OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/default_server_bound_cert_store.h" | 5 #include "net/base/default_server_bound_cert_store.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/bind.h" | 11 #include "base/bind.h" |
12 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
15 #include "base/message_loop.h" | |
15 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
16 | 17 |
17 namespace net { | 18 namespace net { |
18 | 19 |
20 namespace { | |
21 | |
22 void CallCounter(int* counter) { | |
23 (*counter)++; | |
24 } | |
25 | |
26 void NotCalled() { | |
27 ASSERT_TRUE(false); | |
erikwright (departed)
2013/01/04 19:20:10
FAIL() << "Message." ?
Also, you should only use
mattm
2013/01/08 04:53:21
Done.
| |
28 } | |
29 | |
30 void GetCertCallbackNotCalled(const std::string& server_identifier, | |
31 SSLClientCertType type, | |
32 base::Time expiration_time, | |
33 const std::string& private_key_result, | |
34 const std::string& cert_result) { | |
35 ASSERT_TRUE(false); | |
36 } | |
37 | |
38 class AsyncGetCertHelper { | |
39 public: | |
40 AsyncGetCertHelper() : called_(false) {} | |
41 | |
42 void Callback(const std::string& server_identifier, | |
43 SSLClientCertType type, | |
44 base::Time expiration_time, | |
45 const std::string& private_key_result, | |
46 const std::string& cert_result) { | |
47 server_identifier_ = server_identifier; | |
48 type_ = type; | |
49 expiration_time_ = expiration_time; | |
50 private_key_ = private_key_result; | |
51 cert_ = cert_result; | |
52 called_ = true; | |
53 } | |
54 | |
55 std::string server_identifier_; | |
56 SSLClientCertType type_; | |
57 base::Time expiration_time_; | |
58 std::string private_key_; | |
59 std::string cert_; | |
60 bool called_; | |
61 }; | |
62 | |
63 void GetAllCallback( | |
64 ServerBoundCertStore::ServerBoundCertList* dest, | |
65 const ServerBoundCertStore::ServerBoundCertList& result) { | |
66 *dest = result; | |
67 } | |
68 | |
19 class MockPersistentStore | 69 class MockPersistentStore |
20 : public DefaultServerBoundCertStore::PersistentStore { | 70 : public DefaultServerBoundCertStore::PersistentStore { |
21 public: | 71 public: |
22 MockPersistentStore(); | 72 MockPersistentStore(); |
23 | 73 |
24 // DefaultServerBoundCertStore::PersistentStore implementation. | 74 // DefaultServerBoundCertStore::PersistentStore implementation. |
25 virtual bool Load( | 75 virtual void Load(const LoadedCallback& loaded_callback) OVERRIDE; |
26 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) | |
27 OVERRIDE; | |
28 virtual void AddServerBoundCert( | 76 virtual void AddServerBoundCert( |
29 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 77 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
30 virtual void DeleteServerBoundCert( | 78 virtual void DeleteServerBoundCert( |
31 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 79 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
32 virtual void SetForceKeepSessionState() OVERRIDE; | 80 virtual void SetForceKeepSessionState() OVERRIDE; |
33 virtual void Flush(const base::Closure& completion_task) OVERRIDE; | 81 virtual void Flush(const base::Closure& completion_task) OVERRIDE; |
34 | 82 |
35 protected: | 83 protected: |
36 virtual ~MockPersistentStore(); | 84 virtual ~MockPersistentStore(); |
37 | 85 |
38 private: | 86 private: |
39 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> | 87 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> |
40 ServerBoundCertMap; | 88 ServerBoundCertMap; |
41 | 89 |
42 ServerBoundCertMap origin_certs_; | 90 ServerBoundCertMap origin_certs_; |
43 }; | 91 }; |
44 | 92 |
45 MockPersistentStore::MockPersistentStore() {} | 93 MockPersistentStore::MockPersistentStore() {} |
46 | 94 |
47 bool MockPersistentStore::Load( | 95 void MockPersistentStore::Load(const LoadedCallback& loaded_callback) { |
48 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) { | 96 scoped_ptr<ScopedVector<DefaultServerBoundCertStore::ServerBoundCert> > |
97 certs(new ScopedVector<DefaultServerBoundCertStore::ServerBoundCert>()); | |
49 ServerBoundCertMap::iterator it; | 98 ServerBoundCertMap::iterator it; |
50 | 99 |
51 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { | 100 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { |
52 certs->push_back( | 101 certs->push_back( |
53 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); | 102 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); |
54 } | 103 } |
55 | 104 |
56 return true; | 105 MessageLoop::current()->PostTask( |
106 FROM_HERE, base::Bind(loaded_callback, base::Passed(&certs))); | |
57 } | 107 } |
58 | 108 |
59 void MockPersistentStore::AddServerBoundCert( | 109 void MockPersistentStore::AddServerBoundCert( |
60 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 110 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
61 origin_certs_[cert.server_identifier()] = cert; | 111 origin_certs_[cert.server_identifier()] = cert; |
62 } | 112 } |
63 | 113 |
64 void MockPersistentStore::DeleteServerBoundCert( | 114 void MockPersistentStore::DeleteServerBoundCert( |
65 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 115 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
66 origin_certs_.erase(cert.server_identifier()); | 116 origin_certs_.erase(cert.server_identifier()); |
67 } | 117 } |
68 | 118 |
69 void MockPersistentStore::SetForceKeepSessionState() {} | 119 void MockPersistentStore::SetForceKeepSessionState() {} |
70 | 120 |
71 void MockPersistentStore::Flush(const base::Closure& completion_task) { | 121 void MockPersistentStore::Flush(const base::Closure& completion_task) { |
72 NOTREACHED(); | 122 NOTREACHED(); |
73 } | 123 } |
74 | 124 |
75 MockPersistentStore::~MockPersistentStore() {} | 125 MockPersistentStore::~MockPersistentStore() {} |
76 | 126 |
127 } // namespace | |
128 | |
77 TEST(DefaultServerBoundCertStoreTest, TestLoading) { | 129 TEST(DefaultServerBoundCertStoreTest, TestLoading) { |
78 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 130 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
79 | 131 |
80 persistent_store->AddServerBoundCert( | 132 persistent_store->AddServerBoundCert( |
81 DefaultServerBoundCertStore::ServerBoundCert( | 133 DefaultServerBoundCertStore::ServerBoundCert( |
82 "google.com", | 134 "google.com", |
83 CLIENT_CERT_RSA_SIGN, | 135 CLIENT_CERT_RSA_SIGN, |
84 base::Time(), | 136 base::Time(), |
85 base::Time(), | 137 base::Time(), |
86 "a", "b")); | 138 "a", "b")); |
87 persistent_store->AddServerBoundCert( | 139 persistent_store->AddServerBoundCert( |
88 DefaultServerBoundCertStore::ServerBoundCert( | 140 DefaultServerBoundCertStore::ServerBoundCert( |
89 "verisign.com", | 141 "verisign.com", |
90 CLIENT_CERT_ECDSA_SIGN, | 142 CLIENT_CERT_ECDSA_SIGN, |
91 base::Time(), | 143 base::Time(), |
92 base::Time(), | 144 base::Time(), |
93 "c", "d")); | 145 "c", "d")); |
94 | 146 |
95 // Make sure certs load properly. | 147 // Make sure certs load properly. |
96 DefaultServerBoundCertStore store(persistent_store.get()); | 148 DefaultServerBoundCertStore store(persistent_store.get()); |
97 EXPECT_EQ(2, store.GetCertCount()); | 149 // Load has not occurred yet. |
150 EXPECT_EQ(0, store.GetCertCount()); | |
98 store.SetServerBoundCert( | 151 store.SetServerBoundCert( |
99 "verisign.com", | 152 "verisign.com", |
100 CLIENT_CERT_RSA_SIGN, | 153 CLIENT_CERT_RSA_SIGN, |
101 base::Time(), | 154 base::Time(), |
102 base::Time(), | 155 base::Time(), |
103 "e", "f"); | 156 "e", "f"); |
157 // Wait for load & queued set task. | |
158 MessageLoop::current()->RunUntilIdle(); | |
104 EXPECT_EQ(2, store.GetCertCount()); | 159 EXPECT_EQ(2, store.GetCertCount()); |
105 store.SetServerBoundCert( | 160 store.SetServerBoundCert( |
106 "twitter.com", | 161 "twitter.com", |
107 CLIENT_CERT_RSA_SIGN, | 162 CLIENT_CERT_RSA_SIGN, |
108 base::Time(), | 163 base::Time(), |
109 base::Time(), | 164 base::Time(), |
110 "g", "h"); | 165 "g", "h"); |
166 // Set should be synchronous now that load is done. | |
111 EXPECT_EQ(3, store.GetCertCount()); | 167 EXPECT_EQ(3, store.GetCertCount()); |
112 } | 168 } |
113 | 169 |
170 //TODO(mattm): add more tests of without a persistent store? | |
114 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { | 171 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { |
172 // No persistent store, all calls will be synchronous. | |
115 DefaultServerBoundCertStore store(NULL); | 173 DefaultServerBoundCertStore store(NULL); |
116 SSLClientCertType type; | 174 SSLClientCertType type; |
117 base::Time creation_time; | |
118 base::Time expiration_time; | 175 base::Time expiration_time; |
119 std::string private_key, cert; | 176 std::string private_key, cert; |
120 EXPECT_EQ(0, store.GetCertCount()); | 177 EXPECT_EQ(0, store.GetCertCount()); |
121 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 178 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
122 &type, | 179 &type, |
123 &creation_time, | 180 &expiration_time, |
124 &expiration_time, | 181 &private_key, |
125 &private_key, | 182 &cert, |
126 &cert)); | 183 base::Bind(&GetCertCallbackNotCalled))); |
184 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
127 EXPECT_TRUE(private_key.empty()); | 185 EXPECT_TRUE(private_key.empty()); |
128 EXPECT_TRUE(cert.empty()); | 186 EXPECT_TRUE(cert.empty()); |
129 store.SetServerBoundCert( | 187 store.SetServerBoundCert( |
130 "verisign.com", | 188 "verisign.com", |
131 CLIENT_CERT_RSA_SIGN, | 189 CLIENT_CERT_RSA_SIGN, |
132 base::Time::FromInternalValue(123), | 190 base::Time::FromInternalValue(123), |
133 base::Time::FromInternalValue(456), | 191 base::Time::FromInternalValue(456), |
134 "i", "j"); | 192 "i", "j"); |
135 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 193 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
136 &type, | 194 &type, |
137 &creation_time, | |
138 &expiration_time, | 195 &expiration_time, |
139 &private_key, | 196 &private_key, |
140 &cert)); | 197 &cert, |
198 base::Bind(&GetCertCallbackNotCalled))); | |
141 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); | 199 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); |
142 EXPECT_EQ(123, creation_time.ToInternalValue()); | |
143 EXPECT_EQ(456, expiration_time.ToInternalValue()); | 200 EXPECT_EQ(456, expiration_time.ToInternalValue()); |
144 EXPECT_EQ("i", private_key); | 201 EXPECT_EQ("i", private_key); |
145 EXPECT_EQ("j", cert); | 202 EXPECT_EQ("j", cert); |
146 } | 203 } |
147 | 204 |
148 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { | 205 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { |
149 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 206 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
150 DefaultServerBoundCertStore store(persistent_store.get()); | 207 DefaultServerBoundCertStore store(persistent_store.get()); |
151 | 208 |
152 SSLClientCertType type; | 209 SSLClientCertType type; |
153 base::Time creation_time; | |
154 base::Time expiration_time; | 210 base::Time expiration_time; |
155 std::string private_key, cert; | 211 std::string private_key, cert; |
156 EXPECT_EQ(0, store.GetCertCount()); | 212 EXPECT_EQ(0, store.GetCertCount()); |
157 store.SetServerBoundCert( | 213 store.SetServerBoundCert( |
158 "verisign.com", | 214 "verisign.com", |
159 CLIENT_CERT_RSA_SIGN, | 215 CLIENT_CERT_RSA_SIGN, |
160 base::Time::FromInternalValue(123), | 216 base::Time::FromInternalValue(123), |
161 base::Time::FromInternalValue(1234), | 217 base::Time::FromInternalValue(1234), |
162 "a", "b"); | 218 "a", "b"); |
163 store.SetServerBoundCert( | 219 store.SetServerBoundCert( |
164 "verisign.com", | 220 "verisign.com", |
165 CLIENT_CERT_ECDSA_SIGN, | 221 CLIENT_CERT_ECDSA_SIGN, |
166 base::Time::FromInternalValue(456), | 222 base::Time::FromInternalValue(456), |
167 base::Time::FromInternalValue(4567), | 223 base::Time::FromInternalValue(4567), |
168 "c", "d"); | 224 "c", "d"); |
169 | 225 |
226 // Wait for load & queued set tasks. | |
227 MessageLoop::current()->RunUntilIdle(); | |
170 EXPECT_EQ(1, store.GetCertCount()); | 228 EXPECT_EQ(1, store.GetCertCount()); |
171 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 229 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
172 &type, | 230 &type, |
173 &creation_time, | |
174 &expiration_time, | 231 &expiration_time, |
175 &private_key, | 232 &private_key, |
176 &cert)); | 233 &cert, |
234 base::Bind(&GetCertCallbackNotCalled))); | |
177 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); | 235 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); |
178 EXPECT_EQ(456, creation_time.ToInternalValue()); | |
179 EXPECT_EQ(4567, expiration_time.ToInternalValue()); | 236 EXPECT_EQ(4567, expiration_time.ToInternalValue()); |
180 EXPECT_EQ("c", private_key); | 237 EXPECT_EQ("c", private_key); |
181 EXPECT_EQ("d", cert); | 238 EXPECT_EQ("d", cert); |
182 } | 239 } |
183 | 240 |
241 TEST(DefaultServerBoundCertStoreTest, TestAsyncGet) { | |
242 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
243 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
244 "verisign.com", | |
245 CLIENT_CERT_RSA_SIGN, | |
246 base::Time::FromInternalValue(123), | |
247 base::Time::FromInternalValue(1234), | |
248 "a", "b")); | |
249 | |
250 DefaultServerBoundCertStore store(persistent_store.get()); | |
251 AsyncGetCertHelper helper; | |
252 SSLClientCertType type; | |
253 base::Time expiration_time; | |
254 std::string private_key; | |
255 std::string cert = "not set"; | |
256 EXPECT_EQ(0, store.GetCertCount()); | |
257 EXPECT_FALSE(store.GetServerBoundCert( | |
258 "verisign.com", &type, &expiration_time, &private_key, &cert, | |
259 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&helper)))); | |
260 | |
261 // Wait for load & queued get tasks. | |
262 MessageLoop::current()->RunUntilIdle(); | |
263 EXPECT_EQ(1, store.GetCertCount()); | |
264 EXPECT_EQ("not set", cert); | |
265 EXPECT_TRUE(helper.called_); | |
266 EXPECT_EQ("verisign.com", helper.server_identifier_); | |
267 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, helper.type_); | |
268 EXPECT_EQ(1234, helper.expiration_time_.ToInternalValue()); | |
269 EXPECT_EQ("a", helper.private_key_); | |
270 EXPECT_EQ("b", helper.cert_); | |
271 } | |
272 | |
184 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { | 273 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { |
185 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 274 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
186 DefaultServerBoundCertStore store(persistent_store.get()); | 275 DefaultServerBoundCertStore store(persistent_store.get()); |
187 | 276 |
188 EXPECT_EQ(0, store.GetCertCount()); | |
189 store.SetServerBoundCert( | 277 store.SetServerBoundCert( |
190 "verisign.com", | 278 "verisign.com", |
191 CLIENT_CERT_RSA_SIGN, | 279 CLIENT_CERT_RSA_SIGN, |
192 base::Time(), | 280 base::Time(), |
193 base::Time(), | 281 base::Time(), |
194 "a", "b"); | 282 "a", "b"); |
195 store.SetServerBoundCert( | 283 store.SetServerBoundCert( |
196 "google.com", | 284 "google.com", |
197 CLIENT_CERT_RSA_SIGN, | 285 CLIENT_CERT_RSA_SIGN, |
198 base::Time(), | 286 base::Time(), |
199 base::Time(), | 287 base::Time(), |
200 "c", "d"); | 288 "c", "d"); |
201 store.SetServerBoundCert( | 289 store.SetServerBoundCert( |
202 "harvard.com", | 290 "harvard.com", |
203 CLIENT_CERT_RSA_SIGN, | 291 CLIENT_CERT_RSA_SIGN, |
204 base::Time(), | 292 base::Time(), |
205 base::Time(), | 293 base::Time(), |
206 "e", "f"); | 294 "e", "f"); |
295 // Wait for load & queued set tasks. | |
296 MessageLoop::current()->RunUntilIdle(); | |
207 | 297 |
208 EXPECT_EQ(3, store.GetCertCount()); | 298 EXPECT_EQ(3, store.GetCertCount()); |
209 store.DeleteAll(); | 299 int delete_finished = 0; |
300 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); | |
301 ASSERT_EQ(1, delete_finished); | |
210 EXPECT_EQ(0, store.GetCertCount()); | 302 EXPECT_EQ(0, store.GetCertCount()); |
211 } | 303 } |
212 | 304 |
305 TEST(DefaultServerBoundCertStoreTest, TestAsyncGetAndDeleteAll) { | |
306 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
307 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
308 "verisign.com", | |
309 CLIENT_CERT_RSA_SIGN, | |
310 base::Time(), | |
311 base::Time(), | |
312 "a", "b")); | |
313 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
314 "google.com", | |
315 CLIENT_CERT_RSA_SIGN, | |
316 base::Time(), | |
317 base::Time(), | |
318 "c", "d")); | |
319 | |
320 ServerBoundCertStore::ServerBoundCertList pre_certs; | |
321 ServerBoundCertStore::ServerBoundCertList post_certs; | |
322 int delete_finished = 0; | |
323 DefaultServerBoundCertStore store(persistent_store.get()); | |
324 | |
325 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &pre_certs)); | |
326 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); | |
327 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &post_certs)); | |
328 // Tasks have not run yet. | |
329 EXPECT_EQ(0u, pre_certs.size()); | |
330 // Wait for load & queued tasks. | |
331 MessageLoop::current()->RunUntilIdle(); | |
332 EXPECT_EQ(0, store.GetCertCount()); | |
333 EXPECT_EQ(2u, pre_certs.size()); | |
334 EXPECT_EQ(0u, post_certs.size()); | |
335 } | |
336 | |
213 TEST(DefaultServerBoundCertStoreTest, TestDelete) { | 337 TEST(DefaultServerBoundCertStoreTest, TestDelete) { |
214 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 338 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
215 DefaultServerBoundCertStore store(persistent_store.get()); | 339 DefaultServerBoundCertStore store(persistent_store.get()); |
216 | 340 |
217 SSLClientCertType type; | 341 SSLClientCertType type; |
218 base::Time creation_time; | |
219 base::Time expiration_time; | 342 base::Time expiration_time; |
220 std::string private_key, cert; | 343 std::string private_key, cert; |
221 EXPECT_EQ(0, store.GetCertCount()); | 344 EXPECT_EQ(0, store.GetCertCount()); |
222 store.SetServerBoundCert( | 345 store.SetServerBoundCert( |
223 "verisign.com", | 346 "verisign.com", |
224 CLIENT_CERT_RSA_SIGN, | 347 CLIENT_CERT_RSA_SIGN, |
225 base::Time(), | 348 base::Time(), |
226 base::Time(), | 349 base::Time(), |
227 "a", "b"); | 350 "a", "b"); |
351 // Wait for load & queued set task. | |
352 MessageLoop::current()->RunUntilIdle(); | |
353 | |
228 store.SetServerBoundCert( | 354 store.SetServerBoundCert( |
229 "google.com", | 355 "google.com", |
230 CLIENT_CERT_ECDSA_SIGN, | 356 CLIENT_CERT_ECDSA_SIGN, |
231 base::Time(), | 357 base::Time(), |
232 base::Time(), | 358 base::Time(), |
233 "c", "d"); | 359 "c", "d"); |
234 | 360 |
235 EXPECT_EQ(2, store.GetCertCount()); | 361 EXPECT_EQ(2, store.GetCertCount()); |
236 store.DeleteServerBoundCert("verisign.com"); | 362 int delete_finished = 0; |
363 store.DeleteServerBoundCert("verisign.com", | |
364 base::Bind(&CallCounter, &delete_finished)); | |
365 ASSERT_EQ(1, delete_finished); | |
237 EXPECT_EQ(1, store.GetCertCount()); | 366 EXPECT_EQ(1, store.GetCertCount()); |
238 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 367 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
239 &type, | 368 &type, |
240 &creation_time, | 369 &expiration_time, |
241 &expiration_time, | 370 &private_key, |
242 &private_key, | 371 &cert, |
243 &cert)); | 372 base::Bind(&GetCertCallbackNotCalled))); |
373 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
244 EXPECT_TRUE(store.GetServerBoundCert("google.com", | 374 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
245 &type, | 375 &type, |
246 &creation_time, | |
247 &expiration_time, | 376 &expiration_time, |
248 &private_key, | 377 &private_key, |
249 &cert)); | 378 &cert, |
250 store.DeleteServerBoundCert("google.com"); | 379 base::Bind(&GetCertCallbackNotCalled))); |
380 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); | |
381 int delete2_finished = 0; | |
382 store.DeleteServerBoundCert("google.com", | |
383 base::Bind(&CallCounter, &delete2_finished)); | |
384 ASSERT_EQ(1, delete2_finished); | |
251 EXPECT_EQ(0, store.GetCertCount()); | 385 EXPECT_EQ(0, store.GetCertCount()); |
252 EXPECT_FALSE(store.GetServerBoundCert("google.com", | 386 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
253 &type, | 387 &type, |
254 &creation_time, | 388 &expiration_time, |
255 &expiration_time, | 389 &private_key, |
256 &private_key, | 390 &cert, |
257 &cert)); | 391 base::Bind(&GetCertCallbackNotCalled))); |
392 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
393 } | |
394 | |
395 TEST(DefaultServerBoundCertStoreTest, TestAsyncDelete) { | |
396 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
397 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
398 "a.com", | |
399 CLIENT_CERT_RSA_SIGN, | |
400 base::Time::FromInternalValue(1), | |
401 base::Time::FromInternalValue(2), | |
402 "a", "b")); | |
403 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
404 "b.com", | |
405 CLIENT_CERT_RSA_SIGN, | |
406 base::Time::FromInternalValue(3), | |
407 base::Time::FromInternalValue(4), | |
408 "c", "d")); | |
409 DefaultServerBoundCertStore store(persistent_store.get()); | |
410 int delete_finished = 0; | |
411 store.DeleteServerBoundCert("a.com", | |
412 base::Bind(&CallCounter, &delete_finished)); | |
413 | |
414 AsyncGetCertHelper a_helper; | |
415 AsyncGetCertHelper b_helper; | |
416 SSLClientCertType type; | |
417 base::Time expiration_time; | |
418 std::string private_key; | |
419 std::string cert = "not set"; | |
420 EXPECT_EQ(0, store.GetCertCount()); | |
421 EXPECT_FALSE(store.GetServerBoundCert( | |
422 "a.com", &type, &expiration_time, &private_key, &cert, | |
423 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&a_helper)))); | |
424 EXPECT_FALSE(store.GetServerBoundCert( | |
425 "b.com", &type, &expiration_time, &private_key, &cert, | |
426 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&b_helper)))); | |
427 | |
428 EXPECT_EQ(0, delete_finished); | |
429 EXPECT_FALSE(a_helper.called_); | |
430 EXPECT_FALSE(b_helper.called_); | |
431 // Wait for load & queued tasks. | |
432 MessageLoop::current()->RunUntilIdle(); | |
433 EXPECT_EQ(1, delete_finished); | |
434 EXPECT_EQ(1, store.GetCertCount()); | |
435 EXPECT_EQ("not set", cert); | |
436 EXPECT_TRUE(a_helper.called_); | |
437 EXPECT_EQ("a.com", a_helper.server_identifier_); | |
438 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, a_helper.type_); | |
439 EXPECT_EQ(0, a_helper.expiration_time_.ToInternalValue()); | |
440 EXPECT_EQ("", a_helper.private_key_); | |
441 EXPECT_EQ("", a_helper.cert_); | |
442 EXPECT_TRUE(b_helper.called_); | |
443 EXPECT_EQ("b.com", b_helper.server_identifier_); | |
444 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, b_helper.type_); | |
445 EXPECT_EQ(4, b_helper.expiration_time_.ToInternalValue()); | |
446 EXPECT_EQ("c", b_helper.private_key_); | |
447 EXPECT_EQ("d", b_helper.cert_); | |
258 } | 448 } |
259 | 449 |
260 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { | 450 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { |
261 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 451 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
262 DefaultServerBoundCertStore store(persistent_store.get()); | 452 DefaultServerBoundCertStore store(persistent_store.get()); |
263 | 453 |
264 EXPECT_EQ(0, store.GetCertCount()); | 454 EXPECT_EQ(0, store.GetCertCount()); |
265 store.SetServerBoundCert( | 455 store.SetServerBoundCert( |
266 "verisign.com", | 456 "verisign.com", |
267 CLIENT_CERT_RSA_SIGN, | 457 CLIENT_CERT_RSA_SIGN, |
(...skipping 11 matching lines...) Expand all Loading... | |
279 CLIENT_CERT_RSA_SIGN, | 469 CLIENT_CERT_RSA_SIGN, |
280 base::Time(), | 470 base::Time(), |
281 base::Time(), | 471 base::Time(), |
282 "e", "f"); | 472 "e", "f"); |
283 store.SetServerBoundCert( | 473 store.SetServerBoundCert( |
284 "mit.com", | 474 "mit.com", |
285 CLIENT_CERT_RSA_SIGN, | 475 CLIENT_CERT_RSA_SIGN, |
286 base::Time(), | 476 base::Time(), |
287 base::Time(), | 477 base::Time(), |
288 "g", "h"); | 478 "g", "h"); |
479 // Wait for load & queued set tasks. | |
480 MessageLoop::current()->RunUntilIdle(); | |
289 | 481 |
290 EXPECT_EQ(4, store.GetCertCount()); | 482 EXPECT_EQ(4, store.GetCertCount()); |
291 ServerBoundCertStore::ServerBoundCertList certs; | 483 ServerBoundCertStore::ServerBoundCertList certs; |
292 store.GetAllServerBoundCerts(&certs); | 484 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
293 EXPECT_EQ(4u, certs.size()); | 485 EXPECT_EQ(4u, certs.size()); |
294 } | 486 } |
295 | 487 |
296 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { | 488 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { |
297 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 489 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
298 DefaultServerBoundCertStore store(persistent_store.get()); | 490 DefaultServerBoundCertStore store(persistent_store.get()); |
299 | 491 |
300 store.SetServerBoundCert( | 492 store.SetServerBoundCert( |
301 "preexisting.com", | 493 "preexisting.com", |
302 CLIENT_CERT_RSA_SIGN, | 494 CLIENT_CERT_RSA_SIGN, |
303 base::Time(), | 495 base::Time(), |
304 base::Time(), | 496 base::Time(), |
305 "a", "b"); | 497 "a", "b"); |
306 store.SetServerBoundCert( | 498 store.SetServerBoundCert( |
307 "both.com", | 499 "both.com", |
308 CLIENT_CERT_ECDSA_SIGN, | 500 CLIENT_CERT_ECDSA_SIGN, |
309 base::Time(), | 501 base::Time(), |
310 base::Time(), | 502 base::Time(), |
311 "c", "d"); | 503 "c", "d"); |
504 // Wait for load & queued set tasks. | |
505 MessageLoop::current()->RunUntilIdle(); | |
312 EXPECT_EQ(2, store.GetCertCount()); | 506 EXPECT_EQ(2, store.GetCertCount()); |
313 | 507 |
314 ServerBoundCertStore::ServerBoundCertList source_certs; | 508 ServerBoundCertStore::ServerBoundCertList source_certs; |
315 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 509 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
316 "both.com", | 510 "both.com", |
317 CLIENT_CERT_RSA_SIGN, | 511 CLIENT_CERT_RSA_SIGN, |
318 base::Time(), | 512 base::Time(), |
319 base::Time(), | 513 base::Time(), |
320 // Key differs from above to test that existing entries are overwritten. | 514 // Key differs from above to test that existing entries are overwritten. |
321 "e", "f")); | 515 "e", "f")); |
322 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 516 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
323 "copied.com", | 517 "copied.com", |
324 CLIENT_CERT_RSA_SIGN, | 518 CLIENT_CERT_RSA_SIGN, |
325 base::Time(), | 519 base::Time(), |
326 base::Time(), | 520 base::Time(), |
327 "g", "h")); | 521 "g", "h")); |
328 store.InitializeFrom(source_certs); | 522 store.InitializeFrom(source_certs); |
329 EXPECT_EQ(3, store.GetCertCount()); | 523 EXPECT_EQ(3, store.GetCertCount()); |
330 | 524 |
331 ServerBoundCertStore::ServerBoundCertList certs; | 525 ServerBoundCertStore::ServerBoundCertList certs; |
332 store.GetAllServerBoundCerts(&certs); | 526 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
333 ASSERT_EQ(3u, certs.size()); | 527 ASSERT_EQ(3u, certs.size()); |
334 | 528 |
335 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); | 529 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); |
530 EXPECT_EQ("both.com", cert->server_identifier()); | |
531 EXPECT_EQ("e", cert->private_key()); | |
532 | |
533 ++cert; | |
534 EXPECT_EQ("copied.com", cert->server_identifier()); | |
535 EXPECT_EQ("g", cert->private_key()); | |
536 | |
537 ++cert; | |
538 EXPECT_EQ("preexisting.com", cert->server_identifier()); | |
539 EXPECT_EQ("a", cert->private_key()); | |
540 } | |
541 | |
542 TEST(DefaultServerBoundCertStoreTest, TestAsyncInitializeFrom) { | |
543 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
544 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
545 "preexisting.com", | |
546 CLIENT_CERT_RSA_SIGN, | |
547 base::Time(), | |
548 base::Time(), | |
549 "a", "b")); | |
550 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
551 "both.com", | |
552 CLIENT_CERT_RSA_SIGN, | |
553 base::Time(), | |
554 base::Time(), | |
555 "c", "d")); | |
556 | |
557 DefaultServerBoundCertStore store(persistent_store.get()); | |
558 ServerBoundCertStore::ServerBoundCertList source_certs; | |
559 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | |
560 "both.com", | |
561 CLIENT_CERT_RSA_SIGN, | |
562 base::Time(), | |
563 base::Time(), | |
564 // Key differs from above to test that existing entries are overwritten. | |
565 "e", "f")); | |
566 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | |
567 "copied.com", | |
568 CLIENT_CERT_RSA_SIGN, | |
569 base::Time(), | |
570 base::Time(), | |
571 "g", "h")); | |
572 store.InitializeFrom(source_certs); | |
573 EXPECT_EQ(0, store.GetCertCount()); | |
574 // Wait for load & queued tasks. | |
575 MessageLoop::current()->RunUntilIdle(); | |
576 EXPECT_EQ(3, store.GetCertCount()); | |
577 | |
578 ServerBoundCertStore::ServerBoundCertList certs; | |
579 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); | |
580 ASSERT_EQ(3u, certs.size()); | |
581 | |
582 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); | |
336 EXPECT_EQ("both.com", cert->server_identifier()); | 583 EXPECT_EQ("both.com", cert->server_identifier()); |
337 EXPECT_EQ("e", cert->private_key()); | 584 EXPECT_EQ("e", cert->private_key()); |
338 | 585 |
339 ++cert; | 586 ++cert; |
340 EXPECT_EQ("copied.com", cert->server_identifier()); | 587 EXPECT_EQ("copied.com", cert->server_identifier()); |
341 EXPECT_EQ("g", cert->private_key()); | 588 EXPECT_EQ("g", cert->private_key()); |
342 | 589 |
343 ++cert; | 590 ++cert; |
344 EXPECT_EQ("preexisting.com", cert->server_identifier()); | 591 EXPECT_EQ("preexisting.com", cert->server_identifier()); |
345 EXPECT_EQ("a", cert->private_key()); | 592 EXPECT_EQ("a", cert->private_key()); |
346 } | 593 } |
347 | 594 |
348 } // namespace net | 595 } // namespace net |
OLD | NEW |