Home | History | Annotate | Download | only in cert 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "base/memory/scoped_ptr.h"
      6 #include "crypto/ec_private_key.h"
      7 #include "net/cert/x509_util.h"
      8 #include "net/cert/x509_util_openssl.h"
      9 #include "testing/gtest/include/gtest/gtest.h"
     10 
     11 namespace net {
     12 
     13 TEST(X509UtilOpenSSLTest, IsSupportedValidityRange) {
     14   base::Time now = base::Time::Now();
     15   EXPECT_TRUE(x509_util::IsSupportedValidityRange(now, now));
     16   EXPECT_FALSE(x509_util::IsSupportedValidityRange(
     17       now, now - base::TimeDelta::FromSeconds(1)));
     18 
     19   // See x509_util_openssl.cc to see how these were computed.
     20   const int64 kDaysFromYear0001ToUnixEpoch = 719162;
     21   const int64 kDaysFromUnixEpochToYear10000 = 2932896 + 1;
     22 
     23   // When computing too_old / too_late, add one day to account for
     24   // possible leap seconds.
     25   base::Time too_old = base::Time::UnixEpoch() -
     26       base::TimeDelta::FromDays(kDaysFromYear0001ToUnixEpoch + 1);
     27 
     28   base::Time too_late = base::Time::UnixEpoch() +
     29       base::TimeDelta::FromDays(kDaysFromUnixEpochToYear10000 + 1);
     30 
     31   EXPECT_FALSE(x509_util::IsSupportedValidityRange(too_old, too_old));
     32   EXPECT_FALSE(x509_util::IsSupportedValidityRange(too_old, now));
     33 
     34   EXPECT_FALSE(x509_util::IsSupportedValidityRange(now, too_late));
     35   EXPECT_FALSE(x509_util::IsSupportedValidityRange(too_late, too_late));
     36 }
     37 
     38 // For OpenSSL, x509_util::CreateDomainBoundCertEC() is not yet implemented
     39 // and should return false.  This unit test ensures that a stub implementation
     40 // is present.
     41 TEST(X509UtilOpenSSLTest, CreateDomainBoundCertNotImplemented) {
     42   std::string domain = "weborigin.com";
     43   base::Time now = base::Time::Now();
     44   scoped_ptr<crypto::ECPrivateKey> private_key(
     45       crypto::ECPrivateKey::Create());
     46   std::string der_cert;
     47   EXPECT_FALSE(x509_util::CreateDomainBoundCertEC(
     48       private_key.get(),
     49       domain, 1,
     50       now,
     51       now + base::TimeDelta::FromDays(1),
     52       &der_cert));
     53   EXPECT_TRUE(der_cert.empty());
     54 
     55 }
     56 
     57 }  // namespace net
     58