Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(86)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_verify_proc_unittest.cc

Issue 10883012: net: don't crash when processing a certificate with an unknown public key. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 8 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/x509_certificate_openssl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/cert_verify_proc.h" 5 #include "net/base/cert_verify_proc.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/file_path.h" 9 #include "base/file_path.h"
10 #include "base/string_number_conversions.h" 10 #include "base/string_number_conversions.h"
(...skipping 205 matching lines...) Expand 10 before | Expand all | Expand 10 after
216 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED | 216 int flags = CertVerifier::VERIFY_REV_CHECKING_ENABLED |
217 CertVerifier::VERIFY_EV_CERT; 217 CertVerifier::VERIFY_EV_CERT;
218 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL, 218 int error = Verify(cert_chain, "2029.globalsign.com", flags, NULL,
219 &verify_result); 219 &verify_result);
220 if (error == OK) 220 if (error == OK)
221 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV); 221 EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_IS_EV);
222 else 222 else
223 EXPECT_EQ(ERR_CERT_DATE_INVALID, error); 223 EXPECT_EQ(ERR_CERT_DATE_INVALID, error);
224 } 224 }
225 225
226 // Test that verifying an ECDSA certificate doesn't crash on XP. (See
227 // crbug.com/144466).
228 TEST_F(CertVerifyProcTest, ECDSA_RSA) {
229 FilePath certs_dir = GetTestCertsDirectory();
230
231 scoped_refptr<X509Certificate> cert =
232 ImportCertFromFile(certs_dir,
233 "prime256v1-ecdsa-ee-by-1024-rsa-intermediate.pem");
234
235 CertVerifyResult verify_result;
236 Verify(cert, "127.0.0.1", 0, NULL, &verify_result);
237
238 // We don't check verify_result because the certificate is signed by an
239 // unknown CA and will be considered invalid on XP because of the ECDSA
240 // public key.
241 }
242
226 // Currently, only RSA and DSA keys are checked for weakness, and our example 243 // Currently, only RSA and DSA keys are checked for weakness, and our example
227 // weak size is 768. These could change in the future. 244 // weak size is 768. These could change in the future.
228 // 245 //
229 // Note that this means there may be false negatives: keys for other 246 // Note that this means there may be false negatives: keys for other
230 // algorithms and which are weak will pass this test. 247 // algorithms and which are weak will pass this test.
231 static bool IsWeakKeyType(const std::string& key_type) { 248 static bool IsWeakKeyType(const std::string& key_type) {
232 size_t pos = key_type.find("-"); 249 size_t pos = key_type.find("-");
233 std::string size = key_type.substr(0, pos); 250 std::string size = key_type.substr(0, pos);
234 std::string type = key_type.substr(pos + 1); 251 std::string type = key_type.substr(pos + 1);
235 252
(...skipping 729 matching lines...) Expand 10 before | Expand all | Expand 10 after
965 #define MAYBE_VerifyMixed DISABLED_VerifyMixed 982 #define MAYBE_VerifyMixed DISABLED_VerifyMixed
966 #else 983 #else
967 #define MAYBE_VerifyMixed VerifyMixed 984 #define MAYBE_VerifyMixed VerifyMixed
968 #endif 985 #endif
969 WRAPPED_INSTANTIATE_TEST_CASE_P( 986 WRAPPED_INSTANTIATE_TEST_CASE_P(
970 MAYBE_VerifyMixed, 987 MAYBE_VerifyMixed,
971 CertVerifyProcWeakDigestTest, 988 CertVerifyProcWeakDigestTest,
972 testing::ValuesIn(kVerifyMixedTestData)); 989 testing::ValuesIn(kVerifyMixedTestData));
973 990
974 } // namespace net 991 } // namespace net
OLDNEW
« no previous file with comments | « no previous file | net/base/x509_certificate_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698