Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(177)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_verify_proc_unittest.cc

Issue 10879097: Merge 153220 - net: don't crash when processing a certificate with an unknown public key. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1229/src/
Patch Set: Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/x509_certificate_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/cert_verify_proc.h" 5 #include "net/base/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/file_path.h" 9 #include "base/file_path.h"
10 #include "base/string_number_conversions.h" 10 #include "base/string_number_conversions.h"
(...skipping 204 matching lines...) Expand 10 before | Expand all | Expand 10 after
215 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED | 215 int flags = X509Certificate::VERIFY_REV_CHECKING_ENABLED |
216 X509Certificate::VERIFY_EV_CERT; 216 X509Certificate::VERIFY_EV_CERT;
217 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL, 217 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL,
218 &verify_result); 218 &verify_result);
219 if (error == OK) 219 if (error == OK)
220 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); 220 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV);
221 else 221 else
222 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); 222 EXPECT_EQ(ERR_CERT_DATE_INVALID, error);
223 } 223 }
224 224
225 // Test that verifying an ECDSA certificate doesn't crash on XP. (See
226 // crbug.com/144466).
227 TEST_F(CertVerifyProcTest, ECDSA_RSA) {
228 FilePath certs_dir = GetTestCertsDirectory();
229
230 scoped_refptr<X509Certificate> cert =
231 ImportCertFromFile(certs_dir,
232 "prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem");
233
234 CertVerifyResult verify_result;
235 Verify(cert, "127.0.0.1", 0, NULL, &verify_result);
236
237 // We don't check verify_result because the certificate is signed by an
238 // unknown CA and will be considered invalid on XP because of the ECDSA
239 // public key.
240 }
241
225 // Currently, only RSA and DSA keys are checked for weakness, and our example 242 // Currently, only RSA and DSA keys are checked for weakness, and our example
226 // weak size is 768. These could change in the future. 243 // weak size is 768. These could change in the future.
227 // 244 //
228 // Note that this means there may be false negatives: keys for other 245 // Note that this means there may be false negatives: keys for other
229 // algorithms and which are weak will pass this test. 246 // algorithms and which are weak will pass this test.
230 static bool IsWeakKeyType(const std::string& key_type) { 247 static bool IsWeakKeyType(const std::string& key_type) {
231 size_t pos = key_type.find("-"); 248 size_t pos = key_type.find("-");
232 std::string size = key_type.substr(0, pos); 249 std::string size = key_type.substr(0, pos);
233 std::string type = key_type.substr(pos + 1); 250 std::string type = key_type.substr(pos + 1);
234 251
(...skipping 729 matching lines...) Expand 10 before | Expand all | Expand 10 after
964 #define MAYBE_VerifyMixed DISABLED_VerifyMixed 981 #define MAYBE_VerifyMixed DISABLED_VerifyMixed
965 #else 982 #else
966 #define MAYBE_VerifyMixed VerifyMixed 983 #define MAYBE_VerifyMixed VerifyMixed
967 #endif 984 #endif
968 WRAPPED_INSTANTIATE_TEST_CASE_P( 985 WRAPPED_INSTANTIATE_TEST_CASE_P(
969 MAYBE_VerifyMixed, 986 MAYBE_VerifyMixed,
970 CertVerifyProcWeakDigestTest, 987 CertVerifyProcWeakDigestTest,
971 testing::ValuesIn(kVerifyMixedTestData)); 988 testing::ValuesIn(kVerifyMixedTestData));
972 989
973 } // namespace net 990 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/base/x509_certificate_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698