Chromium Code Reviews Chromium Code Reviews
Issue 1076063002:
Remove certificates from Channel ID (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/channel_id_service.h" | 5 #include "net/ssl/channel_id_service.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
| 13 #include "base/message_loop/message_loop_proxy.h" | 13 #include "base/message_loop/message_loop_proxy.h" |
| 14 #include "base/strings/string_number_conversions.h" | |
| 14 #include "base/task_runner.h" | 15 #include "base/task_runner.h" |
| 15 #include "crypto/ec_private_key.h" | 16 #include "crypto/ec_private_key.h" |
| 16 #include "net/base/net_errors.h" | 17 #include "net/base/net_errors.h" |
| 17 #include "net/base/test_completion_callback.h" | 18 #include "net/base/test_completion_callback.h" |
| 18 #include "net/cert/asn1_util.h" | 19 #include "net/cert/asn1_util.h" |
| 19 #include "net/cert/x509_certificate.h" | 20 #include "net/cert/x509_certificate.h" |
| 20 #include "net/ssl/default_channel_id_store.h" | 21 #include "net/ssl/default_channel_id_store.h" |
| 21 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
| 22 | 23 |
| 23 namespace net { | 24 namespace net { |
| (...skipping 26 matching lines...) Expand all Loading... | |
| 50 DISALLOW_COPY_AND_ASSIGN(FailingTaskRunner); | 51 DISALLOW_COPY_AND_ASSIGN(FailingTaskRunner); |
| 51 }; | 52 }; |
| 52 | 53 |
| 53 class MockChannelIDStoreWithAsyncGet | 54 class MockChannelIDStoreWithAsyncGet |
| 54 : public DefaultChannelIDStore { | 55 : public DefaultChannelIDStore { |
| 55 public: | 56 public: |
| 56 MockChannelIDStoreWithAsyncGet() | 57 MockChannelIDStoreWithAsyncGet() |
| 57 : DefaultChannelIDStore(NULL), channel_id_count_(0) {} | 58 : DefaultChannelIDStore(NULL), channel_id_count_(0) {} |
| 58 | 59 |
| 59 int GetChannelID(const std::string& server_identifier, | 60 int GetChannelID(const std::string& server_identifier, |
| 60 base::Time* expiration_time, | |
| 61 std::string* private_key_result, | 61 std::string* private_key_result, |
| 62 std::string* cert_result, | 62 std::string* public_key_result, |
| 63 const GetChannelIDCallback& callback) override; | 63 const GetChannelIDCallback& callback) override; |
| 64 | 64 |
| 65 void SetChannelID(const std::string& server_identifier, | 65 void SetChannelID(const std::string& server_identifier, |
| 66 base::Time creation_time, | 66 base::Time creation_time, |
| 67 base::Time expiration_time, | |
| 68 const std::string& private_key, | 67 const std::string& private_key, |
| 69 const std::string& cert) override { | 68 const std::string& public_key) override { |
| 70 channel_id_count_ = 1; | 69 channel_id_count_ = 1; |
| 71 } | 70 } |
| 72 | 71 |
| 73 int GetChannelIDCount() override { return channel_id_count_; } | 72 int GetChannelIDCount() override { return channel_id_count_; } |
| 74 | 73 |
| 75 void CallGetChannelIDCallbackWithResult(int err, | 74 void CallGetChannelIDCallbackWithResult(int err, |
| 76 base::Time expiration_time, | |
| 77 const std::string& private_key, | 75 const std::string& private_key, |
| 78 const std::string& cert); | 76 const std::string& public_key); |
| 79 | 77 |
| 80 private: | 78 private: |
| 81 GetChannelIDCallback callback_; | 79 GetChannelIDCallback callback_; |
| 82 std::string server_identifier_; | 80 std::string server_identifier_; |
| 83 int channel_id_count_; | 81 int channel_id_count_; |
| 84 }; | 82 }; |
| 85 | 83 |
| 86 int MockChannelIDStoreWithAsyncGet::GetChannelID( | 84 int MockChannelIDStoreWithAsyncGet::GetChannelID( |
| 87 const std::string& server_identifier, | 85 const std::string& server_identifier, |
| 88 base::Time* expiration_time, | |
| 89 std::string* private_key_result, | 86 std::string* private_key_result, |
| 90 std::string* cert_result, | 87 std::string* cert_result, |
| 91 const GetChannelIDCallback& callback) { | 88 const GetChannelIDCallback& callback) { |
| 92 server_identifier_ = server_identifier; | 89 server_identifier_ = server_identifier; |
| 93 callback_ = callback; | 90 callback_ = callback; |
| 94 // Reset the cert count, it'll get incremented in either SetChannelID or | 91 // Reset the cert count, it'll get incremented in either SetChannelID or |
| 95 // CallGetChannelIDCallbackWithResult. | 92 // CallGetChannelIDCallbackWithResult. |
| 96 channel_id_count_ = 0; | 93 channel_id_count_ = 0; |
| 97 // Do nothing else: the results to be provided will be specified through | 94 // Do nothing else: the results to be provided will be specified through |
| 98 // CallGetChannelIDCallbackWithResult. | 95 // CallGetChannelIDCallbackWithResult. |
| 99 return ERR_IO_PENDING; | 96 return ERR_IO_PENDING; |
| 100 } | 97 } |
| 101 | 98 |
| 102 void | 99 void MockChannelIDStoreWithAsyncGet::CallGetChannelIDCallbackWithResult( |
| 103 MockChannelIDStoreWithAsyncGet::CallGetChannelIDCallbackWithResult( | |
| 104 int err, | 100 int err, |
| 105 base::Time expiration_time, | |
| 106 const std::string& private_key, | 101 const std::string& private_key, |
| 107 const std::string& cert) { | 102 const std::string& public_key) { |
| 108 if (err == OK) | 103 if (err == OK) |
| 109 channel_id_count_ = 1; | 104 channel_id_count_ = 1; |
| 110 base::MessageLoop::current()->PostTask(FROM_HERE, | 105 base::MessageLoop::current()->PostTask( |
| 111 base::Bind(callback_, | 106 FROM_HERE, |
| 112 err, | 107 base::Bind(callback_, err, server_identifier_, private_key, public_key)); |
| 113 server_identifier_, | |
| 114 expiration_time, | |
| 115 private_key, | |
| 116 cert)); | |
| 117 } | 108 } |
| 118 | 109 |
| 119 class ChannelIDServiceTest : public testing::Test { | 110 class ChannelIDServiceTest : public testing::Test { |
| 120 public: | 111 public: |
| 121 ChannelIDServiceTest() | 112 ChannelIDServiceTest() |
| 122 : service_(new ChannelIDService( | 113 : service_(new ChannelIDService( |
| 123 new DefaultChannelIDStore(NULL), | 114 new DefaultChannelIDStore(NULL), |
| 124 base::MessageLoopProxy::current())) { | 115 base::MessageLoopProxy::current())) { |
| 125 } | 116 } |
| 126 | 117 |
| 127 protected: | 118 protected: |
| 128 scoped_ptr<ChannelIDService> service_; | 119 scoped_ptr<ChannelIDService> service_; |
| 129 }; | 120 }; |
| 130 | 121 |
| 122 void ExpectKeysEqual(scoped_ptr<crypto::ECPrivateKey>& key1, | |
| 123 scoped_ptr<crypto::ECPrivateKey>& key2) { | |
| 124 EXPECT_FALSE(key1.get() == nullptr || key2.get() == nullptr); | |
|
mattm
2015/04/10 01:00:27
I think it's easier to read (and provides better d
nharper
2015/04/25 02:59:19
Done.
| |
| 125 std::string public_key1, public_key2; | |
| 126 ASSERT_TRUE(key1->ExportRawPublicKey(&public_key1) && | |
|
mattm
2015/04/10 01:00:27
use EXPECT here
nharper
2015/04/25 02:59:19
Done.
| |
| 127 key2->ExportRawPublicKey(&public_key2)); | |
|
mattm
2015/04/10 01:00:28
split into separate expects
nharper
2015/04/25 02:59:18
Done.
mattm
2015/04/27 20:55:53
still should be split
| |
| 128 EXPECT_EQ(public_key1, public_key2); | |
| 129 } | |
| 130 | |
| 131 TEST_F(ChannelIDServiceTest, GetDomainForHost) { | 131 TEST_F(ChannelIDServiceTest, GetDomainForHost) { |
| 132 EXPECT_EQ("google.com", | 132 EXPECT_EQ("google.com", |
| 133 ChannelIDService::GetDomainForHost("google.com")); | 133 ChannelIDService::GetDomainForHost("google.com")); |
| 134 EXPECT_EQ("google.com", | 134 EXPECT_EQ("google.com", |
| 135 ChannelIDService::GetDomainForHost("www.google.com")); | 135 ChannelIDService::GetDomainForHost("www.google.com")); |
| 136 EXPECT_EQ("foo.appspot.com", | 136 EXPECT_EQ("foo.appspot.com", |
| 137 ChannelIDService::GetDomainForHost("foo.appspot.com")); | 137 ChannelIDService::GetDomainForHost("foo.appspot.com")); |
| 138 EXPECT_EQ("bar.appspot.com", | 138 EXPECT_EQ("bar.appspot.com", |
| 139 ChannelIDService::GetDomainForHost("foo.bar.appspot.com")); | 139 ChannelIDService::GetDomainForHost("foo.bar.appspot.com")); |
| 140 EXPECT_EQ("appspot.com", | 140 EXPECT_EQ("appspot.com", |
| 141 ChannelIDService::GetDomainForHost("appspot.com")); | 141 ChannelIDService::GetDomainForHost("appspot.com")); |
| 142 EXPECT_EQ("google.com", | 142 EXPECT_EQ("google.com", |
| 143 ChannelIDService::GetDomainForHost("www.mail.google.com")); | 143 ChannelIDService::GetDomainForHost("www.mail.google.com")); |
| 144 EXPECT_EQ("goto", | 144 EXPECT_EQ("goto", |
| 145 ChannelIDService::GetDomainForHost("goto")); | 145 ChannelIDService::GetDomainForHost("goto")); |
| 146 EXPECT_EQ("127.0.0.1", | 146 EXPECT_EQ("127.0.0.1", |
| 147 ChannelIDService::GetDomainForHost("127.0.0.1")); | 147 ChannelIDService::GetDomainForHost("127.0.0.1")); |
| 148 } | 148 } |
| 149 | 149 |
| 150 TEST_F(ChannelIDServiceTest, GetCacheMiss) { | 150 TEST_F(ChannelIDServiceTest, GetCacheMiss) { |
| 151 std::string host("encrypted.google.com"); | 151 std::string host("encrypted.google.com"); |
| 152 | 152 |
| 153 int error; | 153 int error; |
| 154 TestCompletionCallback callback; | 154 TestCompletionCallback callback; |
| 155 ChannelIDService::RequestHandle request_handle; | 155 ChannelIDService::RequestHandle request_handle; |
| 156 | 156 |
| 157 // Synchronous completion, because the store is initialized. | 157 // Synchronous completion, because the store is initialized. |
| 158 std::string private_key, der_cert; | 158 scoped_ptr<crypto::ECPrivateKey> key; |
| 159 EXPECT_EQ(0, service_->cert_count()); | 159 EXPECT_EQ(0, service_->cert_count()); |
| 160 error = service_->GetChannelID( | 160 error = |
| 161 host, &private_key, &der_cert, callback.callback(), &request_handle); | 161 service_->GetChannelID(host, &key, callback.callback(), &request_handle); |
| 162 EXPECT_EQ(ERR_FILE_NOT_FOUND, error); | 162 EXPECT_EQ(ERR_FILE_NOT_FOUND, error); |
| 163 EXPECT_FALSE(request_handle.is_active()); | 163 EXPECT_FALSE(request_handle.is_active()); |
| 164 EXPECT_EQ(0, service_->cert_count()); | 164 EXPECT_EQ(0, service_->cert_count()); |
| 165 EXPECT_TRUE(der_cert.empty()); | 165 EXPECT_EQ(nullptr, key.get()); |
| 166 } | 166 } |
| 167 | 167 |
| 168 TEST_F(ChannelIDServiceTest, CacheHit) { | 168 TEST_F(ChannelIDServiceTest, CacheHit) { |
| 169 std::string host("encrypted.google.com"); | 169 std::string host("encrypted.google.com"); |
| 170 | 170 |
| 171 int error; | 171 int error; |
| 172 TestCompletionCallback callback; | 172 TestCompletionCallback callback; |
| 173 ChannelIDService::RequestHandle request_handle; | 173 ChannelIDService::RequestHandle request_handle; |
| 174 | 174 |
| 175 // Asynchronous completion. | 175 // Asynchronous completion. |
| 176 std::string private_key_info1, der_cert1; | 176 scoped_ptr<crypto::ECPrivateKey> key1; |
| 177 EXPECT_EQ(0, service_->cert_count()); | 177 EXPECT_EQ(0, service_->cert_count()); |
| 178 error = service_->GetOrCreateChannelID( | 178 error = service_->GetOrCreateChannelID(host, &key1, callback.callback(), |
| 179 host, &private_key_info1, &der_cert1, | 179 &request_handle); |
| 180 callback.callback(), &request_handle); | |
| 181 EXPECT_EQ(ERR_IO_PENDING, error); | 180 EXPECT_EQ(ERR_IO_PENDING, error); |
| 182 EXPECT_TRUE(request_handle.is_active()); | 181 EXPECT_TRUE(request_handle.is_active()); |
| 183 error = callback.WaitForResult(); | 182 error = callback.WaitForResult(); |
| 184 EXPECT_EQ(OK, error); | 183 EXPECT_EQ(OK, error); |
| 185 EXPECT_EQ(1, service_->cert_count()); | 184 EXPECT_EQ(1, service_->cert_count()); |
| 186 EXPECT_FALSE(private_key_info1.empty()); | 185 EXPECT_NE(nullptr, key1.get()); |
| 187 EXPECT_FALSE(der_cert1.empty()); | |
| 188 EXPECT_FALSE(request_handle.is_active()); | 186 EXPECT_FALSE(request_handle.is_active()); |
| 189 | 187 |
| 190 // Synchronous completion. | 188 // Synchronous completion. |
| 191 std::string private_key_info2, der_cert2; | 189 scoped_ptr<crypto::ECPrivateKey> key2; |
| 192 error = service_->GetOrCreateChannelID( | 190 error = service_->GetOrCreateChannelID(host, &key2, callback.callback(), |
| 193 host, &private_key_info2, &der_cert2, | 191 &request_handle); |
| 194 callback.callback(), &request_handle); | |
| 195 EXPECT_FALSE(request_handle.is_active()); | 192 EXPECT_FALSE(request_handle.is_active()); |
| 196 EXPECT_EQ(OK, error); | 193 EXPECT_EQ(OK, error); |
| 197 EXPECT_EQ(1, service_->cert_count()); | 194 EXPECT_EQ(1, service_->cert_count()); |
| 198 EXPECT_EQ(private_key_info1, private_key_info2); | 195 ExpectKeysEqual(key1, key2); |
| 199 EXPECT_EQ(der_cert1, der_cert2); | |
| 200 | 196 |
| 201 // Synchronous get. | 197 // Synchronous get. |
| 202 std::string private_key_info3, der_cert3; | 198 scoped_ptr<crypto::ECPrivateKey> key3; |
| 203 error = service_->GetChannelID( | 199 error = |
| 204 host, &private_key_info3, &der_cert3, callback.callback(), | 200 service_->GetChannelID(host, &key3, callback.callback(), &request_handle); |
| 205 &request_handle); | |
| 206 EXPECT_FALSE(request_handle.is_active()); | 201 EXPECT_FALSE(request_handle.is_active()); |
| 207 EXPECT_EQ(OK, error); | 202 EXPECT_EQ(OK, error); |
| 208 EXPECT_EQ(1, service_->cert_count()); | 203 EXPECT_EQ(1, service_->cert_count()); |
| 209 EXPECT_EQ(der_cert1, der_cert3); | 204 ExpectKeysEqual(key1, key3); |
| 210 EXPECT_EQ(private_key_info1, private_key_info3); | |
| 211 | 205 |
| 212 EXPECT_EQ(3u, service_->requests()); | 206 EXPECT_EQ(3u, service_->requests()); |
| 213 EXPECT_EQ(2u, service_->cert_store_hits()); | 207 EXPECT_EQ(2u, service_->key_store_hits()); |
| 214 EXPECT_EQ(0u, service_->inflight_joins()); | 208 EXPECT_EQ(0u, service_->inflight_joins()); |
| 215 } | 209 } |
| 216 | 210 |
| 217 TEST_F(ChannelIDServiceTest, StoreChannelIDs) { | 211 TEST_F(ChannelIDServiceTest, StoreChannelIDs) { |
| 218 int error; | 212 int error; |
| 219 TestCompletionCallback callback; | 213 TestCompletionCallback callback; |
| 220 ChannelIDService::RequestHandle request_handle; | 214 ChannelIDService::RequestHandle request_handle; |
| 221 | 215 |
| 222 std::string host1("encrypted.google.com"); | 216 std::string host1("encrypted.google.com"); |
| 223 std::string private_key_info1, der_cert1; | 217 scoped_ptr<crypto::ECPrivateKey> key1; |
| 224 EXPECT_EQ(0, service_->cert_count()); | 218 EXPECT_EQ(0, service_->cert_count()); |
| 225 error = service_->GetOrCreateChannelID( | 219 error = service_->GetOrCreateChannelID(host1, &key1, callback.callback(), |
| 226 host1, &private_key_info1, &der_cert1, | 220 &request_handle); |
| 227 callback.callback(), &request_handle); | |
| 228 EXPECT_EQ(ERR_IO_PENDING, error); | 221 EXPECT_EQ(ERR_IO_PENDING, error); |
| 229 EXPECT_TRUE(request_handle.is_active()); | 222 EXPECT_TRUE(request_handle.is_active()); |
| 230 error = callback.WaitForResult(); | 223 error = callback.WaitForResult(); |
| 231 EXPECT_EQ(OK, error); | 224 EXPECT_EQ(OK, error); |
| 232 EXPECT_EQ(1, service_->cert_count()); | 225 EXPECT_EQ(1, service_->cert_count()); |
| 233 | 226 |
| 234 std::string host2("www.verisign.com"); | 227 std::string host2("www.verisign.com"); |
| 235 std::string private_key_info2, der_cert2; | 228 scoped_ptr<crypto::ECPrivateKey> key2; |
| 236 error = service_->GetOrCreateChannelID( | 229 error = service_->GetOrCreateChannelID(host2, &key2, callback.callback(), |
| 237 host2, &private_key_info2, &der_cert2, | 230 &request_handle); |
| 238 callback.callback(), &request_handle); | |
| 239 EXPECT_EQ(ERR_IO_PENDING, error); | 231 EXPECT_EQ(ERR_IO_PENDING, error); |
| 240 EXPECT_TRUE(request_handle.is_active()); | 232 EXPECT_TRUE(request_handle.is_active()); |
| 241 error = callback.WaitForResult(); | 233 error = callback.WaitForResult(); |
| 242 EXPECT_EQ(OK, error); | 234 EXPECT_EQ(OK, error); |
| 243 EXPECT_EQ(2, service_->cert_count()); | 235 EXPECT_EQ(2, service_->cert_count()); |
| 244 | 236 |
| 245 std::string host3("www.twitter.com"); | 237 std::string host3("www.twitter.com"); |
| 246 std::string private_key_info3, der_cert3; | 238 scoped_ptr<crypto::ECPrivateKey> key3; |
| 247 error = service_->GetOrCreateChannelID( | 239 error = service_->GetOrCreateChannelID(host3, &key3, callback.callback(), |
| 248 host3, &private_key_info3, &der_cert3, | 240 &request_handle); |
| 249 callback.callback(), &request_handle); | |
| 250 EXPECT_EQ(ERR_IO_PENDING, error); | 241 EXPECT_EQ(ERR_IO_PENDING, error); |
| 251 EXPECT_TRUE(request_handle.is_active()); | 242 EXPECT_TRUE(request_handle.is_active()); |
| 252 error = callback.WaitForResult(); | 243 error = callback.WaitForResult(); |
| 253 EXPECT_EQ(OK, error); | 244 EXPECT_EQ(OK, error); |
| 254 EXPECT_EQ(3, service_->cert_count()); | 245 EXPECT_EQ(3, service_->cert_count()); |
| 255 | 246 |
| 256 EXPECT_NE(private_key_info1, private_key_info2); | 247 EXPECT_NE(key1.get(), key2.get()); |
| 257 EXPECT_NE(der_cert1, der_cert2); | 248 EXPECT_NE(key1.get(), key3.get()); |
| 258 EXPECT_NE(private_key_info1, private_key_info3); | 249 EXPECT_NE(key2.get(), key3.get()); |
|
mattm
2015/04/10 01:00:27
actually want ExpectKeysNotEqual functions, since
nharper
2015/04/25 02:59:18
Done.
mattm
2015/04/27 20:55:53
not done?
| |
| 259 EXPECT_NE(der_cert1, der_cert3); | |
| 260 EXPECT_NE(private_key_info2, private_key_info3); | |
| 261 EXPECT_NE(der_cert2, der_cert3); | |
| 262 } | 250 } |
| 263 | 251 |
| 264 // Tests an inflight join. | 252 // Tests an inflight join. |
| 265 TEST_F(ChannelIDServiceTest, InflightJoin) { | 253 TEST_F(ChannelIDServiceTest, InflightJoin) { |
| 266 std::string host("encrypted.google.com"); | 254 std::string host("encrypted.google.com"); |
| 267 int error; | 255 int error; |
| 268 | 256 |
| 269 std::string private_key_info1, der_cert1; | 257 scoped_ptr<crypto::ECPrivateKey> key1; |
| 270 TestCompletionCallback callback1; | 258 TestCompletionCallback callback1; |
| 271 ChannelIDService::RequestHandle request_handle1; | 259 ChannelIDService::RequestHandle request_handle1; |
| 272 | 260 |
| 273 std::string private_key_info2, der_cert2; | 261 scoped_ptr<crypto::ECPrivateKey> key2; |
| 274 TestCompletionCallback callback2; | 262 TestCompletionCallback callback2; |
| 275 ChannelIDService::RequestHandle request_handle2; | 263 ChannelIDService::RequestHandle request_handle2; |
| 276 | 264 |
| 277 error = service_->GetOrCreateChannelID( | 265 error = service_->GetOrCreateChannelID(host, &key1, callback1.callback(), |
| 278 host, &private_key_info1, &der_cert1, | 266 &request_handle1); |
| 279 callback1.callback(), &request_handle1); | |
| 280 EXPECT_EQ(ERR_IO_PENDING, error); | 267 EXPECT_EQ(ERR_IO_PENDING, error); |
| 281 EXPECT_TRUE(request_handle1.is_active()); | 268 EXPECT_TRUE(request_handle1.is_active()); |
| 282 // Should join with the original request. | 269 // Should join with the original request. |
| 283 error = service_->GetOrCreateChannelID( | 270 error = service_->GetOrCreateChannelID(host, &key2, callback2.callback(), |
| 284 host, &private_key_info2, &der_cert2, | 271 &request_handle2); |
| 285 callback2.callback(), &request_handle2); | |
| 286 EXPECT_EQ(ERR_IO_PENDING, error); | 272 EXPECT_EQ(ERR_IO_PENDING, error); |
| 287 EXPECT_TRUE(request_handle2.is_active()); | 273 EXPECT_TRUE(request_handle2.is_active()); |
| 288 | 274 |
| 289 error = callback1.WaitForResult(); | 275 error = callback1.WaitForResult(); |
| 290 EXPECT_EQ(OK, error); | 276 EXPECT_EQ(OK, error); |
| 291 error = callback2.WaitForResult(); | 277 error = callback2.WaitForResult(); |
| 292 EXPECT_EQ(OK, error); | 278 EXPECT_EQ(OK, error); |
| 293 | 279 |
| 294 EXPECT_EQ(2u, service_->requests()); | 280 EXPECT_EQ(2u, service_->requests()); |
| 295 EXPECT_EQ(0u, service_->cert_store_hits()); | 281 EXPECT_EQ(0u, service_->key_store_hits()); |
| 296 EXPECT_EQ(1u, service_->inflight_joins()); | 282 EXPECT_EQ(1u, service_->inflight_joins()); |
| 297 EXPECT_EQ(1u, service_->workers_created()); | 283 EXPECT_EQ(1u, service_->workers_created()); |
| 298 } | 284 } |
| 299 | 285 |
| 300 // Tests an inflight join of a Get request to a GetOrCreate request. | 286 // Tests an inflight join of a Get request to a GetOrCreate request. |
| 301 TEST_F(ChannelIDServiceTest, InflightJoinGetOrCreateAndGet) { | 287 TEST_F(ChannelIDServiceTest, InflightJoinGetOrCreateAndGet) { |
| 302 std::string host("encrypted.google.com"); | 288 std::string host("encrypted.google.com"); |
| 303 int error; | 289 int error; |
| 304 | 290 |
| 305 std::string private_key_info1, der_cert1; | 291 scoped_ptr<crypto::ECPrivateKey> key1; |
| 306 TestCompletionCallback callback1; | 292 TestCompletionCallback callback1; |
| 307 ChannelIDService::RequestHandle request_handle1; | 293 ChannelIDService::RequestHandle request_handle1; |
| 308 | 294 |
| 309 std::string private_key_info2; | 295 scoped_ptr<crypto::ECPrivateKey> key2; |
| 310 std::string der_cert2; | |
| 311 TestCompletionCallback callback2; | 296 TestCompletionCallback callback2; |
| 312 ChannelIDService::RequestHandle request_handle2; | 297 ChannelIDService::RequestHandle request_handle2; |
| 313 | 298 |
| 314 error = service_->GetOrCreateChannelID( | 299 error = service_->GetOrCreateChannelID(host, &key1, callback1.callback(), |
| 315 host, &private_key_info1, &der_cert1, | 300 &request_handle1); |
| 316 callback1.callback(), &request_handle1); | |
| 317 EXPECT_EQ(ERR_IO_PENDING, error); | 301 EXPECT_EQ(ERR_IO_PENDING, error); |
| 318 EXPECT_TRUE(request_handle1.is_active()); | 302 EXPECT_TRUE(request_handle1.is_active()); |
| 319 // Should join with the original request. | 303 // Should join with the original request. |
| 320 error = service_->GetChannelID( | 304 error = service_->GetChannelID(host, &key2, callback2.callback(), |
| 321 host, &private_key_info2, &der_cert2, callback2.callback(), | 305 &request_handle2); |
| 322 &request_handle2); | |
| 323 EXPECT_EQ(ERR_IO_PENDING, error); | 306 EXPECT_EQ(ERR_IO_PENDING, error); |
| 324 EXPECT_TRUE(request_handle2.is_active()); | 307 EXPECT_TRUE(request_handle2.is_active()); |
| 325 | 308 |
| 326 error = callback1.WaitForResult(); | 309 error = callback1.WaitForResult(); |
| 327 EXPECT_EQ(OK, error); | 310 EXPECT_EQ(OK, error); |
| 328 error = callback2.WaitForResult(); | 311 error = callback2.WaitForResult(); |
| 329 EXPECT_EQ(OK, error); | 312 EXPECT_EQ(OK, error); |
| 330 EXPECT_EQ(der_cert1, der_cert2); | 313 ExpectKeysEqual(key1, key2); |
| 331 | 314 |
| 332 EXPECT_EQ(2u, service_->requests()); | 315 EXPECT_EQ(2u, service_->requests()); |
| 333 EXPECT_EQ(0u, service_->cert_store_hits()); | 316 EXPECT_EQ(0u, service_->key_store_hits()); |
| 334 EXPECT_EQ(1u, service_->inflight_joins()); | 317 EXPECT_EQ(1u, service_->inflight_joins()); |
| 335 EXPECT_EQ(1u, service_->workers_created()); | 318 EXPECT_EQ(1u, service_->workers_created()); |
| 336 } | 319 } |
| 337 | 320 |
| 338 TEST_F(ChannelIDServiceTest, ExtractValuesFromBytesEC) { | 321 TEST_F(ChannelIDServiceTest, ExtractValuesFromBytesEC) { |
|
mattm
2015/04/10 01:00:27
Test doesn't do what its name says anymore (probab
nharper
2015/04/25 02:59:19
Test removed.
mattm
2015/04/27 20:55:53
?
| |
| 339 std::string host("encrypted.google.com"); | 322 std::string host("encrypted.google.com"); |
| 340 std::string private_key_info, der_cert; | 323 scoped_ptr<crypto::ECPrivateKey> key; |
| 341 int error; | 324 int error; |
| 342 TestCompletionCallback callback; | 325 TestCompletionCallback callback; |
| 343 ChannelIDService::RequestHandle request_handle; | 326 ChannelIDService::RequestHandle request_handle; |
| 344 | 327 |
| 345 error = service_->GetOrCreateChannelID( | 328 error = service_->GetOrCreateChannelID(host, &key, callback.callback(), |
| 346 host, &private_key_info, &der_cert, callback.callback(), | 329 &request_handle); |
| 347 &request_handle); | |
| 348 EXPECT_EQ(ERR_IO_PENDING, error); | 330 EXPECT_EQ(ERR_IO_PENDING, error); |
| 349 EXPECT_TRUE(request_handle.is_active()); | 331 EXPECT_TRUE(request_handle.is_active()); |
| 350 error = callback.WaitForResult(); | 332 error = callback.WaitForResult(); |
| 351 EXPECT_EQ(OK, error); | 333 EXPECT_EQ(OK, error); |
| 352 | 334 |
| 353 base::StringPiece spki_piece; | 335 EXPECT_TRUE(key != nullptr); |
| 354 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(der_cert, &spki_piece)); | |
| 355 std::vector<uint8> spki( | |
| 356 spki_piece.data(), | |
| 357 spki_piece.data() + spki_piece.size()); | |
| 358 | |
| 359 // Check that we can retrieve the key from the bytes. | |
| 360 std::vector<uint8> key_vec(private_key_info.begin(), private_key_info.end()); | |
| 361 scoped_ptr<crypto::ECPrivateKey> private_key( | |
| 362 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | |
| 363 ChannelIDService::kEPKIPassword, key_vec, spki)); | |
| 364 EXPECT_TRUE(private_key != NULL); | |
| 365 | |
| 366 // Check that we can retrieve the cert from the bytes. | |
| 367 scoped_refptr<X509Certificate> x509cert( | |
| 368 X509Certificate::CreateFromBytes(der_cert.data(), der_cert.size())); | |
| 369 EXPECT_TRUE(x509cert.get() != NULL); | |
| 370 } | 336 } |
| 371 | 337 |
| 372 // Tests that the callback of a canceled request is never made. | 338 // Tests that the callback of a canceled request is never made. |
| 373 TEST_F(ChannelIDServiceTest, CancelRequest) { | 339 TEST_F(ChannelIDServiceTest, CancelRequest) { |
| 374 std::string host("encrypted.google.com"); | 340 std::string host("encrypted.google.com"); |
| 375 std::string private_key_info, der_cert; | 341 scoped_ptr<crypto::ECPrivateKey> key; |
| 376 int error; | 342 int error; |
| 377 ChannelIDService::RequestHandle request_handle; | 343 ChannelIDService::RequestHandle request_handle; |
| 378 | 344 |
| 379 error = service_->GetOrCreateChannelID(host, | 345 error = service_->GetOrCreateChannelID(host, &key, base::Bind(&FailTest), |
| 380 &private_key_info, | |
| 381 &der_cert, | |
| 382 base::Bind(&FailTest), | |
| 383 &request_handle); | 346 &request_handle); |
| 384 EXPECT_EQ(ERR_IO_PENDING, error); | 347 EXPECT_EQ(ERR_IO_PENDING, error); |
| 385 EXPECT_TRUE(request_handle.is_active()); | 348 EXPECT_TRUE(request_handle.is_active()); |
| 386 request_handle.Cancel(); | 349 request_handle.Cancel(); |
| 387 EXPECT_FALSE(request_handle.is_active()); | 350 EXPECT_FALSE(request_handle.is_active()); |
| 388 | 351 |
| 389 // Wait for reply from ChannelIDServiceWorker to be posted back to the | 352 // Wait for reply from ChannelIDServiceWorker to be posted back to the |
| 390 // ChannelIDService. | 353 // ChannelIDService. |
| 391 base::MessageLoop::current()->RunUntilIdle(); | 354 base::MessageLoop::current()->RunUntilIdle(); |
| 392 | 355 |
| 393 // Even though the original request was cancelled, the service will still | 356 // Even though the original request was cancelled, the service will still |
| 394 // store the result, it just doesn't call the callback. | 357 // store the result, it just doesn't call the callback. |
| 395 EXPECT_EQ(1, service_->cert_count()); | 358 EXPECT_EQ(1, service_->cert_count()); |
| 396 } | 359 } |
| 397 | 360 |
| 398 // Tests that destructing the RequestHandle cancels the request. | 361 // Tests that destructing the RequestHandle cancels the request. |
| 399 TEST_F(ChannelIDServiceTest, CancelRequestByHandleDestruction) { | 362 TEST_F(ChannelIDServiceTest, CancelRequestByHandleDestruction) { |
| 400 std::string host("encrypted.google.com"); | 363 std::string host("encrypted.google.com"); |
| 401 std::string private_key_info, der_cert; | 364 scoped_ptr<crypto::ECPrivateKey> key; |
| 402 int error; | 365 int error; |
| 403 { | 366 { |
| 404 ChannelIDService::RequestHandle request_handle; | 367 ChannelIDService::RequestHandle request_handle; |
| 405 | 368 |
| 406 error = service_->GetOrCreateChannelID(host, | 369 error = service_->GetOrCreateChannelID(host, &key, base::Bind(&FailTest), |
| 407 &private_key_info, | |
| 408 &der_cert, | |
| 409 base::Bind(&FailTest), | |
| 410 &request_handle); | 370 &request_handle); |
| 411 EXPECT_EQ(ERR_IO_PENDING, error); | 371 EXPECT_EQ(ERR_IO_PENDING, error); |
| 412 EXPECT_TRUE(request_handle.is_active()); | 372 EXPECT_TRUE(request_handle.is_active()); |
| 413 } | 373 } |
| 414 | 374 |
| 415 // Wait for reply from ChannelIDServiceWorker to be posted back to the | 375 // Wait for reply from ChannelIDServiceWorker to be posted back to the |
| 416 // ChannelIDService. | 376 // ChannelIDService. |
| 417 base::MessageLoop::current()->RunUntilIdle(); | 377 base::MessageLoop::current()->RunUntilIdle(); |
| 418 | 378 |
| 419 // Even though the original request was cancelled, the service will still | 379 // Even though the original request was cancelled, the service will still |
| 420 // store the result, it just doesn't call the callback. | 380 // store the result, it just doesn't call the callback. |
| 421 EXPECT_EQ(1, service_->cert_count()); | 381 EXPECT_EQ(1, service_->cert_count()); |
| 422 } | 382 } |
| 423 | 383 |
| 424 TEST_F(ChannelIDServiceTest, DestructionWithPendingRequest) { | 384 TEST_F(ChannelIDServiceTest, DestructionWithPendingRequest) { |
| 425 std::string host("encrypted.google.com"); | 385 std::string host("encrypted.google.com"); |
| 426 std::string private_key_info, der_cert; | 386 scoped_ptr<crypto::ECPrivateKey> key; |
| 427 int error; | 387 int error; |
| 428 ChannelIDService::RequestHandle request_handle; | 388 ChannelIDService::RequestHandle request_handle; |
| 429 | 389 |
| 430 error = service_->GetOrCreateChannelID(host, | 390 error = service_->GetOrCreateChannelID(host, &key, base::Bind(&FailTest), |
| 431 &private_key_info, | |
| 432 &der_cert, | |
| 433 base::Bind(&FailTest), | |
| 434 &request_handle); | 391 &request_handle); |
| 435 EXPECT_EQ(ERR_IO_PENDING, error); | 392 EXPECT_EQ(ERR_IO_PENDING, error); |
| 436 EXPECT_TRUE(request_handle.is_active()); | 393 EXPECT_TRUE(request_handle.is_active()); |
| 437 | 394 |
| 438 // Cancel request and destroy the ChannelIDService. | 395 // Cancel request and destroy the ChannelIDService. |
| 439 request_handle.Cancel(); | 396 request_handle.Cancel(); |
| 440 service_.reset(); | 397 service_.reset(); |
| 441 | 398 |
| 442 // ChannelIDServiceWorker should not post anything back to the | 399 // ChannelIDServiceWorker should not post anything back to the |
| 443 // non-existent ChannelIDService, but run the loop just to be sure it | 400 // non-existent ChannelIDService, but run the loop just to be sure it |
| 444 // doesn't. | 401 // doesn't. |
| 445 base::MessageLoop::current()->RunUntilIdle(); | 402 base::MessageLoop::current()->RunUntilIdle(); |
| 446 | 403 |
| 447 // If we got here without crashing or a valgrind error, it worked. | 404 // If we got here without crashing or a valgrind error, it worked. |
| 448 } | 405 } |
| 449 | 406 |
| 450 // Tests that shutting down the sequenced worker pool and then making new | 407 // Tests that shutting down the sequenced worker pool and then making new |
| 451 // requests gracefully fails. | 408 // requests gracefully fails. |
| 452 // This is a regression test for http://crbug.com/236387 | 409 // This is a regression test for http://crbug.com/236387 |
| 453 TEST_F(ChannelIDServiceTest, RequestAfterPoolShutdown) { | 410 TEST_F(ChannelIDServiceTest, RequestAfterPoolShutdown) { |
| 454 scoped_refptr<FailingTaskRunner> task_runner(new FailingTaskRunner); | 411 scoped_refptr<FailingTaskRunner> task_runner(new FailingTaskRunner); |
| 455 service_.reset(new ChannelIDService( | 412 service_.reset(new ChannelIDService( |
| 456 new DefaultChannelIDStore(NULL), task_runner)); | 413 new DefaultChannelIDStore(NULL), task_runner)); |
| 457 | 414 |
| 458 // Make a request that will force synchronous completion. | 415 // Make a request that will force synchronous completion. |
| 459 std::string host("encrypted.google.com"); | 416 std::string host("encrypted.google.com"); |
| 460 std::string private_key_info, der_cert; | 417 scoped_ptr<crypto::ECPrivateKey> key; |
| 461 int error; | 418 int error; |
| 462 ChannelIDService::RequestHandle request_handle; | 419 ChannelIDService::RequestHandle request_handle; |
| 463 | 420 |
| 464 error = service_->GetOrCreateChannelID(host, | 421 error = service_->GetOrCreateChannelID(host, &key, base::Bind(&FailTest), |
| 465 &private_key_info, | |
| 466 &der_cert, | |
| 467 base::Bind(&FailTest), | |
| 468 &request_handle); | 422 &request_handle); |
| 469 // If we got here without crashing or a valgrind error, it worked. | 423 // If we got here without crashing or a valgrind error, it worked. |
| 470 ASSERT_EQ(ERR_INSUFFICIENT_RESOURCES, error); | 424 ASSERT_EQ(ERR_INSUFFICIENT_RESOURCES, error); |
| 471 EXPECT_FALSE(request_handle.is_active()); | 425 EXPECT_FALSE(request_handle.is_active()); |
| 472 } | 426 } |
| 473 | 427 |
| 474 // Tests that simultaneous creation of different certs works. | 428 // Tests that simultaneous creation of different certs works. |
| 475 TEST_F(ChannelIDServiceTest, SimultaneousCreation) { | 429 TEST_F(ChannelIDServiceTest, SimultaneousCreation) { |
| 476 int error; | 430 int error; |
| 477 | 431 |
| 478 std::string host1("encrypted.google.com"); | 432 std::string host1("encrypted.google.com"); |
| 479 std::string private_key_info1, der_cert1; | 433 scoped_ptr<crypto::ECPrivateKey> key1; |
| 480 TestCompletionCallback callback1; | 434 TestCompletionCallback callback1; |
| 481 ChannelIDService::RequestHandle request_handle1; | 435 ChannelIDService::RequestHandle request_handle1; |
| 482 | 436 |
| 483 std::string host2("foo.com"); | 437 std::string host2("foo.com"); |
| 484 std::string private_key_info2, der_cert2; | 438 scoped_ptr<crypto::ECPrivateKey> key2; |
| 485 TestCompletionCallback callback2; | 439 TestCompletionCallback callback2; |
| 486 ChannelIDService::RequestHandle request_handle2; | 440 ChannelIDService::RequestHandle request_handle2; |
| 487 | 441 |
| 488 std::string host3("bar.com"); | 442 std::string host3("bar.com"); |
| 489 std::string private_key_info3, der_cert3; | 443 scoped_ptr<crypto::ECPrivateKey> key3; |
| 490 TestCompletionCallback callback3; | 444 TestCompletionCallback callback3; |
| 491 ChannelIDService::RequestHandle request_handle3; | 445 ChannelIDService::RequestHandle request_handle3; |
| 492 | 446 |
| 493 error = service_->GetOrCreateChannelID(host1, | 447 error = service_->GetOrCreateChannelID(host1, &key1, callback1.callback(), |
| 494 &private_key_info1, | |
| 495 &der_cert1, | |
| 496 callback1.callback(), | |
| 497 &request_handle1); | 448 &request_handle1); |
| 498 EXPECT_EQ(ERR_IO_PENDING, error); | 449 EXPECT_EQ(ERR_IO_PENDING, error); |
| 499 EXPECT_TRUE(request_handle1.is_active()); | 450 EXPECT_TRUE(request_handle1.is_active()); |
| 500 | 451 |
| 501 error = service_->GetOrCreateChannelID(host2, | 452 error = service_->GetOrCreateChannelID(host2, &key2, callback2.callback(), |
| 502 &private_key_info2, | |
| 503 &der_cert2, | |
| 504 callback2.callback(), | |
| 505 &request_handle2); | 453 &request_handle2); |
| 506 EXPECT_EQ(ERR_IO_PENDING, error); | 454 EXPECT_EQ(ERR_IO_PENDING, error); |
| 507 EXPECT_TRUE(request_handle2.is_active()); | 455 EXPECT_TRUE(request_handle2.is_active()); |
| 508 | 456 |
| 509 error = service_->GetOrCreateChannelID(host3, | 457 error = service_->GetOrCreateChannelID(host3, &key3, callback3.callback(), |
| 510 &private_key_info3, | |
| 511 &der_cert3, | |
| 512 callback3.callback(), | |
| 513 &request_handle3); | 458 &request_handle3); |
| 514 EXPECT_EQ(ERR_IO_PENDING, error); | 459 EXPECT_EQ(ERR_IO_PENDING, error); |
| 515 EXPECT_TRUE(request_handle3.is_active()); | 460 EXPECT_TRUE(request_handle3.is_active()); |
| 516 | 461 |
| 517 error = callback1.WaitForResult(); | 462 error = callback1.WaitForResult(); |
| 518 EXPECT_EQ(OK, error); | 463 EXPECT_EQ(OK, error); |
| 519 EXPECT_FALSE(private_key_info1.empty()); | 464 EXPECT_NE(nullptr, key1.get()); |
| 520 EXPECT_FALSE(der_cert1.empty()); | |
| 521 | 465 |
| 522 error = callback2.WaitForResult(); | 466 error = callback2.WaitForResult(); |
| 523 EXPECT_EQ(OK, error); | 467 EXPECT_EQ(OK, error); |
| 524 EXPECT_FALSE(private_key_info2.empty()); | 468 EXPECT_NE(nullptr, key2.get()); |
| 525 EXPECT_FALSE(der_cert2.empty()); | |
| 526 | 469 |
| 527 error = callback3.WaitForResult(); | 470 error = callback3.WaitForResult(); |
| 528 EXPECT_EQ(OK, error); | 471 EXPECT_EQ(OK, error); |
| 529 EXPECT_FALSE(private_key_info3.empty()); | 472 EXPECT_NE(nullptr, key3.get()); |
| 530 EXPECT_FALSE(der_cert3.empty()); | |
| 531 | 473 |
| 532 EXPECT_NE(private_key_info1, private_key_info2); | 474 EXPECT_NE(key1.get(), key2.get()); |
| 533 EXPECT_NE(der_cert1, der_cert2); | 475 EXPECT_NE(key1.get(), key3.get()); |
| 534 | 476 EXPECT_NE(key2.get(), key3.get()); |
|
mattm
2015/04/10 01:00:27
Same as above (ExpectKeysNotEqual)
nharper
2015/04/25 02:59:19
Done.
mattm
2015/04/27 20:55:53
?
| |
| 535 EXPECT_NE(private_key_info1, private_key_info3); | |
| 536 EXPECT_NE(der_cert1, der_cert3); | |
| 537 | |
| 538 EXPECT_NE(private_key_info2, private_key_info3); | |
| 539 EXPECT_NE(der_cert2, der_cert3); | |
| 540 | 477 |
| 541 EXPECT_EQ(3, service_->cert_count()); | 478 EXPECT_EQ(3, service_->cert_count()); |
| 542 } | 479 } |
| 543 | 480 |
| 544 TEST_F(ChannelIDServiceTest, Expiration) { | |
| 545 ChannelIDStore* store = service_->GetChannelIDStore(); | |
| 546 base::Time now = base::Time::Now(); | |
| 547 store->SetChannelID("good", | |
| 548 now, | |
| 549 now + base::TimeDelta::FromDays(1), | |
| 550 "a", | |
| 551 "b"); | |
| 552 store->SetChannelID("expired", | |
| 553 now - base::TimeDelta::FromDays(2), | |
| 554 now - base::TimeDelta::FromDays(1), | |
| 555 "c", | |
| 556 "d"); | |
| 557 EXPECT_EQ(2, service_->cert_count()); | |
| 558 | |
| 559 int error; | |
| 560 TestCompletionCallback callback; | |
| 561 ChannelIDService::RequestHandle request_handle; | |
| 562 | |
| 563 // Cert is valid - synchronous completion. | |
| 564 std::string private_key_info1, der_cert1; | |
| 565 error = service_->GetOrCreateChannelID( | |
| 566 "good", &private_key_info1, &der_cert1, | |
| 567 callback.callback(), &request_handle); | |
| 568 EXPECT_EQ(OK, error); | |
| 569 EXPECT_FALSE(request_handle.is_active()); | |
| 570 EXPECT_EQ(2, service_->cert_count()); | |
| 571 EXPECT_STREQ("a", private_key_info1.c_str()); | |
| 572 EXPECT_STREQ("b", der_cert1.c_str()); | |
| 573 | |
| 574 // Expired cert is valid as well - synchronous completion. | |
| 575 std::string private_key_info2, der_cert2; | |
| 576 error = service_->GetOrCreateChannelID( | |
| 577 "expired", &private_key_info2, &der_cert2, | |
| 578 callback.callback(), &request_handle); | |
| 579 EXPECT_EQ(OK, error); | |
| 580 EXPECT_FALSE(request_handle.is_active()); | |
| 581 EXPECT_EQ(2, service_->cert_count()); | |
| 582 EXPECT_STREQ("c", private_key_info2.c_str()); | |
| 583 EXPECT_STREQ("d", der_cert2.c_str()); | |
| 584 } | |
| 585 | |
| 586 TEST_F(ChannelIDServiceTest, AsyncStoreGetOrCreateNoChannelIDsInStore) { | 481 TEST_F(ChannelIDServiceTest, AsyncStoreGetOrCreateNoChannelIDsInStore) { |
| 587 MockChannelIDStoreWithAsyncGet* mock_store = | 482 MockChannelIDStoreWithAsyncGet* mock_store = |
| 588 new MockChannelIDStoreWithAsyncGet(); | 483 new MockChannelIDStoreWithAsyncGet(); |
| 589 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( | 484 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( |
| 590 mock_store, base::MessageLoopProxy::current())); | 485 mock_store, base::MessageLoopProxy::current())); |
| 591 | 486 |
| 592 std::string host("encrypted.google.com"); | 487 std::string host("encrypted.google.com"); |
| 593 | 488 |
| 594 int error; | 489 int error; |
| 595 TestCompletionCallback callback; | 490 TestCompletionCallback callback; |
| 596 ChannelIDService::RequestHandle request_handle; | 491 ChannelIDService::RequestHandle request_handle; |
| 597 | 492 |
| 598 // Asynchronous completion with no certs in the store. | 493 // Asynchronous completion with no certs in the store. |
| 599 std::string private_key_info, der_cert; | 494 scoped_ptr<crypto::ECPrivateKey> key; |
| 600 EXPECT_EQ(0, service_->cert_count()); | 495 EXPECT_EQ(0, service_->cert_count()); |
| 601 error = service_->GetOrCreateChannelID( | 496 error = service_->GetOrCreateChannelID(host, &key, callback.callback(), |
| 602 host, &private_key_info, &der_cert, callback.callback(), &request_handle); | 497 &request_handle); |
| 603 EXPECT_EQ(ERR_IO_PENDING, error); | 498 EXPECT_EQ(ERR_IO_PENDING, error); |
| 604 EXPECT_TRUE(request_handle.is_active()); | 499 EXPECT_TRUE(request_handle.is_active()); |
| 605 | 500 |
| 606 mock_store->CallGetChannelIDCallbackWithResult( | 501 mock_store->CallGetChannelIDCallbackWithResult(ERR_FILE_NOT_FOUND, |
| 607 ERR_FILE_NOT_FOUND, base::Time(), std::string(), std::string()); | 502 std::string(), std::string()); |
| 608 | 503 |
| 609 error = callback.WaitForResult(); | 504 error = callback.WaitForResult(); |
| 610 EXPECT_EQ(OK, error); | 505 EXPECT_EQ(OK, error); |
| 611 EXPECT_EQ(1, service_->cert_count()); | 506 EXPECT_EQ(1, service_->cert_count()); |
| 612 EXPECT_FALSE(private_key_info.empty()); | 507 EXPECT_NE(nullptr, key.get()); |
| 613 EXPECT_FALSE(der_cert.empty()); | |
| 614 EXPECT_FALSE(request_handle.is_active()); | 508 EXPECT_FALSE(request_handle.is_active()); |
| 615 } | 509 } |
| 616 | 510 |
| 617 TEST_F(ChannelIDServiceTest, AsyncStoreGetNoChannelIDsInStore) { | 511 TEST_F(ChannelIDServiceTest, AsyncStoreGetNoChannelIDsInStore) { |
| 618 MockChannelIDStoreWithAsyncGet* mock_store = | 512 MockChannelIDStoreWithAsyncGet* mock_store = |
| 619 new MockChannelIDStoreWithAsyncGet(); | 513 new MockChannelIDStoreWithAsyncGet(); |
| 620 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( | 514 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( |
| 621 mock_store, base::MessageLoopProxy::current())); | 515 mock_store, base::MessageLoopProxy::current())); |
| 622 | 516 |
| 623 std::string host("encrypted.google.com"); | 517 std::string host("encrypted.google.com"); |
| 624 | 518 |
| 625 int error; | 519 int error; |
| 626 TestCompletionCallback callback; | 520 TestCompletionCallback callback; |
| 627 ChannelIDService::RequestHandle request_handle; | 521 ChannelIDService::RequestHandle request_handle; |
| 628 | 522 |
| 629 // Asynchronous completion with no certs in the store. | 523 // Asynchronous completion with no certs in the store. |
| 630 std::string private_key, der_cert; | 524 scoped_ptr<crypto::ECPrivateKey> key; |
| 631 EXPECT_EQ(0, service_->cert_count()); | 525 EXPECT_EQ(0, service_->cert_count()); |
| 632 error = service_->GetChannelID( | 526 error = |
| 633 host, &private_key, &der_cert, callback.callback(), &request_handle); | 527 service_->GetChannelID(host, &key, callback.callback(), &request_handle); |
| 634 EXPECT_EQ(ERR_IO_PENDING, error); | 528 EXPECT_EQ(ERR_IO_PENDING, error); |
| 635 EXPECT_TRUE(request_handle.is_active()); | 529 EXPECT_TRUE(request_handle.is_active()); |
| 636 | 530 |
| 637 mock_store->CallGetChannelIDCallbackWithResult( | 531 mock_store->CallGetChannelIDCallbackWithResult(ERR_FILE_NOT_FOUND, |
| 638 ERR_FILE_NOT_FOUND, base::Time(), std::string(), std::string()); | 532 std::string(), std::string()); |
| 639 | 533 |
| 640 error = callback.WaitForResult(); | 534 error = callback.WaitForResult(); |
| 641 EXPECT_EQ(ERR_FILE_NOT_FOUND, error); | 535 EXPECT_EQ(ERR_FILE_NOT_FOUND, error); |
| 642 EXPECT_EQ(0, service_->cert_count()); | 536 EXPECT_EQ(0, service_->cert_count()); |
| 643 EXPECT_EQ(0u, service_->workers_created()); | 537 EXPECT_EQ(0u, service_->workers_created()); |
| 644 EXPECT_TRUE(der_cert.empty()); | 538 EXPECT_EQ(nullptr, key.get()); |
| 645 EXPECT_FALSE(request_handle.is_active()); | 539 EXPECT_FALSE(request_handle.is_active()); |
| 646 } | 540 } |
| 647 | 541 |
| 648 TEST_F(ChannelIDServiceTest, AsyncStoreGetOrCreateOneCertInStore) { | 542 TEST_F(ChannelIDServiceTest, AsyncStoreGetOrCreateOneCertInStore) { |
| 649 MockChannelIDStoreWithAsyncGet* mock_store = | 543 MockChannelIDStoreWithAsyncGet* mock_store = |
| 650 new MockChannelIDStoreWithAsyncGet(); | 544 new MockChannelIDStoreWithAsyncGet(); |
| 651 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( | 545 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( |
| 652 mock_store, base::MessageLoopProxy::current())); | 546 mock_store, base::MessageLoopProxy::current())); |
| 653 | 547 |
| 654 std::string host("encrypted.google.com"); | 548 std::string host("encrypted.google.com"); |
| 655 | 549 |
| 656 int error; | 550 int error; |
| 657 TestCompletionCallback callback; | 551 TestCompletionCallback callback; |
| 658 ChannelIDService::RequestHandle request_handle; | 552 ChannelIDService::RequestHandle request_handle; |
| 659 | 553 |
| 660 // Asynchronous completion with a cert in the store. | 554 // Asynchronous completion with a cert in the store. |
| 661 std::string private_key_info, der_cert; | 555 scoped_ptr<crypto::ECPrivateKey> key; |
| 662 EXPECT_EQ(0, service_->cert_count()); | 556 EXPECT_EQ(0, service_->cert_count()); |
| 663 error = service_->GetOrCreateChannelID( | 557 error = service_->GetOrCreateChannelID(host, &key, callback.callback(), |
| 664 host, &private_key_info, &der_cert, callback.callback(), &request_handle); | 558 &request_handle); |
| 665 EXPECT_EQ(ERR_IO_PENDING, error); | 559 EXPECT_EQ(ERR_IO_PENDING, error); |
| 666 EXPECT_TRUE(request_handle.is_active()); | 560 EXPECT_TRUE(request_handle.is_active()); |
| 667 | 561 |
| 668 mock_store->CallGetChannelIDCallbackWithResult( | 562 scoped_ptr<crypto::ECPrivateKey> expected_key(crypto::ECPrivateKey::Create()); |
| 669 OK, base::Time(), "ab", "cd"); | 563 std::string expected_public_key, expected_private_key; |
| 564 ASSERT_EQ(OK, ExportKeypair(expected_key, &expected_public_key, | |
| 565 &expected_private_key)); | |
| 566 mock_store->CallGetChannelIDCallbackWithResult(OK, expected_private_key, | |
| 567 expected_public_key); | |
| 670 | 568 |
| 671 error = callback.WaitForResult(); | 569 error = callback.WaitForResult(); |
| 672 EXPECT_EQ(OK, error); | 570 EXPECT_EQ(OK, error); |
| 673 EXPECT_EQ(1, service_->cert_count()); | 571 EXPECT_EQ(1, service_->cert_count()); |
| 674 EXPECT_EQ(1u, service_->requests()); | 572 EXPECT_EQ(1u, service_->requests()); |
| 675 EXPECT_EQ(1u, service_->cert_store_hits()); | 573 EXPECT_EQ(1u, service_->key_store_hits()); |
| 676 // Because the cert was found in the store, no new workers should have been | 574 // Because the cert was found in the store, no new workers should have been |
| 677 // created. | 575 // created. |
| 678 EXPECT_EQ(0u, service_->workers_created()); | 576 EXPECT_EQ(0u, service_->workers_created()); |
| 679 EXPECT_STREQ("ab", private_key_info.c_str()); | 577 EXPECT_NE(nullptr, key.get()); |
| 680 EXPECT_STREQ("cd", der_cert.c_str()); | 578 ExpectKeysEqual(expected_key, key); |
| 681 EXPECT_FALSE(request_handle.is_active()); | 579 EXPECT_FALSE(request_handle.is_active()); |
| 682 } | 580 } |
| 683 | 581 |
| 684 TEST_F(ChannelIDServiceTest, AsyncStoreGetOneCertInStore) { | 582 TEST_F(ChannelIDServiceTest, AsyncStoreGetOneCertInStore) { |
| 685 MockChannelIDStoreWithAsyncGet* mock_store = | 583 MockChannelIDStoreWithAsyncGet* mock_store = |
| 686 new MockChannelIDStoreWithAsyncGet(); | 584 new MockChannelIDStoreWithAsyncGet(); |
| 687 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( | 585 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( |
| 688 mock_store, base::MessageLoopProxy::current())); | 586 mock_store, base::MessageLoopProxy::current())); |
| 689 | 587 |
| 690 std::string host("encrypted.google.com"); | 588 std::string host("encrypted.google.com"); |
| 691 | 589 |
| 692 int error; | 590 int error; |
| 693 TestCompletionCallback callback; | 591 TestCompletionCallback callback; |
| 694 ChannelIDService::RequestHandle request_handle; | 592 ChannelIDService::RequestHandle request_handle; |
| 695 | 593 |
| 696 // Asynchronous completion with a cert in the store. | 594 // Asynchronous completion with a cert in the store. |
| 697 std::string private_key, der_cert; | 595 scoped_ptr<crypto::ECPrivateKey> key; |
| 596 std::string private_key, spki; | |
| 698 EXPECT_EQ(0, service_->cert_count()); | 597 EXPECT_EQ(0, service_->cert_count()); |
| 699 error = service_->GetChannelID( | 598 error = |
| 700 host, &private_key, &der_cert, callback.callback(), &request_handle); | 599 service_->GetChannelID(host, &key, callback.callback(), &request_handle); |
| 701 EXPECT_EQ(ERR_IO_PENDING, error); | 600 EXPECT_EQ(ERR_IO_PENDING, error); |
| 702 EXPECT_TRUE(request_handle.is_active()); | 601 EXPECT_TRUE(request_handle.is_active()); |
| 703 | 602 |
| 704 mock_store->CallGetChannelIDCallbackWithResult( | 603 scoped_ptr<crypto::ECPrivateKey> expected_key(crypto::ECPrivateKey::Create()); |
| 705 OK, base::Time(), "ab", "cd"); | 604 std::string expected_public_key, expected_private_key; |
| 605 ASSERT_EQ(OK, ExportKeypair(expected_key, &expected_public_key, | |
| 606 &expected_private_key)); | |
| 607 mock_store->CallGetChannelIDCallbackWithResult(OK, expected_private_key, | |
| 608 expected_public_key); | |
| 706 | 609 |
| 707 error = callback.WaitForResult(); | 610 error = callback.WaitForResult(); |
| 708 EXPECT_EQ(OK, error); | 611 EXPECT_EQ(OK, error); |
| 709 EXPECT_EQ(1, service_->cert_count()); | 612 EXPECT_EQ(1, service_->cert_count()); |
| 710 EXPECT_EQ(1u, service_->requests()); | 613 EXPECT_EQ(1u, service_->requests()); |
| 711 EXPECT_EQ(1u, service_->cert_store_hits()); | 614 EXPECT_EQ(1u, service_->key_store_hits()); |
| 712 // Because the cert was found in the store, no new workers should have been | 615 // Because the cert was found in the store, no new workers should have been |
| 713 // created. | 616 // created. |
| 714 EXPECT_EQ(0u, service_->workers_created()); | 617 EXPECT_EQ(0u, service_->workers_created()); |
| 715 EXPECT_STREQ("cd", der_cert.c_str()); | 618 ExpectKeysEqual(expected_key, key); |
| 716 EXPECT_FALSE(request_handle.is_active()); | 619 EXPECT_FALSE(request_handle.is_active()); |
| 717 } | 620 } |
| 718 | 621 |
| 719 TEST_F(ChannelIDServiceTest, AsyncStoreGetThenCreateNoCertsInStore) { | 622 TEST_F(ChannelIDServiceTest, AsyncStoreGetThenCreateNoCertsInStore) { |
| 720 MockChannelIDStoreWithAsyncGet* mock_store = | 623 MockChannelIDStoreWithAsyncGet* mock_store = |
| 721 new MockChannelIDStoreWithAsyncGet(); | 624 new MockChannelIDStoreWithAsyncGet(); |
| 722 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( | 625 service_ = scoped_ptr<ChannelIDService>(new ChannelIDService( |
| 723 mock_store, base::MessageLoopProxy::current())); | 626 mock_store, base::MessageLoopProxy::current())); |
| 724 | 627 |
| 725 std::string host("encrypted.google.com"); | 628 std::string host("encrypted.google.com"); |
| 726 | 629 |
| 727 int error; | 630 int error; |
| 728 | 631 |
| 729 // Asynchronous get with no certs in the store. | 632 // Asynchronous get with no certs in the store. |
| 730 TestCompletionCallback callback1; | 633 TestCompletionCallback callback1; |
| 731 ChannelIDService::RequestHandle request_handle1; | 634 ChannelIDService::RequestHandle request_handle1; |
| 732 std::string private_key1, der_cert1; | 635 scoped_ptr<crypto::ECPrivateKey> key1; |
| 733 EXPECT_EQ(0, service_->cert_count()); | 636 EXPECT_EQ(0, service_->cert_count()); |
| 734 error = service_->GetChannelID( | 637 error = service_->GetChannelID(host, &key1, callback1.callback(), |
| 735 host, &private_key1, &der_cert1, callback1.callback(), &request_handle1); | 638 &request_handle1); |
| 736 EXPECT_EQ(ERR_IO_PENDING, error); | 639 EXPECT_EQ(ERR_IO_PENDING, error); |
| 737 EXPECT_TRUE(request_handle1.is_active()); | 640 EXPECT_TRUE(request_handle1.is_active()); |
| 738 | 641 |
| 739 // Asynchronous get/create with no certs in the store. | 642 // Asynchronous get/create with no certs in the store. |
| 740 TestCompletionCallback callback2; | 643 TestCompletionCallback callback2; |
| 741 ChannelIDService::RequestHandle request_handle2; | 644 ChannelIDService::RequestHandle request_handle2; |
| 742 std::string private_key2, der_cert2; | 645 scoped_ptr<crypto::ECPrivateKey> key2; |
| 743 EXPECT_EQ(0, service_->cert_count()); | 646 EXPECT_EQ(0, service_->cert_count()); |
| 744 error = service_->GetOrCreateChannelID( | 647 error = service_->GetOrCreateChannelID(host, &key2, callback2.callback(), |
| 745 host, &private_key2, &der_cert2, callback2.callback(), &request_handle2); | 648 &request_handle2); |
| 746 EXPECT_EQ(ERR_IO_PENDING, error); | 649 EXPECT_EQ(ERR_IO_PENDING, error); |
| 747 EXPECT_TRUE(request_handle2.is_active()); | 650 EXPECT_TRUE(request_handle2.is_active()); |
| 748 | 651 |
| 749 mock_store->CallGetChannelIDCallbackWithResult( | 652 mock_store->CallGetChannelIDCallbackWithResult(ERR_FILE_NOT_FOUND, |
| 750 ERR_FILE_NOT_FOUND, base::Time(), std::string(), std::string()); | 653 std::string(), std::string()); |
| 751 | 654 |
| 752 // Even though the first request didn't ask to create a cert, it gets joined | 655 // Even though the first request didn't ask to create a cert, it gets joined |
| 753 // by the second, which does, so both succeed. | 656 // by the second, which does, so both succeed. |
| 754 error = callback1.WaitForResult(); | 657 error = callback1.WaitForResult(); |
| 755 EXPECT_EQ(OK, error); | 658 EXPECT_EQ(OK, error); |
| 756 error = callback2.WaitForResult(); | 659 error = callback2.WaitForResult(); |
| 757 EXPECT_EQ(OK, error); | 660 EXPECT_EQ(OK, error); |
| 758 | 661 |
| 759 // One cert is created, one request is joined. | 662 // One cert is created, one request is joined. |
| 760 EXPECT_EQ(2U, service_->requests()); | 663 EXPECT_EQ(2U, service_->requests()); |
| 761 EXPECT_EQ(1, service_->cert_count()); | 664 EXPECT_EQ(1, service_->cert_count()); |
| 762 EXPECT_EQ(1u, service_->workers_created()); | 665 EXPECT_EQ(1u, service_->workers_created()); |
| 763 EXPECT_EQ(1u, service_->inflight_joins()); | 666 EXPECT_EQ(1u, service_->inflight_joins()); |
| 764 EXPECT_FALSE(der_cert1.empty()); | 667 EXPECT_NE(nullptr, key1.get()); |
| 765 EXPECT_EQ(der_cert1, der_cert2); | 668 ExpectKeysEqual(key1, key2); |
| 766 EXPECT_FALSE(private_key1.empty()); | |
| 767 EXPECT_EQ(private_key1, private_key2); | |
| 768 EXPECT_FALSE(request_handle1.is_active()); | 669 EXPECT_FALSE(request_handle1.is_active()); |
| 769 EXPECT_FALSE(request_handle2.is_active()); | 670 EXPECT_FALSE(request_handle2.is_active()); |
| 770 } | 671 } |
| 771 | 672 |
| 673 TEST_F(ChannelIDServiceTest, SerializeAndDeserializeKey) { | |
| 674 scoped_ptr<crypto::ECPrivateKey> expected_key(crypto::ECPrivateKey::Create()); | |
| 675 std::string expected_public_key, expected_private_key; | |
| 676 ASSERT_EQ(OK, ExportKeypair(expected_key, &expected_public_key, | |
| 677 &expected_private_key)); | |
| 678 | |
| 679 scoped_ptr<crypto::ECPrivateKey> actual_key; | |
| 680 ASSERT_EQ(OK, CreateECPrivateKeyFromSerializedKey( | |
| 681 expected_public_key, expected_private_key, &actual_key)); | |
| 682 ExpectKeysEqual(expected_key, actual_key); | |
| 683 } | |
| 684 | |
| 772 } // namespace | 685 } // namespace |
| 773 | 686 |
| 774 } // namespace net | 687 } // namespace net |
| OLD | NEW |
