diff options
| -rw-r--r-- | chrome/common/net/x509_certificate_model_nss.cc | 11 | ||||
| -rw-r--r-- | chrome/common/net/x509_certificate_model_unittest.cc | 11 | ||||
| -rw-r--r-- | net/data/ssl/certificates/README | 4 | ||||
| -rw-r--r-- | net/data/ssl/certificates/ndn.ca.crt | 35 |
4 files changed, 57 insertions, 4 deletions
diff --git a/chrome/common/net/x509_certificate_model_nss.cc b/chrome/common/net/x509_certificate_model_nss.cc index 2b790a7..63205ff 100644 --- a/chrome/common/net/x509_certificate_model_nss.cc +++ b/chrome/common/net/x509_certificate_model_nss.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -125,10 +125,13 @@ string GetTokenName(X509Certificate::OSCertHandle cert_handle) { } string GetVersion(X509Certificate::OSCertHandle cert_handle) { - unsigned long version = ULONG_MAX; - if (SEC_ASN1DecodeInteger(&cert_handle->version, &version) == SECSuccess && - version != ULONG_MAX) + // If the version field is omitted from the certificate, the default + // value is v1(0). + unsigned long version = 0; + if (cert_handle->version.len == 0 || + SEC_ASN1DecodeInteger(&cert_handle->version, &version) == SECSuccess) { return base::UintToString(version + 1); + } return ""; } diff --git a/chrome/common/net/x509_certificate_model_unittest.cc b/chrome/common/net/x509_certificate_model_unittest.cc index 233475e..0178f09 100644 --- a/chrome/common/net/x509_certificate_model_unittest.cc +++ b/chrome/common/net/x509_certificate_model_unittest.cc @@ -71,3 +71,14 @@ TEST(X509CertificateModelTest, GetTypeServer) { x509_certificate_model::GetType(cert->os_cert_handle())); #endif } + +// An X.509 v1 certificate with the version field omitted should get +// the default value v1. +TEST(X509CertificateModelTest, GetVersionOmitted) { + scoped_refptr<net::X509Certificate> cert( + net::ImportCertFromFile(net::GetTestCertsDirectory(), + "ndn.ca.crt")); + ASSERT_TRUE(cert.get()); + + EXPECT_EQ("1", x509_certificate_model::GetVersion(cert->os_cert_handle())); +} diff --git a/net/data/ssl/certificates/README b/net/data/ssl/certificates/README index c5b0290..91d600d 100644 --- a/net/data/ssl/certificates/README +++ b/net/data/ssl/certificates/README @@ -117,3 +117,7 @@ unit tests. "openssl req -x509 -days 3650 -sha1 -extensions req_san_sanity \ -config ../scripts/ee.cnf -newkey rsa:1024 -text \ -out subjectAltName_sanity_check.pem" + +- ndn.ca.crt: "New Dream Network Certificate Authority" root certificate. + This is an X.509 v1 certificate that omits the version field. Used to + test that the certificate version gets the default value v1. diff --git a/net/data/ssl/certificates/ndn.ca.crt b/net/data/ssl/certificates/ndn.ca.crt new file mode 100644 index 0000000..6da9fb2 --- /dev/null +++ b/net/data/ssl/certificates/ndn.ca.crt @@ -0,0 +1,35 @@ +-----BEGIN CERTIFICATE----- +MIIGBjCCA+4CCQDbt8YGR683ojANBgkqhkiG9w0BAQUFADCBxDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMR8w +HQYDVQQKExZOZXcgRHJlYW0gTmV0d29yaywgTExDMREwDwYDVQQLEwhTZWN1cml0 +eTEwMC4GA1UEAxMnTmV3IERyZWFtIE5ldHdvcmsgQ2VydGlmaWNhdGUgQXV0aG9y +aXR5MSQwIgYJKoZIhvcNAQkBFhVzdXBwb3J0QGRyZWFtaG9zdC5jb20wHhcNMDYw +ODIyMjExMjU4WhcNMTYwODE5MjExMjU4WjCBxDELMAkGA1UEBhMCVVMxEzARBgNV +BAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMR8wHQYDVQQKExZO +ZXcgRHJlYW0gTmV0d29yaywgTExDMREwDwYDVQQLEwhTZWN1cml0eTEwMC4GA1UE +AxMnTmV3IERyZWFtIE5ldHdvcmsgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSQwIgYJ +KoZIhvcNAQkBFhVzdXBwb3J0QGRyZWFtaG9zdC5jb20wggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDHykL2vz70nbj827iARXxgBK41yXUy7oBcoG5TA+MD +GjXVqV+szQWgQz6C6uPPp+O4cUVxnAIfXvCo7VjsYYsDcmCWAlV27ZRN3Ek7HvIv +4rHaht0y/E/DgKOZiiy7kJMvqDZSuD9NxSlIOTDBS6aDyORNZKubWdg0l+Axk3Yn +YhmVhPtqupO8HzQjR0s2wgwKdz3m96RqjJDBng0wLEv/iCGN0ogBBV1TePuKcodF +TQivkjvVcITRVWIBKNfg0uDeM+cHIYGp44WM3gBX0W3AaG9JH/1tYWmgVrk/cmwK +oMq3PKVr/Usp7nR3PTyn1rpcJjPZDSNOleO+KilI4vbwFgnydbm97eTf/BFy548j +SPi9HINufNDSajXCRvyQ04CQVpAzH2mPVcykoL6++M2u2nNO5tLWa2ix96RNPrV/ +K00KbmIODPoqRVmoL7UvD4w2AM26l7Ol20cLqU8G4bZGe1DoKpF1CxwQlBzY6iJN +PiEY+eAII54w7cnHdAp2mOKvJBVUzCROc7g4W0n3/JCHEaXDnfXlqevCckAaDbes +AM7w9epOd7rUWpbSxOuKsgIyXvhM9VwxI7L5TdgULqKXq57jMAK8irsOalEt+5pJ +8RGFDOgJsbR+eJ3En//11OJzgz1bdW0lSUD72hoNdLyJtP7dn8+FrIfGBw9mwWMG +MwIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQAVUa0xn7/bDpyxdqJrr3np5HKDKaL6 +CL4KNgBS1hKHLIqxwKGTO+nCm1sVgK9fIh7hF5sG7f5hc5ZPp9usOeqwewB5drYZ +jPyk2e5WX0fjdB2pFPxhPS8vzNJRBtpPnUoiOuwXI4K12V7xj3SC/S4tqNfBM/p9 +sk15XfWiS8rMqDGg6oMFeM4BZ7YaZOXY/upqofg+MEbVdLBngwUPI/a1rR8OYUBr +NhsSZpXwg22IwDE45M7wxgRvj0hojRAAxVS75ogitx040tf2Lp8DJgtSGvOHtuW9 +87MXd8Ev8xf/7d9EXw4ghwKvyWglrw0Bpoh9OP9DOwoRFIzdBz5aUmAx6PNIvZ0Y +xQ+QRUxj+Kx2Xl6hpsk8URsfxKDHR2sZwcSqjD+JJGJee26An7btAst1/grAYw5X +tEfcXyXiDBHXPY6t0NZOzfQUggwIU0fiWhvT43Skob6pCc0dUBeEhFK0dpyDE3AM +4LwF/ECGfPn/UzzB/Lax4WaY2yGccBrikRfIkZARrJbvBCAxchH+HCeBV0B0BlOi +2R0RxwH0gKBEHxhMaq5J/rTaE7V5wd8OsxzcxUgW+te6hc0bbuhPiYhtvQ0N7+oF +z89JuuwocsTbNekeBwHB5wpsCPA29mYId8uvVl7LThvut9+szsWetmVua7P9t10h +GX3cdJCMZUwypA== +-----END CERTIFICATE----- |