Skip to content

GitLab

T
tangled
Commit 3a838a97 authored by Christoph Schwering's avatar Christoph Schwering Committed by Chromium LUCI CQ
Browse files
Options

[net] Disabled certificate verification tests. 

Looks like the tests fail due to an expired certificate.

Tbr: mattm@chromium.org
Bug: 1163045
Change-Id: I9f8d2fd656a8d0d4dc9fc75d6f18bd3230befa3e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2610099
Commit-Queue: Christoph Schwering <schwering@google.com>
Reviewed-by: default avatarChristoph Schwering <schwering@google.com>
Cr-Commit-Position: refs/heads/master@{#840149}
parent ef92854a
Show whitespace changes
Inline Side-by-side
Showing with 74 additions and 34 deletions
net/cert/cert_verify_proc_android_unittest.cc
View file @ 3a838a97
...@@ -173,8 +173,9 @@ class CertVerifyProcAndroidTestWithAIAFetching : public testing::Test { ...@@ -173,8 +173,9 @@ class CertVerifyProcAndroidTestWithAIAFetching : public testing::Test {
// Tests that if the proper intermediates are supplied in the server-sent chain, // Tests that if the proper intermediates are supplied in the server-sent chain,
// no AIA fetch occurs. // no AIA fetch occurs.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
NoFetchIfProperIntermediatesSupplied) { DISABLED_NoFetchIfProperIntermediatesSupplied) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -191,7 +192,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, ...@@ -191,7 +192,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
// Tests that if the certificate does not contain an AIA URL, no AIA fetch // Tests that if the certificate does not contain an AIA URL, no AIA fetch
// occurs. // occurs.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, NoAIAURL) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, DISABLED_NoAIAURL) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -208,7 +210,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, NoAIAURL) { ...@@ -208,7 +210,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, NoAIAURL) {
// Tests that if a certificate contains one file:// URL and one http:// URL, // Tests that if a certificate contains one file:// URL and one http:// URL,
// there are two fetches, with the latter resulting in a successful // there are two fetches, with the latter resulting in a successful
// verification. // verification.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, OneFileAndOneHTTPURL) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
DISABLED_OneFileAndOneHTTPURL) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -239,8 +243,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, OneFileAndOneHTTPURL) { ...@@ -239,8 +243,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, OneFileAndOneHTTPURL) {
// Tests that if an AIA request returns the wrong intermediate, certificate // Tests that if an AIA request returns the wrong intermediate, certificate
// verification should fail. // verification should fail.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
UnsuccessfulVerificationWithLeafOnly) { DISABLED_UnsuccessfulVerificationWithLeafOnly) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -263,8 +268,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, ...@@ -263,8 +268,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
// Tests that if an AIA request returns an error, certificate verification // Tests that if an AIA request returns an error, certificate verification
// should fail. // should fail.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
UnsuccessfulVerificationWithLeafOnlyAndErrorOnFetch) { DISABLED_UnsuccessfulVerificationWithLeafOnlyAndErrorOnFetch) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -284,8 +290,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, ...@@ -284,8 +290,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
// Tests that if an AIA request returns an unparseable cert, certificate // Tests that if an AIA request returns an unparseable cert, certificate
// verification should fail. // verification should fail.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
UnsuccessfulVerificationWithLeafOnlyAndUnparseableFetch) { DISABLED_UnsuccessfulVerificationWithLeafOnlyAndUnparseableFetch) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -306,7 +313,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, ...@@ -306,7 +313,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
// Tests that if a certificate has two HTTP AIA URLs, they are both fetched. If // Tests that if a certificate has two HTTP AIA URLs, they are both fetched. If
// one serves an unrelated certificate and one serves a proper intermediate, the // one serves an unrelated certificate and one serves a proper intermediate, the
// latter should be used to build a valid chain. // latter should be used to build a valid chain.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TwoHTTPURLs) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, DISABLED_TwoHTTPURLs) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -340,8 +348,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TwoHTTPURLs) { ...@@ -340,8 +348,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TwoHTTPURLs) {
// Tests that if an intermediate is fetched via AIA, and the intermediate itself // Tests that if an intermediate is fetched via AIA, and the intermediate itself
// has an AIA URL, that URL is fetched if necessary. // has an AIA URL, that URL is fetched if necessary.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
AIAFetchForFetchedIntermediate) { DISABLED_AIAFetchForFetchedIntermediate) {
// Do not set up the test root to be trusted. If the test root were trusted, // Do not set up the test root to be trusted. If the test root were trusted,
// then the intermediate i2.pem would not require an AIA fetch. With the test // then the intermediate i2.pem would not require an AIA fetch. With the test
// root untrusted, i2.pem does not verify and so it will trigger an AIA fetch. // root untrusted, i2.pem does not verify and so it will trigger an AIA fetch.
...@@ -375,7 +384,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, ...@@ -375,7 +384,8 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
// Tests that if a certificate contains six AIA URLs, only the first five are // Tests that if a certificate contains six AIA URLs, only the first five are
// fetched, since the maximum number of fetches per Verify() call is five. // fetched, since the maximum number of fetches per Verify() call is five.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, MaxAIAFetches) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, DISABLED_MaxAIAFetches) {
ASSERT_TRUE(SetUpTestRoot()); ASSERT_TRUE(SetUpTestRoot());
scoped_refptr<CertVerifyProcAndroid> proc = scoped_refptr<CertVerifyProcAndroid> proc =
base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_); base::MakeRefCounted<CertVerifyProcAndroid>(fetcher_);
...@@ -399,7 +409,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, MaxAIAFetches) { ...@@ -399,7 +409,9 @@ TEST_F(CertVerifyProcAndroidTestWithAIAFetching, MaxAIAFetches) {
// Tests that if the supplied chain contains an intermediate with an AIA URL, // Tests that if the supplied chain contains an intermediate with an AIA URL,
// that AIA URL is fetched if necessary. // that AIA URL is fetched if necessary.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching, FetchForSuppliedIntermediate) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_F(CertVerifyProcAndroidTestWithAIAFetching,
DISABLED_FetchForSuppliedIntermediate) {
// Do not set up the test root to be trusted. If the test root were trusted, // Do not set up the test root to be trusted. If the test root were trusted,
// then the intermediate i.pem would not require an AIA fetch. With the test // then the intermediate i.pem would not require an AIA fetch. With the test
// root untrusted, i.pem does not verify and so it will trigger an AIA fetch. // root untrusted, i.pem does not verify and so it will trigger an AIA fetch.
......
net/cert/cert_verify_proc_unittest.cc
View file @ 3a838a97
...@@ -696,7 +696,9 @@ TEST_P(CertVerifyProcInternalTest, CertWithNullInCommonNameAndNoSAN) { ...@@ -696,7 +696,9 @@ TEST_P(CertVerifyProcInternalTest, CertWithNullInCommonNameAndNoSAN) {
EXPECT_THAT(error, IsError(ERR_CERT_COMMON_NAME_INVALID)); EXPECT_THAT(error, IsError(ERR_CERT_COMMON_NAME_INVALID));
} }
TEST_P(CertVerifyProcInternalTest, CertWithNullInCommonNameAndValidSAN) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalTest,
DISABLED_CertWithNullInCommonNameAndValidSAN) {
std::unique_ptr<CertBuilder> leaf, intermediate, root; std::unique_ptr<CertBuilder> leaf, intermediate, root;
CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root); CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root);
ASSERT_TRUE(leaf && intermediate && root); ASSERT_TRUE(leaf && intermediate && root);
...@@ -2644,7 +2646,8 @@ TEST_P(CertVerifyProcInternalTest, ValidityJustBeforeNotBefore) { ...@@ -2644,7 +2646,8 @@ TEST_P(CertVerifyProcInternalTest, ValidityJustBeforeNotBefore) {
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_DATE_INVALID); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_DATE_INVALID);
} }
TEST_P(CertVerifyProcInternalTest, ValidityJustAfterNotBefore) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalTest, DISABLED_ValidityJustAfterNotBefore) {
std::unique_ptr<CertBuilder> leaf, intermediate, root; std::unique_ptr<CertBuilder> leaf, intermediate, root;
CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root); CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root);
ASSERT_TRUE(leaf && intermediate && root); ASSERT_TRUE(leaf && intermediate && root);
...@@ -2667,7 +2670,8 @@ TEST_P(CertVerifyProcInternalTest, ValidityJustAfterNotBefore) { ...@@ -2667,7 +2670,8 @@ TEST_P(CertVerifyProcInternalTest, ValidityJustAfterNotBefore) {
EXPECT_THAT(error, IsOk()); EXPECT_THAT(error, IsOk());
} }
TEST_P(CertVerifyProcInternalTest, ValidityJustBeforeNotAfter) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalTest, DISABLED_ValidityJustBeforeNotAfter) {
std::unique_ptr<CertBuilder> leaf, intermediate, root; std::unique_ptr<CertBuilder> leaf, intermediate, root;
CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root); CertBuilder::CreateSimpleChain(&leaf, &intermediate, &root);
ASSERT_TRUE(leaf && intermediate && root); ASSERT_TRUE(leaf && intermediate && root);
...@@ -3179,11 +3183,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, MAYBE_IntermediateFromAia404) ...@@ -3179,11 +3183,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, MAYBE_IntermediateFromAia404)
// Tries verifying a certificate chain that is missing an intermediate. The // Tries verifying a certificate chain that is missing an intermediate. The
// intermediate is available via AIA. // intermediate is available via AIA.
// TODO(crbug.com/860189): Failing on iOS // TODO(crbug/1163045): Re-enable on non-iOS. Disabled due to expired
// certificate.
#if defined(OS_IOS) #if defined(OS_IOS)
#define MAYBE_IntermediateFromAia200Der DISABLED_IntermediateFromAia200Der #define MAYBE_IntermediateFromAia200Der DISABLED_IntermediateFromAia200Der
#else #else
#define MAYBE_IntermediateFromAia200Der IntermediateFromAia200Der #define MAYBE_IntermediateFromAia200Der DISABLED_IntermediateFromAia200Der
#endif #endif
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
MAYBE_IntermediateFromAia200Der) { MAYBE_IntermediateFromAia200Der) {
...@@ -3226,10 +3231,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3226,10 +3231,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// intermediate is available via AIA, however is served as a PEM file rather // intermediate is available via AIA, however is served as a PEM file rather
// than DER. // than DER.
// TODO(crbug.com/860189): Failing on iOS // TODO(crbug.com/860189): Failing on iOS
// TODO(crbug/1163045): Re-enable on non-iOS. Disabled due to expired
// certificate.
#if defined(OS_IOS) #if defined(OS_IOS)
#define MAYBE_IntermediateFromAia200Pem DISABLED_IntermediateFromAia200Pem #define MAYBE_IntermediateFromAia200Pem DISABLED_IntermediateFromAia200Pem
#else #else
#define MAYBE_IntermediateFromAia200Pem IntermediateFromAia200Pem #define MAYBE_IntermediateFromAia200Pem DISABLED_IntermediateFromAia200Pem
#endif #endif
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
MAYBE_IntermediateFromAia200Pem) { MAYBE_IntermediateFromAia200Pem) {
...@@ -3278,10 +3285,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3278,10 +3285,12 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// formatting on the PEM data. // formatting on the PEM data.
// //
// TODO(crbug.com/860189): Failing on iOS // TODO(crbug.com/860189): Failing on iOS
// TODO(crbug/1163045): Re-enable on non-iOS. Disabled due to expired
// certificate.
#if defined(OS_IOS) #if defined(OS_IOS)
#define MAYBE_IntermediateFromAia200Pem2 DISABLED_IntermediateFromAia200Pem2 #define MAYBE_IntermediateFromAia200Pem2 DISABLED_IntermediateFromAia200Pem2
#else #else
#define MAYBE_IntermediateFromAia200Pem2 IntermediateFromAia200Pem2 #define MAYBE_IntermediateFromAia200Pem2 DISABLED_IntermediateFromAia200Pem2
#endif #endif
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
MAYBE_IntermediateFromAia200Pem2) { MAYBE_IntermediateFromAia200Pem2) {
...@@ -3331,8 +3340,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3331,8 +3340,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// however, chasing the AIA can discover a SHA256 version of the intermediate. // however, chasing the AIA can discover a SHA256 version of the intermediate.
// //
// Path building should discover the stronger intermediate and use it. // Path building should discover the stronger intermediate and use it.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
Sha1IntermediateButAIAHasSha256) { DISABLED_Sha1IntermediateButAIAHasSha256) {
const char kHostname[] = "www.example.com"; const char kHostname[] = "www.example.com";
base::FilePath certs_dir = base::FilePath certs_dir =
...@@ -3424,7 +3434,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3424,7 +3434,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
} }
} }
TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationHardFailNoCrls) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest,
DISABLED_RevocationHardFailNoCrls) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3456,8 +3468,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationHardFailNoCrls) { ...@@ -3456,8 +3468,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationHardFailNoCrls) {
// CRL hard fail test where both leaf and intermediate are covered by valid // CRL hard fail test where both leaf and intermediate are covered by valid
// CRLs which have empty (non-present) revokedCertificates list. Verification // CRLs which have empty (non-present) revokedCertificates list. Verification
// should succeed. // should succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailCrlGoodNoRevokedCertificates) { DISABLED_RevocationHardFailCrlGoodNoRevokedCertificates) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3496,8 +3509,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3496,8 +3509,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL hard fail test where both leaf and intermediate are covered by valid // CRL hard fail test where both leaf and intermediate are covered by valid
// CRLs which have revokedCertificates lists that revoke other irrelevant // CRLs which have revokedCertificates lists that revoke other irrelevant
// serial numbers. Verification should succeed. // serial numbers. Verification should succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailCrlGoodIrrelevantSerialsRevoked) { DISABLED_RevocationHardFailCrlGoodIrrelevantSerialsRevoked) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3536,8 +3550,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3536,8 +3550,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailLeafRevokedByCrl) { DISABLED_RevocationHardFailLeafRevokedByCrl) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3573,8 +3588,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3573,8 +3588,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailIntermediateRevokedByCrl) { DISABLED_RevocationHardFailIntermediateRevokedByCrl) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3613,8 +3629,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3613,8 +3629,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL hard fail test where the intermediate certificate has a good CRL, but // CRL hard fail test where the intermediate certificate has a good CRL, but
// the leaf's distribution point returns an http error. Verification should // the leaf's distribution point returns an http error. Verification should
// fail. // fail.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailLeafCrlDpHttpError) { DISABLED_RevocationHardFailLeafCrlDpHttpError) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3653,8 +3670,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3653,8 +3670,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL hard fail test where the leaf certificate has a good CRL, but // CRL hard fail test where the leaf certificate has a good CRL, but
// the intermediate's distribution point returns an http error. Verification // the intermediate's distribution point returns an http error. Verification
// should fail. // should fail.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationHardFailIntermediateCrlDpHttpError) { DISABLED_RevocationHardFailIntermediateCrlDpHttpError) {
if (!SupportsRevCheckingRequiredLocalAnchors()) { if (!SupportsRevCheckingRequiredLocalAnchors()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS"; "VERIFY_REV_CHECKING_REQUIRED_LOCAL_ANCHORS";
...@@ -3691,7 +3709,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3691,7 +3709,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationSoftFailNoCrls) { // TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest,
DISABLED_RevocationSoftFailNoCrls) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3726,8 +3746,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationSoftFailNoCrls) { ...@@ -3726,8 +3746,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, RevocationSoftFailNoCrls) {
// CRL soft fail test where both leaf and intermediate are covered by valid // CRL soft fail test where both leaf and intermediate are covered by valid
// CRLs which have empty (non-present) revokedCertificates list. Verification // CRLs which have empty (non-present) revokedCertificates list. Verification
// should succeed. // should succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailCrlGoodNoRevokedCertificates) { DISABLED_RevocationSoftFailCrlGoodNoRevokedCertificates) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3764,8 +3785,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3764,8 +3785,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL soft fail test where both leaf and intermediate are covered by valid // CRL soft fail test where both leaf and intermediate are covered by valid
// CRLs which have revokedCertificates lists that revoke other irrelevant // CRLs which have revokedCertificates lists that revoke other irrelevant
// serial numbers. Verification should succeed. // serial numbers. Verification should succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailCrlGoodIrrelevantSerialsRevoked) { DISABLED_RevocationSoftFailCrlGoodIrrelevantSerialsRevoked) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3802,8 +3824,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3802,8 +3824,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailLeafRevokedByCrl) { DISABLED_RevocationSoftFailLeafRevokedByCrl) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3845,8 +3868,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3845,8 +3868,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailIntermediateRevokedByCrl) { DISABLED_RevocationSoftFailIntermediateRevokedByCrl) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3888,8 +3912,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3888,8 +3912,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailLeafRevokedBySha1Crl) { DISABLED_RevocationSoftFailLeafRevokedBySha1Crl) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3932,8 +3957,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3932,8 +3957,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED); EXPECT_TRUE(verify_result.cert_status & CERT_STATUS_REV_CHECKING_ENABLED);
} }
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailLeafRevokedByMd5Crl) { DISABLED_RevocationSoftFailLeafRevokedByMd5Crl) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -3981,8 +4007,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -3981,8 +4007,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL soft fail test where the intermediate certificate has a good CRL, but // CRL soft fail test where the intermediate certificate has a good CRL, but
// the leaf's distribution point returns an http error. Verification should // the leaf's distribution point returns an http error. Verification should
// succeed. // succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailLeafCrlDpHttpError) { DISABLED_RevocationSoftFailLeafCrlDpHttpError) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
...@@ -4021,8 +4048,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest, ...@@ -4021,8 +4048,9 @@ TEST_P(CertVerifyProcInternalWithNetFetchingTest,
// CRL soft fail test where the leaf certificate has a good CRL, but // CRL soft fail test where the leaf certificate has a good CRL, but
// the intermediate's distribution point returns an http error. Verification // the intermediate's distribution point returns an http error. Verification
// should succeed. // should succeed.
// TODO(crbug/1163045): Re-enable. Disabled due to expired certificate.
TEST_P(CertVerifyProcInternalWithNetFetchingTest, TEST_P(CertVerifyProcInternalWithNetFetchingTest,
RevocationSoftFailIntermediateCrlDpHttpError) { DISABLED_RevocationSoftFailIntermediateCrlDpHttpError) {
if (!SupportsSoftFailRevChecking()) { if (!SupportsSoftFailRevChecking()) {
LOG(INFO) << "Skipping test as verifier doesn't support " LOG(INFO) << "Skipping test as verifier doesn't support "
"VERIFY_REV_CHECKING_ENABLED"; "VERIFY_REV_CHECKING_ENABLED";
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment