OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/cert_verify_proc.h" | 5 #include "net/base/cert_verify_proc.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/file_path.h" | 9 #include "base/file_path.h" |
10 #include "base/string_number_conversions.h" | 10 #include "base/string_number_conversions.h" |
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
216 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED | | 216 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED | |
217 CertVerifier::VERIFY_EV_CERT; | 217 CertVerifier::VERIFY_EV_CERT; |
218 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL, | 218 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL, |
219 &verify_result); | 219 &verify_result); |
220 if (error == OK) | 220 if (error == OK) |
221 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); | 221 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); |
222 else | 222 else |
223 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); | 223 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); |
224 } | 224 } |
225 | 225 |
226 TEST_F(CertVerifyProcTest, ECDSA_RSA) { | |
227 FilePath certs_dir = GetTestCertsDirectory(); | |
228 | |
229 scoped_refptr<X509Certificate> cert = | |
230 ImportCertFromFile(certs_dir, "ecdsa_rsa_test.pem"); | |
231 | |
232 CertVerifyResult verify_result; | |
233 Verify(cert, "test2.imperialviolet.org", 0, NULL, &verify_result); | |
Ryan Sleevi
2012/08/23 20:48:59
You should be able to use one of the existing auto
agl
2012/08/24 13:46:17
Thanks for pointing them out. Done.
| |
234 | |
235 // We don't check verify_result because the certificate is signed by an | |
236 // unknown CA and will be considered invalid on XP because of the ECDSA | |
237 // public key. However, this test ensures that we don't crash (see | |
238 // crbug.com/144466). | |
Ryan Sleevi
2012/08/23 20:48:59
Per the rest of the file, move the description of
agl
2012/08/24 13:46:17
Done.
| |
239 } | |
240 | |
226 // Currently, only RSA and DSA keys are checked for weakness, and our example | 241 // Currently, only RSA and DSA keys are checked for weakness, and our example |
227 // weak size is 768. These could change in the future. | 242 // weak size is 768. These could change in the future. |
228 // | 243 // |
229 // Note that this means there may be false negatives: keys for other | 244 // Note that this means there may be false negatives: keys for other |
230 // algorithms and which are weak will pass this test. | 245 // algorithms and which are weak will pass this test. |
231 static bool IsWeakKeyType(const std::string& key_type) { | 246 static bool IsWeakKeyType(const std::string& key_type) { |
232 size_t pos = key_type.find("-"); | 247 size_t pos = key_type.find("-"); |
233 std::string size = key_type.substr(0, pos); | 248 std::string size = key_type.substr(0, pos); |
234 std::string type = key_type.substr(pos + 1); | 249 std::string type = key_type.substr(pos + 1); |
235 | 250 |
(...skipping 729 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
965 #define MAYBE_VerifyMixed DISABLED_VerifyMixed | 980 #define MAYBE_VerifyMixed DISABLED_VerifyMixed |
966 #else | 981 #else |
967 #define MAYBE_VerifyMixed VerifyMixed | 982 #define MAYBE_VerifyMixed VerifyMixed |
968 #endif | 983 #endif |
969 WRAPPED_INSTANTIATE_TEST_CASE_P( | 984 WRAPPED_INSTANTIATE_TEST_CASE_P( |
970 MAYBE_VerifyMixed, | 985 MAYBE_VerifyMixed, |
971 CertVerifyProcWeakDigestTest, | 986 CertVerifyProcWeakDigestTest, |
972 testing::ValuesIn(kVerifyMixedTestData)); | 987 testing::ValuesIn(kVerifyMixedTestData)); |
973 | 988 |
974 } // namespace net | 989 } // namespace net |
OLD | NEW |