15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 55821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "chrome/common/net/x509_certificate_model.h" 65821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 72a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#include "base/files/file_path.h" 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/path_service.h" 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/test_data_directory.h" 10c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/test/cert_test_util.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 125821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 13a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#if defined(USE_NSS) 145f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)#include "crypto/scoped_test_nss_db.h" 15a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "net/cert/nss_cert_database.h" 16a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#endif 17a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles) 18cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)TEST(X509CertificateModelTest, GetCertNameOrNicknameAndGetTitle) { 19cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) scoped_refptr<net::X509Certificate> cert( 20cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 21cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) "root_ca_cert.pem")); 22cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) ASSERT_TRUE(cert.get()); 23cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ( 24cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) "Test Root CA", 25cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetCertNameOrNickname(cert->os_cert_handle())); 26cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 27cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) scoped_refptr<net::X509Certificate> punycode_cert( 28cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 2934680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "punycodetest.pem")); 30cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) ASSERT_TRUE(punycode_cert.get()); 31cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("xn--wgv71a119e.com (日本語.com)", 32cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetCertNameOrNickname( 33cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) punycode_cert->os_cert_handle())); 34cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 35cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) scoped_refptr<net::X509Certificate> no_cn_cert( 36cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 37cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) "no_subject_common_name_cert.pem")); 38cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) ASSERT_TRUE(no_cn_cert.get()); 39cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#if defined(USE_OPENSSL) 40cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("emailAddress=wtc@google.com", 41cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetCertNameOrNickname( 42cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) no_cn_cert->os_cert_handle())); 43cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#else 44cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) // Temp cert has no nickname. 45cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("", 46cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetCertNameOrNickname( 47cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) no_cn_cert->os_cert_handle())); 48cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#endif 49cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 50cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("xn--wgv71a119e.com", 51cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetTitle( 52cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) punycode_cert->os_cert_handle())); 53cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 54cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#if defined(USE_OPENSSL) 55cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("emailAddress=wtc@google.com", 56cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetTitle( 57cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) no_cn_cert->os_cert_handle())); 58cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#else 59cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("E=wtc@google.com", 60cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetTitle( 61cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) no_cn_cert->os_cert_handle())); 62cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#endif 63cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 64cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) scoped_refptr<net::X509Certificate> no_cn_cert2(net::ImportCertFromFile( 65cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) net::GetTestCertsDirectory(), "ct-test-embedded-cert.pem")); 66cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) ASSERT_TRUE(no_cn_cert2.get()); 67cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) EXPECT_EQ("L=Erw Wen,ST=Wales,O=Certificate Transparency,C=GB", 68cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) x509_certificate_model::GetTitle(no_cn_cert2->os_cert_handle())); 69cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)} 70cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles) 71116680a4aac90f2aa7413d9095a592090648e557Ben MurdochTEST(X509CertificateModelTest, GetExtensions) { 72116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 73116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 74116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "root_ca_cert.pem")); 75116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 76116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 77116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::Extensions extensions; 78116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetExtensions( 79116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical", "notcrit", cert->os_cert_handle(), &extensions); 80116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(3U, extensions.size()); 81116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 82116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Basic Constraints", extensions[0].name); 83116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 84116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical\nIs a Certification Authority\n" 85116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "Maximum number of intermediate CAs: unlimited", 86116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[0].value); 87116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 88116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Subject Key ID", extensions[1].name); 89116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 9034680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "notcrit\nKey ID: BC F7 30 D1 3C C0 F2 79 FA EF 9F C9 6C 5C 93 F3\n8A " 9134680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "68 AB 83", 92116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[1].value); 93116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 94116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Key Usage", extensions[2].name); 95116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("critical\nCertificate Signer\nCRL Signer", extensions[2].value); 96116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 97116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 98116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 99116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 100116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "subjectAltName_sanity_check.pem")); 101116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::Extensions extensions; 102116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetExtensions( 103116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical", "notcrit", cert->os_cert_handle(), &extensions); 104116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(2U, extensions.size()); 105116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Subject Alternative Name", extensions[1].name); 106116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 107116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nIP Address: 127.0.0.2\nIP Address: fe80::1\nDNS Name: " 108116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "test.example\nEmail Address: test@test.example\nOID.1.2.3.4: 0C 09 69 " 109116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "67 6E 6F 72 65 20 6D 65\nX.500 Name: CN = 127.0.0.3\n\n", 110116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[1].value); 111116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 112116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 113116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 114116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 115116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "foaf.me.chromium-test-cert.der")); 116116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::Extensions extensions; 117116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetExtensions( 118116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical", "notcrit", cert->os_cert_handle(), &extensions); 119116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(5U, extensions.size()); 120116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Netscape Certificate Comment", extensions[1].name); 121116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("notcrit\nOpenSSL Generated Certificate", extensions[1].value); 122116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 123116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 124116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 125116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 126116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "2029_globalsign_com_cert.pem")); 127116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::Extensions extensions; 128116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetExtensions( 129116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical", "notcrit", cert->os_cert_handle(), &extensions); 130116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(9U, extensions.size()); 131116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 132116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Subject Key ID", extensions[0].name); 133116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 134116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nKey ID: 59 BC D9 69 F7 B0 65 BB C8 34 C5 D2 C2 EF 17 78\nA6 " 135116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "47 1E 8B", 136116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[0].value); 137116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 138116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certification Authority Key ID", extensions[1].name); 139116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 140116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nKey ID: 8A FC 14 1B 3D A3 59 67 A5 3B E1 73 92 A6 62 91\n7F " 141116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "E4 78 30\n", 142116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[1].value); 143116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 144116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Authority Information Access", extensions[2].name); 145116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 146116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nCA Issuers: " 147116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "URI: http://secure.globalsign.net/cacert/SHA256extendval1.crt\n", 148116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[2].value); 149116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 150116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("CRL Distribution Points", extensions[3].name); 151116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("notcrit\nURI: http://crl.globalsign.net/SHA256ExtendVal1.crl\n", 152116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[3].value); 153116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 154116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Basic Constraints", extensions[4].name); 155116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("notcrit\nIs not a Certification Authority\n", 156116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[4].value); 157116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 158116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Key Usage", extensions[5].name); 159116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 160116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical\nSigning\nNon-repudiation\nKey Encipherment\n" 161116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "Data Encipherment", 162116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[5].value); 163116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 164116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Extended Key Usage", extensions[6].name); 165116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 166116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nTLS WWW Server Authentication (OID.1.3.6.1.5.5.7.3.1)\n" 167116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "TLS WWW Client Authentication (OID.1.3.6.1.5.5.7.3.2)\n", 168116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[6].value); 169116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 170116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Policies", extensions[7].name); 171116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 172116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nOID.1.3.6.1.4.1.4146.1.1:\n" 173116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " Certification Practice Statement Pointer:" 174116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " http://www.globalsign.net/repository/\n", 175116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[7].value); 176116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 177116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Netscape Certificate Type", extensions[8].name); 178116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("notcrit\nSSL Client Certificate\nSSL Server Certificate", 179116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[8].value); 180116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 181116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 182116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 183116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 184116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "diginotar_public_ca_2025.pem")); 185116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::Extensions extensions; 186116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetExtensions( 187116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical", "notcrit", cert->os_cert_handle(), &extensions); 188116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(7U, extensions.size()); 189116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 190116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Authority Information Access", extensions[0].name); 191116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 192116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nOCSP Responder: " 193116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "URI: http://validation.diginotar.nl\n", 194116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[0].value); 195116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 196116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Basic Constraints", extensions[2].name); 197116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 198116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "critical\nIs a Certification Authority\n" 199116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "Maximum number of intermediate CAs: 0", 200116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[2].value); 201116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("Certificate Policies", extensions[3].name); 202116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 203116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "notcrit\nOID.2.16.528.1.1001.1.1.1.1.5.2.6.4:\n" 204116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " Certification Practice Statement Pointer:" 205116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " http://www.diginotar.nl/cps\n" 206116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " User Notice:\n" 207116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " Conditions, as mentioned on our website (www.diginotar.nl), are " 208116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "applicable to all our products and services.\n", 209116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions[3].value); 210116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 211116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 212116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 2135821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST(X509CertificateModelTest, GetTypeCA) { 2145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<net::X509Certificate> cert( 2155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 216eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch "root_ca_cert.pem")); 2175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(cert.get()); 2185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(USE_OPENSSL) 2205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Remove this when OpenSSL build implements the necessary functions. 22158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) EXPECT_EQ(net::OTHER_CERT, 2225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 2245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::CA_CERT, 2255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2275f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) crypto::ScopedTestNSSDB test_nssdb; 2285f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( 2295f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) test_nssdb.slot())) /* public slot */, 2305f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) crypto::ScopedPK11Slot(PK11_ReferenceSlot( 2315f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) test_nssdb.slot())) /* private slot */); 2325f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 2335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test that explicitly distrusted CA certs are still returned as CA_CERT 2345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // type. See http://crbug.com/96654. 2355f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) EXPECT_TRUE(db.SetCertTrust( 236868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); 2375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2385821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::CA_CERT, 2395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 2415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST(X509CertificateModelTest, GetTypeServer) { 2445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<net::X509Certificate> cert( 2455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 2465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "google.single.der")); 2475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(cert.get()); 2485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#if defined(USE_OPENSSL) 2505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Remove this when OpenSSL build implements the necessary functions. 25158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) EXPECT_EQ(net::OTHER_CERT, 2525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#else 2545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test mozilla_security_manager::GetCertType with server certs and default 2555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // trust. Currently this doesn't work. 2565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can 2575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // tell server certs even if they have no trust bits set. 25858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) EXPECT_EQ(net::OTHER_CERT, 2595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2615f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) crypto::ScopedTestNSSDB test_nssdb; 2625f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) net::NSSCertDatabase db(crypto::ScopedPK11Slot(PK11_ReferenceSlot( 2635f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) test_nssdb.slot())) /* public slot */, 2645f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) crypto::ScopedPK11Slot(PK11_ReferenceSlot( 2655f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) test_nssdb.slot())) /* private slot */); 2665f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 2675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test GetCertType with server certs and explicit trust. 2685f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) EXPECT_TRUE(db.SetCertTrust( 269868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); 2705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::SERVER_CERT, 2725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Test GetCertType with server certs and explicit distrust. 2755f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) EXPECT_TRUE(db.SetCertTrust( 276868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) cert.get(), net::SERVER_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); 2775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ(net::SERVER_CERT, 2795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) x509_certificate_model::GetType(cert->os_cert_handle())); 2805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#endif 2815821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 2825821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2835821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// An X.509 v1 certificate with the version field omitted should get 2845821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// the default value v1. 2855821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)TEST(X509CertificateModelTest, GetVersionOmitted) { 2865821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<net::X509Certificate> cert( 2875821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) net::ImportCertFromFile(net::GetTestCertsDirectory(), 2885821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) "ndn.ca.crt")); 2895821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ASSERT_TRUE(cert.get()); 2905821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 2915821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) EXPECT_EQ("1", x509_certificate_model::GetVersion(cert->os_cert_handle())); 2925821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} 293116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 294116680a4aac90f2aa7413d9095a592090648e557Ben MurdochTEST(X509CertificateModelTest, GetCMSString) { 295116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::CertificateList certs = 296116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch CreateCertificateListFromFile(net::GetTestCertsDirectory(), 297116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "multi-root-chain1.pem", 298116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::FORMAT_AUTO); 299116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 300116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::OSCertHandles cert_handles; 301116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch for (net::CertificateList::iterator i = certs.begin(); i != certs.end(); ++i) 302116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert_handles.push_back((*i)->os_cert_handle()); 303116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(4U, cert_handles.size()); 304116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 305116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 306116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // Write the full chain. 307116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch std::string pkcs7_string = x509_certificate_model::GetCMSString( 308116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert_handles, 0, cert_handles.size()); 309116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 310116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_FALSE(pkcs7_string.empty()); 311116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 312116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::CertificateList decoded_certs = 313116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::CreateCertificateListFromBytes( 314116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch pkcs7_string.data(), 315116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch pkcs7_string.size(), 316116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::FORMAT_PKCS7); 317116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 318116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(certs.size(), decoded_certs.size()); 319116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#if defined(USE_OPENSSL) 320116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch for (size_t i = 0; i < certs.size(); ++i) 321116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_TRUE(certs[i]->Equals(decoded_certs[i])); 322116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#else 323116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // NSS sorts the certs before writing the file. 3241320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_TRUE(certs[0]->Equals(decoded_certs.back().get())); 325116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch for (size_t i = 1; i < certs.size(); ++i) 3261320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_TRUE(certs[i]->Equals(decoded_certs[i - 1].get())); 327116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#endif 328116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 329116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 330116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 331116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // Write only the first cert. 332116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch std::string pkcs7_string = 333116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::GetCMSString(cert_handles, 0, 1); 334116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 335116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::CertificateList decoded_certs = 336116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::CreateCertificateListFromBytes( 337116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch pkcs7_string.data(), 338116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch pkcs7_string.size(), 339116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::X509Certificate::FORMAT_PKCS7); 340116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 341116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_EQ(1U, decoded_certs.size()); 3421320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci EXPECT_TRUE(certs[0]->Equals(decoded_certs[0].get())); 343116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 344116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 345116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 346116680a4aac90f2aa7413d9095a592090648e557Ben MurdochTEST(X509CertificateModelTest, ProcessSecAlgorithms) { 347116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 348116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 349116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "root_ca_cert.pem")); 350116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 351116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 SHA-1 With RSA Encryption", 352116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSignature( 353116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 354116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 SHA-1 With RSA Encryption", 355116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSignatureWrap( 356116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 357116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 RSA Encryption", 358116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSubjectPublicKey( 359116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 360116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 361116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 362116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 363116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "weak_digest_md5_root.pem")); 364116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 365116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 MD5 With RSA Encryption", 366116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSignature( 367116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 368116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 MD5 With RSA Encryption", 369116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSignatureWrap( 370116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 371116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ("PKCS #1 RSA Encryption", 372116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSecAlgorithmSubjectPublicKey( 373116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 374116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 375116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 376116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 377116680a4aac90f2aa7413d9095a592090648e557Ben MurdochTEST(X509CertificateModelTest, ProcessSubjectPublicKeyInfo) { 378116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 379116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 380116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "root_ca_cert.pem")); 381116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 382116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 383116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "Modulus (2048 bits):\n" 38434680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) " B6 49 41 E3 42 01 51 A8 7F 3C 7A 71 D3 FB CD 91\n" 38534680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "35 17 84 1A 8E F6 36 C7 D1 70 1D FA 86 F3 6E BB\n" 38634680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "76 6F E8 32 2E 37 FD 38 92 3D 68 E4 8A 7D 42 33\n" 38734680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "14 46 1B DC 04 F6 91 6E 54 40 C4 0A 09 FD EC 2D\n" 38834680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "62 E2 5E E1 BA 2C 9C C1 B1 60 4C DA C7 F8 22 5C\n" 38934680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "82 20 65 42 1E 56 77 75 4F EB 90 2C 4A EA 57 0E\n" 39034680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "22 8D 6C 95 AC 11 EA CC D7 EE F6 70 0D 09 DD A6\n" 39134680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "35 61 5D C9 76 6D B0 F2 1E BF 30 86 D8 77 52 36\n" 39234680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "95 97 0E D1 46 C5 ED 81 3D 1B B0 F2 61 95 3C C1\n" 39334680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "40 38 EF 5F 5D BA 61 9F EF 2B 9C 9F 85 89 74 70\n" 39434680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "63 D5 76 E8 35 7E CE 01 E1 F3 11 11 90 1C 0D F5\n" 39534680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "FD 8D CE 10 6C AD 7C 55 1A 21 6F D7 2D F4 78 15\n" 39634680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "EA 2F 38 BD 91 9E 3C 1D 07 46 F5 43 C1 82 8B AF\n" 39734680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "12 53 65 19 8A 69 69 66 06 B2 DA 0B FA 2A 00 A1\n" 39834680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "2A 15 84 49 F1 01 BF 9B 30 06 D0 15 A0 1F 9D 51\n" 39934680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "91 47 E1 53 5F EF 5E EC C2 61 79 C2 14 9F C4 E3\n" 400116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch "\n" 401116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#if defined(USE_OPENSSL) 402116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " Public Exponent (17 bits):\n" 403116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#else 404116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " Public Exponent (24 bits):\n" 405116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#endif 406116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch " 01 00 01", 407116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSubjectPublicKeyInfo( 408116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 409116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 410116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch { 411116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 412116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "prime256v1-ecdsa-intermediate.pem")); 413116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 414116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 41534680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "04 DB 98 07 BC 61 DD 2D E6 B3 CC F7 D5 EA F7 A1\n" 41634680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "0D 28 DE F2 7C 26 97 CA EB D1 DB A3 1E C1 8F E9\n" 41734680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "E0 1E FE 31 BB AA 4A 5C 85 37 A6 FF 9E 2E 96 23\n" 41834680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "22 B8 30 5F 8F 22 AE B9 8B 6D 4F BD 4E F3 52 12\n" 41934680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "D4", 420116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessSubjectPublicKeyInfo( 421116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 422116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 423116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 424116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 425116680a4aac90f2aa7413d9095a592090648e557Ben MurdochTEST(X509CertificateModelTest, ProcessRawBitsSignatureWrap) { 426116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch scoped_refptr<net::X509Certificate> cert(net::ImportCertFromFile( 427116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch net::GetTestCertsDirectory(), "root_ca_cert.pem")); 428116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch ASSERT_TRUE(cert.get()); 429116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch EXPECT_EQ( 43034680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "57 07 29 FB 7F E8 FF B0 E6 D8 58 6A C3 90 A1 38\n" 43134680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "1C B4 F3 68 B1 EC E8 89 23 24 D7 A8 F2 21 C3 60\n" 43234680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "E4 A4 49 5C 00 BF DF C7 82 78 80 2B 18 F7 AD DD\n" 43334680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "D0 62 5E A7 B0 CC F0 AA B4 CE 70 12 59 65 67 76\n" 43434680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "05 00 18 9A FF C4 2A 17 E3 F1 55 D8 BE 5C 5E EB\n" 43534680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "CA CB 53 87 10 D5 09 32 36 A7 5E 41 F4 53 DA 7E\n" 43634680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "56 60 D2 7E 4E 9A A5 08 5F 5D 75 E9 E7 30 CB 22\n" 43734680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "E9 EF 19 49 83 A5 23 A1 F8 60 4C E5 36 D5 39 78\n" 43834680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "18 F1 5E BF CE AA 0B 53 81 2C 78 A9 0A 6B DB 13\n" 43934680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "10 21 14 7F 1B 70 3D 89 1A 40 8A 06 2C 5D 50 19\n" 44034680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "62 F9 C7 45 89 F2 3D 66 05 3D 7D 75 5B 55 1E 80\n" 44134680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "42 72 A1 9A 7C 6D 0A 74 F6 EE A6 21 6C 3A 98 FB\n" 44234680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "77 82 5F F2 6B 56 E6 DD 9B 8E 50 F0 C6 AE FD EA\n" 44334680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "A6 05 07 A9 26 06 56 B3 B2 D9 B2 37 A0 21 3E 79\n" 44434680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "06 1F B9 51 BE F4 B1 49 4D 90 B5 33 E5 0E C7 5E\n" 44534680572440d7894ef8dafce81d8039ed80726a2Torne (Richard Coles) "5B 40 C5 6A 04 D1 43 7A 94 6A A4 4F 61 FC 82 E0", 446116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch x509_certificate_model::ProcessRawBitsSignatureWrap( 447116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch cert->os_cert_handle())); 448116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 449