OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/spdy/spdy_http_stream.h" | 5 #include "net/spdy/spdy_http_stream.h" |
6 | 6 |
7 #include "crypto/ec_private_key.h" | 7 #include "crypto/ec_private_key.h" |
8 #include "crypto/ec_signature_creator.h" | 8 #include "crypto/ec_signature_creator.h" |
9 #include "crypto/signature_creator.h" | 9 #include "crypto/signature_creator.h" |
10 #include "net/base/asn1_util.h" | 10 #include "net/base/asn1_util.h" |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
56 transport_params_, | 56 transport_params_, |
57 MEDIUM, | 57 MEDIUM, |
58 callback.callback(), | 58 callback.callback(), |
59 http_session_->GetTransportSocketPool(), | 59 http_session_->GetTransportSocketPool(), |
60 BoundNetLog())); | 60 BoundNetLog())); |
61 EXPECT_EQ(OK, callback.WaitForResult()); | 61 EXPECT_EQ(OK, callback.WaitForResult()); |
62 return session_->InitializeWithSocket(connection.release(), false, OK); | 62 return session_->InitializeWithSocket(connection.release(), false, OK); |
63 } | 63 } |
64 | 64 |
65 void TestSendCredentials( | 65 void TestSendCredentials( |
66 OriginBoundCertService* obc_service, | 66 ServerBoundCertService* sbc_service, |
wtc
2012/03/15 23:46:38
Let's rename sbc_service to server_bound_cert_serv
mattm
2012/03/16 22:22:00
Done.
| |
67 const std::string& cert, | 67 const std::string& cert, |
68 const std::string& proof, | 68 const std::string& proof, |
69 SSLClientCertType type); | 69 SSLClientCertType type); |
70 | 70 |
71 SpdySessionDependencies session_deps_; | 71 SpdySessionDependencies session_deps_; |
72 scoped_ptr<OrderedSocketData> data_; | 72 scoped_ptr<OrderedSocketData> data_; |
73 scoped_refptr<HttpNetworkSession> http_session_; | 73 scoped_refptr<HttpNetworkSession> http_session_; |
74 scoped_refptr<SpdySession> session_; | 74 scoped_refptr<SpdySession> session_; |
75 scoped_refptr<TransportSocketParams> transport_params_; | 75 scoped_refptr<TransportSocketParams> transport_params_; |
76 }; | 76 }; |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
240 | 240 |
241 // Because we abandoned the stream, we don't expect to find a session in the | 241 // Because we abandoned the stream, we don't expect to find a session in the |
242 // pool anymore. | 242 // pool anymore. |
243 EXPECT_FALSE(http_session_->spdy_session_pool()->HasSession(pair)); | 243 EXPECT_FALSE(http_session_->spdy_session_pool()->HasSession(pair)); |
244 EXPECT_TRUE(data()->at_read_eof()); | 244 EXPECT_TRUE(data()->at_read_eof()); |
245 EXPECT_TRUE(data()->at_write_eof()); | 245 EXPECT_TRUE(data()->at_write_eof()); |
246 } | 246 } |
247 | 247 |
248 namespace { | 248 namespace { |
249 | 249 |
250 void GetECOriginBoundCertAndProof(const std::string& origin, | 250 void GetECServerBoundCertAndProof(const std::string& origin, |
251 OriginBoundCertService* obc_service, | 251 ServerBoundCertService* sbc_service, |
252 std::string* cert, | 252 std::string* cert, |
253 std::string* proof) { | 253 std::string* proof) { |
254 TestCompletionCallback callback; | 254 TestCompletionCallback callback; |
255 std::vector<uint8> requested_cert_types; | 255 std::vector<uint8> requested_cert_types; |
256 requested_cert_types.push_back(CLIENT_CERT_ECDSA_SIGN); | 256 requested_cert_types.push_back(CLIENT_CERT_ECDSA_SIGN); |
257 SSLClientCertType cert_type; | 257 SSLClientCertType cert_type; |
258 std::string key; | 258 std::string key; |
259 OriginBoundCertService::RequestHandle request_handle; | 259 ServerBoundCertService::RequestHandle request_handle; |
260 int rv = obc_service->GetOriginBoundCert(origin, requested_cert_types, | 260 int rv = sbc_service->GetDomainBoundCert(origin, requested_cert_types, |
261 &cert_type, &key, cert, | 261 &cert_type, &key, cert, |
262 callback.callback(), | 262 callback.callback(), |
263 &request_handle); | 263 &request_handle); |
264 EXPECT_EQ(ERR_IO_PENDING, rv); | 264 EXPECT_EQ(ERR_IO_PENDING, rv); |
265 EXPECT_EQ(OK, callback.WaitForResult()); | 265 EXPECT_EQ(OK, callback.WaitForResult()); |
266 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, cert_type); | 266 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, cert_type); |
267 | 267 |
268 unsigned char secret[32]; | 268 unsigned char secret[32]; |
269 memset(secret, 'A', arraysize(secret)); | 269 memset(secret, 'A', arraysize(secret)); |
270 | 270 |
271 // Convert the key string into a vector<unit8> | 271 // Convert the key string into a vector<unit8> |
272 std::vector<uint8> key_data(key.begin(), key.end()); | 272 std::vector<uint8> key_data(key.begin(), key.end()); |
273 | 273 |
274 base::StringPiece spki_piece; | 274 base::StringPiece spki_piece; |
275 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(*cert, &spki_piece)); | 275 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(*cert, &spki_piece)); |
276 std::vector<uint8> spki(spki_piece.data(), | 276 std::vector<uint8> spki(spki_piece.data(), |
277 spki_piece.data() + spki_piece.size()); | 277 spki_piece.data() + spki_piece.size()); |
278 | 278 |
279 std::vector<uint8> proof_data; | 279 std::vector<uint8> proof_data; |
280 scoped_ptr<crypto::ECPrivateKey> private_key( | 280 scoped_ptr<crypto::ECPrivateKey> private_key( |
281 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 281 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
282 OriginBoundCertService::kEPKIPassword, key_data, spki)); | 282 ServerBoundCertService::kEPKIPassword, key_data, spki)); |
283 scoped_ptr<crypto::ECSignatureCreator> creator( | 283 scoped_ptr<crypto::ECSignatureCreator> creator( |
284 crypto::ECSignatureCreator::Create(private_key.get())); | 284 crypto::ECSignatureCreator::Create(private_key.get())); |
285 creator->Sign(secret, arraysize(secret), &proof_data); | 285 creator->Sign(secret, arraysize(secret), &proof_data); |
286 proof->assign(proof_data.begin(), proof_data.end()); | 286 proof->assign(proof_data.begin(), proof_data.end()); |
287 } | 287 } |
288 | 288 |
289 } // namespace | 289 } // namespace |
290 | 290 |
291 // TODO(rch): When openssl supports origin bound certifictes, this | 291 // TODO(rch): When openssl supports server bound certifictes, this |
292 // guard can be removed | 292 // guard can be removed |
293 #if !defined(USE_OPENSSL) | 293 #if !defined(USE_OPENSSL) |
294 // Test that if we request a resource for a new origin on a session that | 294 // Test that if we request a resource for a new domain on a session that |
295 // used origin bound certificates, that we send a CREDENTIAL frame for | 295 // used domain bound certificates, that we send a CREDENTIAL frame for |
296 // the new origin before we send the new request. | 296 // the new domain before we send the new request. |
297 void SpdyHttpStreamSpdy2Test::TestSendCredentials( | 297 void SpdyHttpStreamSpdy2Test::TestSendCredentials( |
298 OriginBoundCertService* obc_service, | 298 ServerBoundCertService* sbc_service, |
299 const std::string& cert, | 299 const std::string& cert, |
300 const std::string& proof, | 300 const std::string& proof, |
301 SSLClientCertType type) { | 301 SSLClientCertType type) { |
302 EnableCompression(false); | 302 EnableCompression(false); |
303 | 303 |
304 spdy::SpdyCredential cred; | 304 spdy::SpdyCredential cred; |
305 cred.slot = 1; | 305 cred.slot = 1; |
306 cred.proof = proof; | 306 cred.proof = proof; |
307 cred.certs.push_back(cert); | 307 cred.certs.push_back(cert); |
308 | 308 |
(...skipping 18 matching lines...) Expand all Loading... | |
327 HostPortPair host_port_pair("www.google.com", 80); | 327 HostPortPair host_port_pair("www.google.com", 80); |
328 HostPortProxyPair pair(host_port_pair, ProxyServer::Direct()); | 328 HostPortProxyPair pair(host_port_pair, ProxyServer::Direct()); |
329 | 329 |
330 DeterministicMockClientSocketFactory* socket_factory = | 330 DeterministicMockClientSocketFactory* socket_factory = |
331 session_deps_.deterministic_socket_factory.get(); | 331 session_deps_.deterministic_socket_factory.get(); |
332 scoped_refptr<DeterministicSocketData> data( | 332 scoped_refptr<DeterministicSocketData> data( |
333 new DeterministicSocketData(reads, arraysize(reads), | 333 new DeterministicSocketData(reads, arraysize(reads), |
334 writes, arraysize(writes))); | 334 writes, arraysize(writes))); |
335 socket_factory->AddSocketDataProvider(data.get()); | 335 socket_factory->AddSocketDataProvider(data.get()); |
336 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); | 336 SSLSocketDataProvider ssl(SYNCHRONOUS, OK); |
337 ssl.origin_bound_cert_type = type; | 337 ssl.domain_bound_cert_type = type; |
338 ssl.origin_bound_cert_service = obc_service; | 338 ssl.server_bound_cert_service = sbc_service; |
339 ssl.protocol_negotiated = SSLClientSocket::kProtoSPDY3; | 339 ssl.protocol_negotiated = SSLClientSocket::kProtoSPDY3; |
340 socket_factory->AddSSLSocketDataProvider(&ssl); | 340 socket_factory->AddSSLSocketDataProvider(&ssl); |
341 http_session_ = SpdySessionDependencies::SpdyCreateSessionDeterministic( | 341 http_session_ = SpdySessionDependencies::SpdyCreateSessionDeterministic( |
342 &session_deps_); | 342 &session_deps_); |
343 session_ = http_session_->spdy_session_pool()->Get(pair, BoundNetLog()); | 343 session_ = http_session_->spdy_session_pool()->Get(pair, BoundNetLog()); |
344 transport_params_ = new TransportSocketParams(host_port_pair, | 344 transport_params_ = new TransportSocketParams(host_port_pair, |
345 MEDIUM, false, false); | 345 MEDIUM, false, false); |
346 TestCompletionCallback callback; | 346 TestCompletionCallback callback; |
347 scoped_ptr<ClientSocketHandle> connection(new ClientSocketHandle); | 347 scoped_ptr<ClientSocketHandle> connection(new ClientSocketHandle); |
348 SSLConfig ssl_config; | 348 SSLConfig ssl_config; |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
451 private: | 451 private: |
452 DISALLOW_COPY_AND_ASSIGN(MockECSignatureCreatorFactory); | 452 DISALLOW_COPY_AND_ASSIGN(MockECSignatureCreatorFactory); |
453 }; | 453 }; |
454 | 454 |
455 #endif // !defined(USE_OPENSSL) | 455 #endif // !defined(USE_OPENSSL) |
456 | 456 |
457 // TODO(willchan): Write a longer test for SpdyStream that exercises all | 457 // TODO(willchan): Write a longer test for SpdyStream that exercises all |
458 // methods. | 458 // methods. |
459 | 459 |
460 } // namespace net | 460 } // namespace net |
OLD | NEW |