization_unit_names[0]); |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 EXPECT_TRUE(webkit_cert->VerifyNameMatch("foo.webkit.org", &unused)); | 195 EXPECT_TRUE(webkit_cert->VerifyNameMatch("foo.webkit.org", &unused)); |
| 196 EXPECT_TRUE(webkit_cert->VerifyNameMatch("webkit.org", &unused)); | 196 EXPECT_TRUE(webkit_cert->VerifyNameMatch("webkit.org", &unused)); |
| 197 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.webkit.com", &unused)); | 197 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.webkit.com", &unused)); |
| 198 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.foo.webkit.com", &unused)); | 198 EXPECT_FALSE(webkit_cert->VerifyNameMatch("www.foo.webkit.com", &unused)); |
| 199 } | 199 } |
| 200 | 200 |
| 201 TEST(X509CertificateTest, ThawteCertParsing) { | 201 TEST(X509CertificateTest, ThawteCertParsing) { |
| 202 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( | 202 scoped_refptr<X509Certificate> thawte_cert(X509Certificate::CreateFromBytes( |
| 203 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); | 203 reinterpret_cast<const char*>(thawte_der), sizeof(thawte_der))); |
| 204 | 204 |
| 205 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert); | 205 ASSERT_NE(static_cast<X509Certificate*>(NULL), thawte_cert.get()); |
| 206 | 206 |
| 207 const CertPrincipal& subject = thawte_cert->subject(); | 207 const CertPrincipal& subject = thawte_cert->subject(); |
| 208 EXPECT_EQ("www.thawte.com", subject.common_name); | 208 EXPECT_EQ("www.thawte.com", subject.common_name); |
| 209 EXPECT_EQ("Mountain View", subject.locality_name); | 209 EXPECT_EQ("Mountain View", subject.locality_name); |
| 210 EXPECT_EQ("California", subject.state_or_province_name); | 210 EXPECT_EQ("California", subject.state_or_province_name); |
| 211 EXPECT_EQ("US", subject.country_name); | 211 EXPECT_EQ("US", subject.country_name); |
| 212 EXPECT_EQ(0U, subject.street_addresses.size()); | 212 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 213 ASSERT_EQ(1U, subject.organization_names.size()); | 213 ASSERT_EQ(1U, subject.organization_names.size()); |
| 214 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); | 214 EXPECT_EQ("Thawte Inc", subject.organization_names[0]); |
| 215 EXPECT_EQ(0U, subject.organization_unit_names.size()); | 215 EXPECT_EQ(0U, subject.organization_unit_names.size()); |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 247 | 247 |
| 248 // Test that all desired AttributeAndValue pairs can be extracted when only | 248 // Test that all desired AttributeAndValue pairs can be extracted when only |
| 249 // a single RelativeDistinguishedName is present. "Normally" there is only | 249 // a single RelativeDistinguishedName is present. "Normally" there is only |
| 250 // one AVA per RDN, but some CAs place all AVAs within a single RDN. | 250 // one AVA per RDN, but some CAs place all AVAs within a single RDN. |
| 251 // This is a regression test for http://crbug.com/101009 | 251 // This is a regression test for http://crbug.com/101009 |
| 252 TEST(X509CertificateTest, MultivalueRDN) { | 252 TEST(X509CertificateTest, MultivalueRDN) { |
| 253 base::FilePath certs_dir = GetTestCertsDirectory(); | 253 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 254 | 254 |
| 255 scoped_refptr<X509Certificate> multivalue_rdn_cert = | 255 scoped_refptr<X509Certificate> multivalue_rdn_cert = |
| 256 ImportCertFromFile(certs_dir, "multivalue_rdn.pem"); | 256 ImportCertFromFile(certs_dir, "multivalue_rdn.pem"); |
| 257 ASSERT_NE(static_cast<X509Certificate*>(NULL), multivalue_rdn_cert); | 257 ASSERT_NE(static_cast<X509Certificate*>(NULL), multivalue_rdn_cert.get()); |
| 258 | 258 |
| 259 const CertPrincipal& subject = multivalue_rdn_cert->subject(); | 259 const CertPrincipal& subject = multivalue_rdn_cert->subject(); |
| 260 EXPECT_EQ("Multivalue RDN Test", subject.common_name); | 260 EXPECT_EQ("Multivalue RDN Test", subject.common_name); |
| 261 EXPECT_EQ("", subject.locality_name); | 261 EXPECT_EQ("", subject.locality_name); |
| 262 EXPECT_EQ("", subject.state_or_province_name); | 262 EXPECT_EQ("", subject.state_or_province_name); |
| 263 EXPECT_EQ("US", subject.country_name); | 263 EXPECT_EQ("US", subject.country_name); |
| 264 EXPECT_EQ(0U, subject.street_addresses.size()); | 264 EXPECT_EQ(0U, subject.street_addresses.size()); |
| 265 ASSERT_EQ(1U, subject.organization_names.size()); | 265 ASSERT_EQ(1U, subject.organization_names.size()); |
| 266 EXPECT_EQ("Chromium", subject.organization_names[0]); | 266 EXPECT_EQ("Chromium", subject.organization_names[0]); |
| 267 ASSERT_EQ(1U, subject.organization_unit_names.size()); | 267 ASSERT_EQ(1U, subject.organization_unit_names.size()); |
| 268 EXPECT_EQ("Chromium net_unittests", subject.organization_unit_names[0]); | 268 EXPECT_EQ("Chromium net_unittests", subject.organization_unit_names[0]); |
| 269 ASSERT_EQ(1U, subject.domain_components.size()); | 269 ASSERT_EQ(1U, subject.domain_components.size()); |
| 270 EXPECT_EQ("Chromium", subject.domain_components[0]); | 270 EXPECT_EQ("Chromium", subject.domain_components[0]); |
| 271 } | 271 } |
| 272 | 272 |
| 273 // Test that characters which would normally be escaped in the string form, | 273 // Test that characters which would normally be escaped in the string form, |
| 274 // such as '=' or '"', are not escaped when parsed as individual components. | 274 // such as '=' or '"', are not escaped when parsed as individual components. |
| 275 // This is a regression test for http://crbug.com/102839 | 275 // This is a regression test for http://crbug.com/102839 |
| 276 TEST(X509CertificateTest, UnescapedSpecialCharacters) { | 276 TEST(X509CertificateTest, UnescapedSpecialCharacters) { |
| 277 base::FilePath certs_dir = GetTestCertsDirectory(); | 277 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 278 | 278 |
| 279 scoped_refptr<X509Certificate> unescaped_cert = | 279 scoped_refptr<X509Certificate> unescaped_cert = |
| 280 ImportCertFromFile(certs_dir, "unescaped.pem"); | 280 ImportCertFromFile(certs_dir, "unescaped.pem"); |
| 281 ASSERT_NE(static_cast<X509Certificate*>(NULL), unescaped_cert); | 281 ASSERT_NE(static_cast<X509Certificate*>(NULL), unescaped_cert.get()); |
| 282 | 282 |
| 283 const CertPrincipal& subject = unescaped_cert->subject(); | 283 const CertPrincipal& subject = unescaped_cert->subject(); |
| 284 EXPECT_EQ("127.0.0.1", subject.common_name); | 284 EXPECT_EQ("127.0.0.1", subject.common_name); |
| 285 EXPECT_EQ("Mountain View", subject.locality_name); | 285 EXPECT_EQ("Mountain View", subject.locality_name); |
| 286 EXPECT_EQ("California", subject.state_or_province_name); | 286 EXPECT_EQ("California", subject.state_or_province_name); |
| 287 EXPECT_EQ("US", subject.country_name); | 287 EXPECT_EQ("US", subject.country_name); |
| 288 ASSERT_EQ(1U, subject.street_addresses.size()); | 288 ASSERT_EQ(1U, subject.street_addresses.size()); |
| 289 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); | 289 EXPECT_EQ("1600 Amphitheatre Parkway", subject.street_addresses[0]); |
| 290 ASSERT_EQ(1U, subject.organization_names.size()); | 290 ASSERT_EQ(1U, subject.organization_names.size()); |
| 291 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); | 291 EXPECT_EQ("Chromium = \"net_unittests\"", subject.organization_names[0]); |
| (...skipping 29 matching lines...) Expand all Loading... |
| 321 paypal_null_cert->serial_number().size()); | 321 paypal_null_cert->serial_number().size()); |
| 322 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), | 322 EXPECT_TRUE(memcmp(paypal_null_cert->serial_number().data(), |
| 323 paypal_null_serial, sizeof(paypal_null_serial)) == 0); | 323 paypal_null_serial, sizeof(paypal_null_serial)) == 0); |
| 324 } | 324 } |
| 325 | 325 |
| 326 TEST(X509CertificateTest, CAFingerprints) { | 326 TEST(X509CertificateTest, CAFingerprints) { |
| 327 base::FilePath certs_dir = GetTestCertsDirectory(); | 327 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 328 | 328 |
| 329 scoped_refptr<X509Certificate> server_cert = | 329 scoped_refptr<X509Certificate> server_cert = |
| 330 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); | 330 ImportCertFromFile(certs_dir, "salesforce_com_test.pem"); |
| 331 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert); | 331 ASSERT_NE(static_cast<X509Certificate*>(NULL), server_cert.get()); |
| 332 | 332 |
| 333 scoped_refptr<X509Certificate> intermediate_cert1 = | 333 scoped_refptr<X509Certificate> intermediate_cert1 = |
| 334 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem"); | 334 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2011.pem"); |
| 335 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1); | 335 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert1.get()); |
| 336 | 336 |
| 337 scoped_refptr<X509Certificate> intermediate_cert2 = | 337 scoped_refptr<X509Certificate> intermediate_cert2 = |
| 338 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem"); | 338 ImportCertFromFile(certs_dir, "verisign_intermediate_ca_2016.pem"); |
| 339 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2); | 339 ASSERT_NE(static_cast<X509Certificate*>(NULL), intermediate_cert2.get()); |
| 340 | 340 |
| 341 X509Certificate::OSCertHandles intermediates; | 341 X509Certificate::OSCertHandles intermediates; |
| 342 intermediates.push_back(intermediate_cert1->os_cert_handle()); | 342 intermediates.push_back(intermediate_cert1->os_cert_handle()); |
| 343 scoped_refptr<X509Certificate> cert_chain1 = | 343 scoped_refptr<X509Certificate> cert_chain1 = |
| 344 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), | 344 X509Certificate::CreateFromHandle(server_cert->os_cert_handle(), |
| 345 intermediates); | 345 intermediates); |
| 346 | 346 |
| 347 intermediates.clear(); | 347 intermediates.clear(); |
| 348 intermediates.push_back(intermediate_cert2->os_cert_handle()); | 348 intermediates.push_back(intermediate_cert2->os_cert_handle()); |
| 349 scoped_refptr<X509Certificate> cert_chain2 = | 349 scoped_refptr<X509Certificate> cert_chain2 = |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 449 cert_chain2_chain_fingerprint_256, 32) == 0); | 449 cert_chain2_chain_fingerprint_256, 32) == 0); |
| 450 EXPECT_TRUE(memcmp(chain_fingerprint_256_3.data, | 450 EXPECT_TRUE(memcmp(chain_fingerprint_256_3.data, |
| 451 cert_chain3_chain_fingerprint_256, 32) == 0); | 451 cert_chain3_chain_fingerprint_256, 32) == 0); |
| 452 } | 452 } |
| 453 | 453 |
| 454 TEST(X509CertificateTest, ParseSubjectAltNames) { | 454 TEST(X509CertificateTest, ParseSubjectAltNames) { |
| 455 base::FilePath certs_dir = GetTestCertsDirectory(); | 455 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 456 | 456 |
| 457 scoped_refptr<X509Certificate> san_cert = | 457 scoped_refptr<X509Certificate> san_cert = |
| 458 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); | 458 ImportCertFromFile(certs_dir, "subjectAltName_sanity_check.pem"); |
| 459 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert); | 459 ASSERT_NE(static_cast<X509Certificate*>(NULL), san_cert.get()); |
| 460 | 460 |
| 461 std::vector<std::string> dns_names; | 461 std::vector<std::string> dns_names; |
| 462 std::vector<std::string> ip_addresses; | 462 std::vector<std::string> ip_addresses; |
| 463 san_cert->GetSubjectAltName(&dns_names, &ip_addresses); | 463 san_cert->GetSubjectAltName(&dns_names, &ip_addresses); |
| 464 | 464 |
| 465 // Ensure that DNS names are correctly parsed. | 465 // Ensure that DNS names are correctly parsed. |
| 466 ASSERT_EQ(1U, dns_names.size()); | 466 ASSERT_EQ(1U, dns_names.size()); |
| 467 EXPECT_EQ("test.example", dns_names[0]); | 467 EXPECT_EQ("test.example", dns_names[0]); |
| 468 | 468 |
| 469 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. | 469 // Ensure that both IPv4 and IPv6 addresses are correctly parsed. |
| (...skipping 16 matching lines...) Expand all Loading... |
| 486 | 486 |
| 487 // Ensure the subjectAltName dirName has not influenced the handling of | 487 // Ensure the subjectAltName dirName has not influenced the handling of |
| 488 // the subject commonName. | 488 // the subject commonName. |
| 489 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); | 489 EXPECT_EQ("127.0.0.1", san_cert->subject().common_name); |
| 490 } | 490 } |
| 491 | 491 |
| 492 TEST(X509CertificateTest, ExtractSPKIFromDERCert) { | 492 TEST(X509CertificateTest, ExtractSPKIFromDERCert) { |
| 493 base::FilePath certs_dir = GetTestCertsDirectory(); | 493 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 494 scoped_refptr<X509Certificate> cert = | 494 scoped_refptr<X509Certificate> cert = |
| 495 ImportCertFromFile(certs_dir, "nist.der"); | 495 ImportCertFromFile(certs_dir, "nist.der"); |
| 496 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); | 496 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert.get()); |
| 497 | 497 |
| 498 std::string derBytes; | 498 std::string derBytes; |
| 499 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), | 499 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), |
| 500 &derBytes)); | 500 &derBytes)); |
| 501 | 501 |
| 502 base::StringPiece spkiBytes; | 502 base::StringPiece spkiBytes; |
| 503 EXPECT_TRUE(asn1::ExtractSPKIFromDERCert(derBytes, &spkiBytes)); | 503 EXPECT_TRUE(asn1::ExtractSPKIFromDERCert(derBytes, &spkiBytes)); |
| 504 | 504 |
| 505 uint8 hash[base::kSHA1Length]; | 505 uint8 hash[base::kSHA1Length]; |
| 506 base::SHA1HashBytes(reinterpret_cast<const uint8*>(spkiBytes.data()), | 506 base::SHA1HashBytes(reinterpret_cast<const uint8*>(spkiBytes.data()), |
| 507 spkiBytes.size(), hash); | 507 spkiBytes.size(), hash); |
| 508 | 508 |
| 509 EXPECT_EQ(0, memcmp(hash, kNistSPKIHash, sizeof(hash))); | 509 EXPECT_EQ(0, memcmp(hash, kNistSPKIHash, sizeof(hash))); |
| 510 } | 510 } |
| 511 | 511 |
| 512 TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { | 512 TEST(X509CertificateTest, ExtractCRLURLsFromDERCert) { |
| 513 base::FilePath certs_dir = GetTestCertsDirectory(); | 513 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 514 scoped_refptr<X509Certificate> cert = | 514 scoped_refptr<X509Certificate> cert = |
| 515 ImportCertFromFile(certs_dir, "nist.der"); | 515 ImportCertFromFile(certs_dir, "nist.der"); |
| 516 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); | 516 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert.get()); |
| 517 | 517 |
| 518 std::string derBytes; | 518 std::string derBytes; |
| 519 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), | 519 EXPECT_TRUE(X509Certificate::GetDEREncoded(cert->os_cert_handle(), |
| 520 &derBytes)); | 520 &derBytes)); |
| 521 | 521 |
| 522 std::vector<base::StringPiece> crl_urls; | 522 std::vector<base::StringPiece> crl_urls; |
| 523 EXPECT_TRUE(asn1::ExtractCRLURLsFromDERCert(derBytes, &crl_urls)); | 523 EXPECT_TRUE(asn1::ExtractCRLURLsFromDERCert(derBytes, &crl_urls)); |
| 524 | 524 |
| 525 EXPECT_EQ(1u, crl_urls.size()); | 525 EXPECT_EQ(1u, crl_urls.size()); |
| 526 if (crl_urls.size() > 0) { | 526 if (crl_urls.size() > 0) { |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 596 X509Certificate::FreeOSCertHandle(google_cert_handle); | 596 X509Certificate::FreeOSCertHandle(google_cert_handle); |
| 597 X509Certificate::FreeOSCertHandle(thawte_cert_handle); | 597 X509Certificate::FreeOSCertHandle(thawte_cert_handle); |
| 598 | 598 |
| 599 Pickle pickle; | 599 Pickle pickle; |
| 600 cert->Persist(&pickle); | 600 cert->Persist(&pickle); |
| 601 | 601 |
| 602 PickleIterator iter(pickle); | 602 PickleIterator iter(pickle); |
| 603 scoped_refptr<X509Certificate> cert_from_pickle = | 603 scoped_refptr<X509Certificate> cert_from_pickle = |
| 604 X509Certificate::CreateFromPickle( | 604 X509Certificate::CreateFromPickle( |
| 605 pickle, &iter, X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V3); | 605 pickle, &iter, X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V3); |
| 606 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert_from_pickle); | 606 ASSERT_NE(static_cast<X509Certificate*>(NULL), cert_from_pickle.get()); |
| 607 EXPECT_TRUE(X509Certificate::IsSameOSCert( | 607 EXPECT_TRUE(X509Certificate::IsSameOSCert( |
| 608 cert->os_cert_handle(), cert_from_pickle->os_cert_handle())); | 608 cert->os_cert_handle(), cert_from_pickle->os_cert_handle())); |
| 609 const X509Certificate::OSCertHandles& cert_intermediates = | 609 const X509Certificate::OSCertHandles& cert_intermediates = |
| 610 cert->GetIntermediateCertificates(); | 610 cert->GetIntermediateCertificates(); |
| 611 const X509Certificate::OSCertHandles& pickle_intermediates = | 611 const X509Certificate::OSCertHandles& pickle_intermediates = |
| 612 cert_from_pickle->GetIntermediateCertificates(); | 612 cert_from_pickle->GetIntermediateCertificates(); |
| 613 ASSERT_EQ(cert_intermediates.size(), pickle_intermediates.size()); | 613 ASSERT_EQ(cert_intermediates.size(), pickle_intermediates.size()); |
| 614 for (size_t i = 0; i < cert_intermediates.size(); ++i) { | 614 for (size_t i = 0; i < cert_intermediates.size(); ++i) { |
| 615 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert_intermediates[i], | 615 EXPECT_TRUE(X509Certificate::IsSameOSCert(cert_intermediates[i], |
| 616 pickle_intermediates[i])); | 616 pickle_intermediates[i])); |
| (...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 759 // Cleanup | 759 // Cleanup |
| 760 X509Certificate::FreeOSCertHandle(google_handle); | 760 X509Certificate::FreeOSCertHandle(google_handle); |
| 761 } | 761 } |
| 762 | 762 |
| 763 TEST(X509CertificateTest, IsIssuedByEncoded) { | 763 TEST(X509CertificateTest, IsIssuedByEncoded) { |
| 764 base::FilePath certs_dir = GetTestCertsDirectory(); | 764 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 765 | 765 |
| 766 // Test a client certificate from MIT. | 766 // Test a client certificate from MIT. |
| 767 scoped_refptr<X509Certificate> mit_davidben_cert( | 767 scoped_refptr<X509Certificate> mit_davidben_cert( |
| 768 ImportCertFromFile(certs_dir, "mit.davidben.der")); | 768 ImportCertFromFile(certs_dir, "mit.davidben.der")); |
| 769 ASSERT_NE(static_cast<X509Certificate*>(NULL), mit_davidben_cert); | 769 ASSERT_NE(static_cast<X509Certificate*>(NULL), mit_davidben_cert.get()); |
| 770 | 770 |
| 771 std::string mit_issuer(reinterpret_cast<const char*>(MITDN), | 771 std::string mit_issuer(reinterpret_cast<const char*>(MITDN), |
| 772 sizeof(MITDN)); | 772 sizeof(MITDN)); |
| 773 | 773 |
| 774 // Test a certificate from Google, issued by Thawte | 774 // Test a certificate from Google, issued by Thawte |
| 775 scoped_refptr<X509Certificate> google_cert( | 775 scoped_refptr<X509Certificate> google_cert( |
| 776 ImportCertFromFile(certs_dir, "google.single.der")); | 776 ImportCertFromFile(certs_dir, "google.single.der")); |
| 777 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert); | 777 ASSERT_NE(static_cast<X509Certificate*>(NULL), google_cert.get()); |
| 778 | 778 |
| 779 std::string thawte_issuer(reinterpret_cast<const char*>(ThawteDN), | 779 std::string thawte_issuer(reinterpret_cast<const char*>(ThawteDN), |
| 780 sizeof(ThawteDN)); | 780 sizeof(ThawteDN)); |
| 781 | 781 |
| 782 // Check that the David Ben certificate is issued by MIT, but not | 782 // Check that the David Ben certificate is issued by MIT, but not |
| 783 // by Thawte. | 783 // by Thawte. |
| 784 std::vector<std::string> issuers; | 784 std::vector<std::string> issuers; |
| 785 issuers.clear(); | 785 issuers.clear(); |
| 786 issuers.push_back(mit_issuer); | 786 issuers.push_back(mit_issuer); |
| 787 EXPECT_TRUE(mit_davidben_cert->IsIssuedByEncoded(issuers)); | 787 EXPECT_TRUE(mit_davidben_cert->IsIssuedByEncoded(issuers)); |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 869 TEST(X509CertificateTest, FreeNullHandle) { | 869 TEST(X509CertificateTest, FreeNullHandle) { |
| 870 X509Certificate::FreeOSCertHandle(NULL); | 870 X509Certificate::FreeOSCertHandle(NULL); |
| 871 } | 871 } |
| 872 | 872 |
| 873 #if defined(USE_NSS) | 873 #if defined(USE_NSS) |
| 874 TEST(X509CertificateTest, GetDefaultNickname) { | 874 TEST(X509CertificateTest, GetDefaultNickname) { |
| 875 base::FilePath certs_dir = GetTestCertsDirectory(); | 875 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 876 | 876 |
| 877 scoped_refptr<X509Certificate> test_cert( | 877 scoped_refptr<X509Certificate> test_cert( |
| 878 ImportCertFromFile(certs_dir, "no_subject_common_name_cert.pem")); | 878 ImportCertFromFile(certs_dir, "no_subject_common_name_cert.pem")); |
| 879 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); | 879 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert.get()); |
| 880 | 880 |
| 881 std::string nickname = test_cert->GetDefaultNickname(USER_CERT); | 881 std::string nickname = test_cert->GetDefaultNickname(USER_CERT); |
| 882 EXPECT_EQ("wtc@google.com's COMODO Client Authentication and " | 882 EXPECT_EQ("wtc@google.com's COMODO Client Authentication and " |
| 883 "Secure Email CA ID", nickname); | 883 "Secure Email CA ID", nickname); |
| 884 } | 884 } |
| 885 #endif | 885 #endif |
| 886 | 886 |
| 887 const struct CertificateFormatTestData { | 887 const struct CertificateFormatTestData { |
| 888 const char* file_name; | 888 const char* file_name; |
| 889 X509Certificate::Format format; | 889 X509Certificate::Format format; |
| (...skipping 377 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1267 &actual_type); | 1267 &actual_type); |
| 1268 | 1268 |
| 1269 EXPECT_EQ(data.expected_bits, actual_bits); | 1269 EXPECT_EQ(data.expected_bits, actual_bits); |
| 1270 EXPECT_EQ(data.expected_type, actual_type); | 1270 EXPECT_EQ(data.expected_type, actual_type); |
| 1271 } | 1271 } |
| 1272 | 1272 |
| 1273 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, | 1273 INSTANTIATE_TEST_CASE_P(, X509CertificatePublicKeyInfoTest, |
| 1274 testing::ValuesIn(kPublicKeyInfoTestData)); | 1274 testing::ValuesIn(kPublicKeyInfoTestData)); |
| 1275 | 1275 |
| 1276 } // namespace net | 1276 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 503163002:
Remove implicit conversions from scoped_refptr to T* in net/cert/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master