Index: net/cert/cert_verify_proc_unittest.cc |
diff --git a/net/cert/cert_verify_proc_unittest.cc b/net/cert/cert_verify_proc_unittest.cc |
index 533d6d844109505b9ec361dafa05bb6d83500779..5e139771c66792b34ff7f1861ed653df1a0f430e 100644 |
--- a/net/cert/cert_verify_proc_unittest.cc |
+++ b/net/cert/cert_verify_proc_unittest.cc |
@@ -558,7 +558,7 @@ TEST_F(CertVerifyProcTest, NameConstraintsOk) { |
ScopedTestRoot test_root(ca_cert_list[0].get()); |
CertificateList cert_list = CreateCertificateListFromFile( |
- GetTestCertsDirectory(), "name_constraint_ok.crt", |
+ GetTestCertsDirectory(), "name_constraint_good.pem", |
X509Certificate::FORMAT_AUTO); |
ASSERT_EQ(1U, cert_list.size()); |
@@ -593,7 +593,7 @@ TEST_F(CertVerifyProcTest, NameConstraintsFailure) { |
ScopedTestRoot test_root(ca_cert_list[0].get()); |
CertificateList cert_list = CreateCertificateListFromFile( |
- GetTestCertsDirectory(), "name_constraint_bad.crt", |
+ GetTestCertsDirectory(), "name_constraint_bad.pem", |
X509Certificate::FORMAT_AUTO); |
ASSERT_EQ(1U, cert_list.size()); |
@@ -1150,53 +1150,6 @@ TEST_F(CertVerifyProcTest, CybertrustGTERoot) { |
#endif |
#if defined(USE_NSS) || defined(OS_IOS) || defined(OS_WIN) || defined(OS_MACOSX) |
-static const uint8 kCRLSetLeafSPKIBlocked[] = { |
- 0x8e, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a, |
- 0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, |
- 0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22, |
- 0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22, |
- 0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c, |
- 0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a, |
- 0x30, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b, |
- 0x49, 0x73, 0x22, 0x3a, 0x5b, 0x22, 0x43, 0x38, 0x4d, 0x4a, 0x46, 0x55, 0x55, |
- 0x5a, 0x38, 0x43, 0x79, 0x54, 0x2b, 0x4e, 0x57, 0x64, 0x68, 0x69, 0x7a, 0x51, |
- 0x68, 0x54, 0x49, 0x65, 0x46, 0x49, 0x37, 0x76, 0x41, 0x77, 0x7a, 0x64, 0x54, |
- 0x79, 0x52, 0x59, 0x45, 0x6e, 0x78, 0x6c, 0x33, 0x62, 0x67, 0x3d, 0x22, 0x5d, |
- 0x7d, |
-}; |
- |
-static const uint8 kCRLSetLeafSerialBlocked[] = { |
- 0x60, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a, |
- 0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, |
- 0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22, |
- 0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22, |
- 0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c, |
- 0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a, |
- 0x31, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b, |
- 0x49, 0x73, 0x22, 0x3a, 0x5b, 0x5d, 0x7d, 0x0f, 0x87, 0xe4, 0xc7, 0x75, 0xea, |
- 0x46, 0x7e, 0xf3, 0xfd, 0x82, 0xb7, 0x46, 0x7b, 0x10, 0xda, 0xc5, 0xbf, 0xd8, |
- 0xd1, 0x29, 0xb2, 0xc6, 0xac, 0x7f, 0x51, 0x42, 0x15, 0x28, 0x51, 0x06, 0x7f, |
- 0x01, 0x00, 0x00, 0x00, // number of serials |
- 0x01, 0xed, // serial 0xed |
-}; |
- |
-static const uint8 kCRLSetQUICSerialBlocked[] = { |
- 0x60, 0x00, 0x7b, 0x22, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x22, 0x3a, |
- 0x30, 0x2c, 0x22, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x54, 0x79, 0x70, |
- 0x65, 0x22, 0x3a, 0x22, 0x43, 0x52, 0x4c, 0x53, 0x65, 0x74, 0x22, 0x2c, 0x22, |
- 0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65, 0x22, 0x3a, 0x30, 0x2c, 0x22, |
- 0x44, 0x65, 0x6c, 0x74, 0x61, 0x46, 0x72, 0x6f, 0x6d, 0x22, 0x3a, 0x30, 0x2c, |
- 0x22, 0x4e, 0x75, 0x6d, 0x50, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x73, 0x22, 0x3a, |
- 0x31, 0x2c, 0x22, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x65, 0x64, 0x53, 0x50, 0x4b, |
- 0x49, 0x73, 0x22, 0x3a, 0x5b, 0x5d, 0x7d, |
- // Issuer SPKI SHA-256 hash: |
- 0xe4, 0x3a, 0xa3, 0xdb, 0x98, 0x31, 0x61, 0x05, 0xdd, 0x57, 0x6d, 0xc6, 0x2f, |
- 0x71, 0x26, 0xba, 0xdd, 0xf4, 0x98, 0x3e, 0x62, 0x22, 0xf8, 0xf9, 0xe4, 0x18, |
- 0x62, 0x77, 0x79, 0xdb, 0x9b, 0x31, |
- 0x01, 0x00, 0x00, 0x00, // number of serials |
- 0x01, 0x03, // serial 3 |
-}; |
- |
// Test that CRLSets are effective in making a certificate appear to be |
// revoked. |
TEST_F(CertVerifyProcTest, CRLSet) { |
@@ -1219,11 +1172,13 @@ TEST_F(CertVerifyProcTest, CRLSet) { |
EXPECT_EQ(OK, error); |
EXPECT_EQ(0U, verify_result.cert_status); |
- // First test blocking by SPKI. |
- base::StringPiece crl_set_bytes( |
- reinterpret_cast<const char*>(kCRLSetLeafSPKIBlocked), |
- sizeof(kCRLSetLeafSPKIBlocked)); |
scoped_refptr<CRLSet> crl_set; |
+ std::string crl_set_bytes; |
+ |
+ // First test blocking by SPKI. |
+ EXPECT_TRUE(base::ReadFileToString( |
+ GetTestCertsDirectory().AppendASCII("crlset_by_leaf_spki.raw"), |
+ &crl_set_bytes)); |
ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); |
error = Verify(cert.get(), |
@@ -1236,9 +1191,10 @@ TEST_F(CertVerifyProcTest, CRLSet) { |
// Second, test revocation by serial number of a cert directly under the |
// root. |
- crl_set_bytes = |
- base::StringPiece(reinterpret_cast<const char*>(kCRLSetLeafSerialBlocked), |
- sizeof(kCRLSetLeafSerialBlocked)); |
+ crl_set_bytes.clear(); |
+ EXPECT_TRUE(base::ReadFileToString( |
+ GetTestCertsDirectory().AppendASCII("crlset_by_root_serial.raw"), |
+ &crl_set_bytes)); |
ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); |
error = Verify(cert.get(), |
@@ -1288,9 +1244,10 @@ TEST_F(CertVerifyProcTest, CRLSetLeafSerial) { |
// Test revocation by serial number of a certificate not under the root. |
scoped_refptr<CRLSet> crl_set; |
- base::StringPiece crl_set_bytes = |
- base::StringPiece(reinterpret_cast<const char*>(kCRLSetQUICSerialBlocked), |
- sizeof(kCRLSetQUICSerialBlocked)); |
+ std::string crl_set_bytes; |
+ ASSERT_TRUE(base::ReadFileToString( |
+ GetTestCertsDirectory().AppendASCII("crlset_by_intermediate_serial.raw"), |
+ &crl_set_bytes)); |
ASSERT_TRUE(CRLSetStorage::Parse(crl_set_bytes, &crl_set)); |
error = Verify(leaf.get(), |