| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/v1_authenticator.h" |
| 6 |
| 7 #include "base/bind.h" |
| 5 #include "base/file_path.h" | 8 #include "base/file_path.h" |
| 6 #include "base/file_util.h" | 9 #include "base/file_util.h" |
| 10 #include "base/message_loop.h" |
| 7 #include "base/path_service.h" | 11 #include "base/path_service.h" |
| 8 #include "crypto/rsa_private_key.h" | 12 #include "crypto/rsa_private_key.h" |
| 9 #include "remoting/protocol/v1_authenticator.h" | 13 #include "net/base/net_errors.h" |
| 14 #include "remoting/protocol/authenticator.h" |
| 15 #include "remoting/protocol/channel_authenticator.h" |
| 16 #include "remoting/protocol/connection_tester.h" |
| 17 #include "remoting/protocol/fake_session.h" |
| 18 #include "remoting/protocol/v1_client_channel_authenticator.h" |
| 19 #include "remoting/protocol/v1_host_channel_authenticator.h" |
| 10 #include "testing/gmock/include/gmock/gmock.h" | 20 #include "testing/gmock/include/gmock/gmock.h" |
| 11 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
| 12 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | 22 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
| 13 | 23 |
| 24 using testing::_; |
| 25 using testing::DeleteArg; |
| 26 using testing::SaveArg; |
| 27 |
| 14 namespace remoting { | 28 namespace remoting { |
| 15 namespace protocol { | 29 namespace protocol { |
| 16 | 30 |
| 17 namespace { | 31 namespace { |
| 18 const char kHostJid[] = "host1@gmail.com/123"; | 32 |
| 33 const int kMessageSize = 100; |
| 34 const int kMessages = 1; |
| 35 |
| 19 const char kClientJid[] = "host2@gmail.com/321"; | 36 const char kClientJid[] = "host2@gmail.com/321"; |
| 20 | 37 |
| 21 const char kTestSharedSecret[] = "1234-1234-5678"; | 38 const char kTestSharedSecret[] = "1234-1234-5678"; |
| 22 const char kTestSharedSecretBad[] = "0000-0000-0001"; | 39 const char kTestSharedSecretBad[] = "0000-0000-0001"; |
| 40 |
| 41 class MockChannelDoneCallback { |
| 42 public: |
| 43 MOCK_METHOD2(OnDone, void(net::Error error, net::StreamSocket* socket)); |
| 44 }; |
| 45 |
| 23 } // namespace | 46 } // namespace |
| 24 | 47 |
| 25 class V1AuthenticatorTest : public testing::Test { | 48 class V1AuthenticatorTest : public testing::Test { |
| 26 public: | 49 public: |
| 27 V1AuthenticatorTest() { | 50 V1AuthenticatorTest() { |
| 28 } | 51 } |
| 29 virtual ~V1AuthenticatorTest() { | 52 virtual ~V1AuthenticatorTest() { |
| 30 } | 53 } |
| 31 | 54 |
| 32 protected: | 55 protected: |
| 33 void InitAuthenticators(const std::string& client_secret, | 56 virtual void SetUp() OVERRIDE { |
| 34 const std::string& host_secret) { | |
| 35 FilePath certs_dir; | 57 FilePath certs_dir; |
| 36 PathService::Get(base::DIR_SOURCE_ROOT, &certs_dir); | 58 PathService::Get(base::DIR_SOURCE_ROOT, &certs_dir); |
| 37 certs_dir = certs_dir.AppendASCII("net"); | 59 certs_dir = certs_dir.AppendASCII("net"); |
| 38 certs_dir = certs_dir.AppendASCII("data"); | 60 certs_dir = certs_dir.AppendASCII("data"); |
| 39 certs_dir = certs_dir.AppendASCII("ssl"); | 61 certs_dir = certs_dir.AppendASCII("ssl"); |
| 40 certs_dir = certs_dir.AppendASCII("certificates"); | 62 certs_dir = certs_dir.AppendASCII("certificates"); |
| 41 | 63 |
| 42 FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der"); | 64 FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der"); |
| 43 std::string cert_der; | 65 ASSERT_TRUE(file_util::ReadFileToString(cert_path, &host_cert_)); |
| 44 ASSERT_TRUE(file_util::ReadFileToString(cert_path, &cert_der)); | |
| 45 | 66 |
| 46 FilePath key_path = certs_dir.AppendASCII("unittest.key.bin"); | 67 FilePath key_path = certs_dir.AppendASCII("unittest.key.bin"); |
| 47 std::string key_string; | 68 std::string key_string; |
| 48 ASSERT_TRUE(file_util::ReadFileToString(key_path, &key_string)); | 69 ASSERT_TRUE(file_util::ReadFileToString(key_path, &key_string)); |
| 49 std::vector<uint8> key_vector( | 70 std::vector<uint8> key_vector( |
| 50 reinterpret_cast<const uint8*>(key_string.data()), | 71 reinterpret_cast<const uint8*>(key_string.data()), |
| 51 reinterpret_cast<const uint8*>(key_string.data() + | 72 reinterpret_cast<const uint8*>(key_string.data() + |
| 52 key_string.length())); | 73 key_string.length())); |
| 53 private_key_.reset( | 74 private_key_.reset( |
| 54 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); | 75 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); |
| 76 } |
| 55 | 77 |
| 78 void InitAuthenticators(const std::string& client_secret, |
| 79 const std::string& host_secret) { |
| 56 host_.reset(new V1HostAuthenticator( | 80 host_.reset(new V1HostAuthenticator( |
| 57 cert_der, private_key_.get(), host_secret, kClientJid)); | 81 host_cert_, private_key_.get(), host_secret, kClientJid)); |
| 58 client_.reset(new V1ClientAuthenticator(kClientJid, client_secret)); | 82 client_.reset(new V1ClientAuthenticator(kClientJid, client_secret)); |
| 59 } | 83 } |
| 60 | 84 |
| 61 void RunAuthExchange() { | 85 void RunAuthExchange() { |
| 62 do { | 86 do { |
| 63 scoped_ptr<buzz::XmlElement> message; | 87 scoped_ptr<buzz::XmlElement> message; |
| 64 | 88 |
| 65 // Pass message from client to host. | 89 // Pass message from client to host. |
| 66 ASSERT_EQ(Authenticator::MESSAGE_READY, client_->state()); | 90 ASSERT_EQ(Authenticator::MESSAGE_READY, client_->state()); |
| 67 message.reset(client_->GetNextMessage()); | 91 message.reset(client_->GetNextMessage()); |
| (...skipping 16 matching lines...) Expand all Loading... |
| 84 ASSERT_TRUE(message.get()); | 108 ASSERT_TRUE(message.get()); |
| 85 ASSERT_NE(Authenticator::MESSAGE_READY, host_->state()); | 109 ASSERT_NE(Authenticator::MESSAGE_READY, host_->state()); |
| 86 | 110 |
| 87 ASSERT_EQ(Authenticator::WAITING_MESSAGE, client_->state()); | 111 ASSERT_EQ(Authenticator::WAITING_MESSAGE, client_->state()); |
| 88 client_->ProcessMessage(message.get()); | 112 client_->ProcessMessage(message.get()); |
| 89 ASSERT_NE(Authenticator::WAITING_MESSAGE, client_->state()); | 113 ASSERT_NE(Authenticator::WAITING_MESSAGE, client_->state()); |
| 90 } while (host_->state() != Authenticator::ACCEPTED && | 114 } while (host_->state() != Authenticator::ACCEPTED && |
| 91 host_->state() != Authenticator::REJECTED); | 115 host_->state() != Authenticator::REJECTED); |
| 92 } | 116 } |
| 93 | 117 |
| 118 void RunChannelAuth(bool expected_fail) { |
| 119 client_fake_socket_.reset(new FakeSocket()); |
| 120 host_fake_socket_.reset(new FakeSocket()); |
| 121 client_fake_socket_->PairWith(host_fake_socket_.get()); |
| 122 |
| 123 client_auth_->SecureAndAuthenticate( |
| 124 client_fake_socket_.release(), |
| 125 base::Bind(&MockChannelDoneCallback::OnDone, |
| 126 base::Unretained(&client_callback_))); |
| 127 |
| 128 host_auth_->SecureAndAuthenticate( |
| 129 host_fake_socket_.release(), |
| 130 base::Bind(&MockChannelDoneCallback::OnDone, |
| 131 base::Unretained(&host_callback_))); |
| 132 |
| 133 net::StreamSocket* client_socket = NULL; |
| 134 net::StreamSocket* host_socket = NULL; |
| 135 |
| 136 EXPECT_CALL(client_callback_, OnDone(net::OK, _)) |
| 137 .WillOnce(SaveArg<1>(&client_socket)); |
| 138 if (expected_fail) { |
| 139 EXPECT_CALL(host_callback_, OnDone(net::ERR_FAILED, NULL)); |
| 140 } else { |
| 141 EXPECT_CALL(host_callback_, OnDone(net::OK, _)) |
| 142 .WillOnce(SaveArg<1>(&host_socket)); |
| 143 } |
| 144 |
| 145 message_loop_.RunAllPending(); |
| 146 |
| 147 client_socket_.reset(client_socket); |
| 148 host_socket_.reset(host_socket); |
| 149 } |
| 150 |
| 151 MessageLoop message_loop_; |
| 152 |
| 94 scoped_ptr<crypto::RSAPrivateKey> private_key_; | 153 scoped_ptr<crypto::RSAPrivateKey> private_key_; |
| 154 std::string host_cert_; |
| 95 scoped_ptr<V1HostAuthenticator> host_; | 155 scoped_ptr<V1HostAuthenticator> host_; |
| 96 scoped_ptr<V1ClientAuthenticator> client_; | 156 scoped_ptr<V1ClientAuthenticator> client_; |
| 157 scoped_ptr<FakeSocket> client_fake_socket_; |
| 158 scoped_ptr<FakeSocket> host_fake_socket_; |
| 159 scoped_ptr<ChannelAuthenticator> client_auth_; |
| 160 scoped_ptr<ChannelAuthenticator> host_auth_; |
| 161 MockChannelDoneCallback client_callback_; |
| 162 MockChannelDoneCallback host_callback_; |
| 163 scoped_ptr<net::StreamSocket> client_socket_; |
| 164 scoped_ptr<net::StreamSocket> host_socket_; |
| 97 | 165 |
| 98 DISALLOW_COPY_AND_ASSIGN(V1AuthenticatorTest); | 166 DISALLOW_COPY_AND_ASSIGN(V1AuthenticatorTest); |
| 99 }; | 167 }; |
| 100 | 168 |
| 101 TEST_F(V1AuthenticatorTest, SuccessfulAuth) { | 169 TEST_F(V1AuthenticatorTest, SuccessfulAuth) { |
| 102 { | 170 { |
| 103 SCOPED_TRACE("RunAuthExchange"); | 171 SCOPED_TRACE("RunAuthExchange"); |
| 104 InitAuthenticators(kTestSharedSecret, kTestSharedSecret); | 172 InitAuthenticators(kTestSharedSecret, kTestSharedSecret); |
| 105 RunAuthExchange(); | 173 RunAuthExchange(); |
| 106 } | 174 } |
| 107 ASSERT_EQ(Authenticator::ACCEPTED, host_->state()); | 175 ASSERT_EQ(Authenticator::ACCEPTED, host_->state()); |
| 108 ASSERT_EQ(Authenticator::ACCEPTED, client_->state()); | 176 ASSERT_EQ(Authenticator::ACCEPTED, client_->state()); |
| 177 |
| 178 client_auth_.reset(client_->CreateChannelAuthenticator()); |
| 179 host_auth_.reset(host_->CreateChannelAuthenticator()); |
| 180 RunChannelAuth(false); |
| 181 |
| 182 EXPECT_TRUE(client_socket_.get() != NULL); |
| 183 EXPECT_TRUE(host_socket_.get() != NULL); |
| 184 |
| 185 StreamConnectionTester tester(host_socket_.get(), client_socket_.get(), |
| 186 kMessageSize, kMessages); |
| 187 |
| 188 tester.Start(); |
| 189 message_loop_.Run(); |
| 190 tester.CheckResults(); |
| 109 } | 191 } |
| 110 | 192 |
| 193 // Verify that connection is rejected when secrets don't match. |
| 111 TEST_F(V1AuthenticatorTest, InvalidSecret) { | 194 TEST_F(V1AuthenticatorTest, InvalidSecret) { |
| 112 { | 195 { |
| 113 SCOPED_TRACE("RunAuthExchange"); | 196 SCOPED_TRACE("RunAuthExchange"); |
| 114 InitAuthenticators(kTestSharedSecretBad, kTestSharedSecret); | 197 InitAuthenticators(kTestSharedSecretBad, kTestSharedSecret); |
| 115 RunAuthExchange(); | 198 RunAuthExchange(); |
| 116 } | 199 } |
| 117 ASSERT_EQ(Authenticator::REJECTED, host_->state()); | 200 ASSERT_EQ(Authenticator::REJECTED, host_->state()); |
| 118 } | 201 } |
| 119 | 202 |
| 203 // Verify that channels cannot be using invalid shared secret. |
| 204 TEST_F(V1AuthenticatorTest, InvalidChannelSecret) { |
| 205 client_auth_.reset(new V1ClientChannelAuthenticator( |
| 206 host_cert_, kTestSharedSecretBad)); |
| 207 host_auth_.reset(new V1HostChannelAuthenticator( |
| 208 host_cert_, private_key_.get(),kTestSharedSecret)); |
| 209 |
| 210 RunChannelAuth(true); |
| 211 |
| 212 EXPECT_TRUE(host_socket_.get() == NULL); |
| 213 } |
| 214 |
| 120 } // namespace protocol | 215 } // namespace protocol |
| 121 } // namespace remoting | 216 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8743023:
Separate Authenticator and Session unittests. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src