Index: net/base/x509_certificate_unittest.cc |
diff --git a/net/base/x509_certificate_unittest.cc b/net/base/x509_certificate_unittest.cc |
index 53a131f148c2fded62a24480975967b5e6971fb2..f1bdba155ebc3a1086fe172bfa8bf994f460f2d4 100644 |
--- a/net/base/x509_certificate_unittest.cc |
+++ b/net/base/x509_certificate_unittest.cc |
@@ -481,6 +481,20 @@ TEST(X509CertificateTest, IntermediateCARequireExplicitPolicy) { |
root_certs->Clear(); |
} |
+TEST(X509CertificateTest, TestProbablyMITMCert) { |
wtc
2011/04/06 04:28:38
Please document when this certificate will expire.
agl
2011/04/06 19:02:02
Done.
|
+ FilePath certs_dir = GetTestCertsDirectory(); |
+ scoped_refptr<X509Certificate> cert = |
+ ImportCertFromFile(certs_dir, "nist.der"); |
+ ASSERT_NE(static_cast<X509Certificate*>(NULL), cert); |
+ |
+ int flags = 0; |
+ CertVerifyResult verify_result; |
+ int error = cert->Verify("www.nist.gov", flags, &verify_result); |
+ EXPECT_EQ(OK, error); |
+ EXPECT_EQ(0, verify_result.cert_status); |
+ EXPECT_FALSE(verify_result.is_probably_mitm_cert); |
+} |
+ |
// A regression test for http://crbug.com/70293. |
// The Key Usage extension in this RSA SSL server certificate does not have |
// the keyEncipherment bit. |