1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/sha256_legacy_support_win.h"
7 #include "base/memory/ref_counted.h"
8 #include "net/base/test_data_directory.h"
9 #include "net/cert/x509_certificate.h"
10 #include "net/test/cert_test_util.h"
11 #include "testing/gtest/include/gtest/gtest.h"
15 namespace sha256_interception
{
19 // Verifies that SHA-256 signatures can be validated through the interception.
20 // Although this is only needed on legacy platforms, the test is run on all
21 // Windows platforms to make sure that the CryptoAPI<->NSS integration does not
23 TEST(Sha256Interception
, HandlesSHA2
) {
24 base::FilePath certs_dir
= GetTestCertsDirectory();
26 scoped_refptr
<X509Certificate
> server_cert
=
27 ImportCertFromFile(certs_dir
, "sha256.pem");
28 ASSERT_NE(static_cast<X509Certificate
*>(NULL
), server_cert
.get());
30 CryptVerifyCertificateSignatureExFunc cert_verify_signature_ptr
=
31 reinterpret_cast<CryptVerifyCertificateSignatureExFunc
>(
32 ::GetProcAddress(::GetModuleHandle(L
"crypt32.dll"),
33 "CryptVerifyCertificateSignatureEx"));
34 ASSERT_TRUE(cert_verify_signature_ptr
);
36 BOOL rv
= CryptVerifyCertificateSignatureExHook(
37 cert_verify_signature_ptr
, NULL
, X509_ASN_ENCODING
,
38 CRYPT_VERIFY_CERT_SIGN_SUBJECT_CERT
,
39 const_cast<void*>(reinterpret_cast<const void*>(
40 server_cert
->os_cert_handle())),
41 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT
,
42 const_cast<void*>(reinterpret_cast<const void*>(
43 server_cert
->os_cert_handle())),
50 } // namespace sha256_interception
