net: don't crash when processing a certificate with an unknown public key.

net/base/cert_verify_proc_unittest.cc

Index: net/base/cert_verify_proc_unittest.cc
diff --git a/net/base/cert_verify_proc_unittest.cc b/net/base/cert_verify_proc_unittest.cc
index 30bf28057c014d8fd05cde623aca973883fd8e37..5dd7cdb98be403a93b3dd59abb699cc6f9d7aa18 100644
--- a/net/base/cert_verify_proc_unittest.cc
+++ b/net/base/cert_verify_proc_unittest.cc
@@ -223,6 +223,21 @@ TEST_F(CertVerifyProcTest, DISABLED_GlobalSignR3EVTest) {
     EXPECT_EQ(ERR_CERT_DATE_INVALID, error);
 }
 
+TEST_F(CertVerifyProcTest, ECDSA_RSA) {
+  FilePath certs_dir = GetTestCertsDirectory();
+
+  scoped_refptr<X509Certificate> cert =
+      ImportCertFromFile(certs_dir, "ecdsa_rsa_test.pem");
+
+  CertVerifyResult verify_result;
+  Verify(cert, "test2.imperialviolet.org", 0, NULL, &verify_result);

[Ryan Sleevi, 2012/08/23 20:48:59]

You should be able to use one of the existing auto-generated ECDSA certs - eg:
2048-rsa-ee-by-prime256v1-ecdsa

We disable these checks on Win XP (line 272 below), but you can still re-use the
data files.

[agl, 2012/08/24 13:46:17]

Thanks for pointing them out. Done.

+
+  // We don't check verify_result because the certificate is signed by an
+  // unknown CA and will be considered invalid on XP because of the ECDSA
+  // public key. However, this test ensures that we don't crash (see
+  // crbug.com/144466).

[Ryan Sleevi, 2012/08/23 20:48:59]

Per the rest of the file, move the description of the test to right before the
TEST_F line (line 225)

[agl, 2012/08/24 13:46:17]

Done.

+}
+
 // Currently, only RSA and DSA keys are checked for weakness, and our example
 // weak size is 768. These could change in the future.
 //