Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(80)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/test_root_certs_unittest.cc

Issue 17948002: Update Linux to use scoped_refptr<T>::get() rather than implicit "operator T*" (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebased Created 7 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/nss_cert_database.cc ('k') | net/cert/x509_certificate.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/files/file_path.h" 5 #include "base/files/file_path.h"
6 #include "build/build_config.h" 6 #include "build/build_config.h"
7 #include "net/base/net_errors.h" 7 #include "net/base/net_errors.h"
8 #include "net/base/test_data_directory.h" 8 #include "net/base/test_data_directory.h"
9 #include "net/cert/cert_status_flags.h" 9 #include "net/cert/cert_status_flags.h"
10 #include "net/cert/cert_verify_proc.h" 10 #include "net/cert/cert_verify_proc.h"
(...skipping 15 matching lines...) Expand all
26 const char kRootCertificateFile[] = "root_ca_cert.pem"; 26 const char kRootCertificateFile[] = "root_ca_cert.pem";
27 // A certificate issued by the local test root for 127.0.0.1. 27 // A certificate issued by the local test root for 127.0.0.1.
28 const char kGoodCertificateFile[] = "ok_cert.pem"; 28 const char kGoodCertificateFile[] = "ok_cert.pem";
29 29
30 } // namespace 30 } // namespace
31 31
32 // Test basic functionality when adding from an existing X509Certificate. 32 // Test basic functionality when adding from an existing X509Certificate.
33 TEST(TestRootCertsTest, AddFromPointer) { 33 TEST(TestRootCertsTest, AddFromPointer) {
34 scoped_refptr<X509Certificate> root_cert = 34 scoped_refptr<X509Certificate> root_cert =
35 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile); 35 ImportCertFromFile(GetTestCertsDirectory(), kRootCertificateFile);
36 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert); 36 ASSERT_NE(static_cast<X509Certificate*>(NULL), root_cert.get());
37 37
38 TestRootCerts* test_roots = TestRootCerts::GetInstance(); 38 TestRootCerts* test_roots = TestRootCerts::GetInstance();
39 ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots); 39 ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots);
40 EXPECT_TRUE(test_roots->IsEmpty()); 40 EXPECT_TRUE(test_roots->IsEmpty());
41 41
42 EXPECT_TRUE(test_roots->Add(root_cert)); 42 EXPECT_TRUE(test_roots->Add(root_cert.get()));
43 EXPECT_FALSE(test_roots->IsEmpty()); 43 EXPECT_FALSE(test_roots->IsEmpty());
44 44
45 test_roots->Clear(); 45 test_roots->Clear();
46 EXPECT_TRUE(test_roots->IsEmpty()); 46 EXPECT_TRUE(test_roots->IsEmpty());
47 } 47 }
48 48
49 // Test basic functionality when adding directly from a file, which should 49 // Test basic functionality when adding directly from a file, which should
50 // behave the same as when adding from an existing certificate. 50 // behave the same as when adding from an existing certificate.
51 TEST(TestRootCertsTest, AddFromFile) { 51 TEST(TestRootCertsTest, AddFromFile) {
52 TestRootCerts* test_roots = TestRootCerts::GetInstance(); 52 TestRootCerts* test_roots = TestRootCerts::GetInstance();
(...skipping 22 matching lines...) Expand all
75 return; 75 return;
76 } 76 }
77 #endif 77 #endif
78 78
79 TestRootCerts* test_roots = TestRootCerts::GetInstance(); 79 TestRootCerts* test_roots = TestRootCerts::GetInstance();
80 ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots); 80 ASSERT_NE(static_cast<TestRootCerts*>(NULL), test_roots);
81 EXPECT_TRUE(test_roots->IsEmpty()); 81 EXPECT_TRUE(test_roots->IsEmpty());
82 82
83 scoped_refptr<X509Certificate> test_cert = 83 scoped_refptr<X509Certificate> test_cert =
84 ImportCertFromFile(GetTestCertsDirectory(), kGoodCertificateFile); 84 ImportCertFromFile(GetTestCertsDirectory(), kGoodCertificateFile);
85 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert); 85 ASSERT_NE(static_cast<X509Certificate*>(NULL), test_cert.get());
86 86
87 // Test that the good certificate fails verification, because the root 87 // Test that the good certificate fails verification, because the root
88 // certificate should not yet be trusted. 88 // certificate should not yet be trusted.
89 int flags = 0; 89 int flags = 0;
90 CertVerifyResult bad_verify_result; 90 CertVerifyResult bad_verify_result;
91 scoped_refptr<CertVerifyProc> verify_proc(CertVerifyProc::CreateDefault()); 91 scoped_refptr<CertVerifyProc> verify_proc(CertVerifyProc::CreateDefault());
92 int bad_status = verify_proc->Verify(test_cert, 92 int bad_status = verify_proc->Verify(test_cert.get(),
93 "127.0.0.1", 93 "127.0.0.1",
94 flags, 94 flags,
95 NULL, 95 NULL,
96 CertificateList(), 96 CertificateList(),
97 &bad_verify_result); 97 &bad_verify_result);
98 EXPECT_NE(OK, bad_status); 98 EXPECT_NE(OK, bad_status);
99 EXPECT_NE(0u, bad_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); 99 EXPECT_NE(0u, bad_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID);
100 100
101 // Add the root certificate and mark it as trusted. 101 // Add the root certificate and mark it as trusted.
102 EXPECT_TRUE(test_roots->AddFromFile( 102 EXPECT_TRUE(test_roots->AddFromFile(
103 GetTestCertsDirectory().AppendASCII(kRootCertificateFile))); 103 GetTestCertsDirectory().AppendASCII(kRootCertificateFile)));
104 EXPECT_FALSE(test_roots->IsEmpty()); 104 EXPECT_FALSE(test_roots->IsEmpty());
105 105
106 // Test that the certificate verification now succeeds, because the 106 // Test that the certificate verification now succeeds, because the
107 // TestRootCerts is successfully imbuing trust. 107 // TestRootCerts is successfully imbuing trust.
108 CertVerifyResult good_verify_result; 108 CertVerifyResult good_verify_result;
109 int good_status = verify_proc->Verify(test_cert, 109 int good_status = verify_proc->Verify(test_cert.get(),
110 "127.0.0.1", 110 "127.0.0.1",
111 flags, 111 flags,
112 NULL, 112 NULL,
113 CertificateList(), 113 CertificateList(),
114 &good_verify_result); 114 &good_verify_result);
115 EXPECT_EQ(OK, good_status); 115 EXPECT_EQ(OK, good_status);
116 EXPECT_EQ(0u, good_verify_result.cert_status); 116 EXPECT_EQ(0u, good_verify_result.cert_status);
117 117
118 test_roots->Clear(); 118 test_roots->Clear();
119 EXPECT_TRUE(test_roots->IsEmpty()); 119 EXPECT_TRUE(test_roots->IsEmpty());
120 120
121 // Ensure that when the TestRootCerts is cleared, the trust settings 121 // Ensure that when the TestRootCerts is cleared, the trust settings
122 // revert to their original state, and don't linger. If trust status 122 // revert to their original state, and don't linger. If trust status
123 // lingers, it will likely break other tests in net_unittests. 123 // lingers, it will likely break other tests in net_unittests.
124 CertVerifyResult restored_verify_result; 124 CertVerifyResult restored_verify_result;
125 int restored_status = verify_proc->Verify(test_cert, 125 int restored_status = verify_proc->Verify(test_cert.get(),
126 "127.0.0.1", 126 "127.0.0.1",
127 flags, 127 flags,
128 NULL, 128 NULL,
129 CertificateList(), 129 CertificateList(),
130 &restored_verify_result); 130 &restored_verify_result);
131 EXPECT_NE(OK, restored_status); 131 EXPECT_NE(OK, restored_status);
132 EXPECT_NE(0u, 132 EXPECT_NE(0u,
133 restored_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID); 133 restored_verify_result.cert_status & CERT_STATUS_AUTHORITY_INVALID);
134 EXPECT_EQ(bad_status, restored_status); 134 EXPECT_EQ(bad_status, restored_status);
135 EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status); 135 EXPECT_EQ(bad_verify_result.cert_status, restored_verify_result.cert_status);
136 } 136 }
137 137
138 // TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that 138 // TODO(rsleevi): Add tests for revocation checking via CRLs, ensuring that
139 // TestRootCerts properly injects itself into the validation process. See 139 // TestRootCerts properly injects itself into the validation process. See
140 // http://crbug.com/63958 140 // http://crbug.com/63958
141 141
142 } // namespace net 142 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/nss_cert_database.cc ('k') | net/cert/x509_certificate.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698