Chromium Code Reviews Chromium Code Reviews
Issue 11742037:
Make ServerBoundCertStore interface async, move SQLiteServerBoundCertStore load onto DB thread. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/default_server_bound_cert_store.h" | 5 #include "net/base/default_server_bound_cert_store.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
| 13 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 15 #include "base/message_loop.h" | |
| 15 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
| 16 | 17 |
| 17 namespace net { | 18 namespace net { |
| 18 | 19 |
| 20 namespace { | |
| 21 | |
| 22 void CallCounter(int* counter) { | |
| 23 (*counter)++; | |
| 24 } | |
| 25 | |
| 26 void NotCalled() { | |
| 27 ASSERT_TRUE(false); | |
|
erikwright (departed)
2013/01/04 19:20:10
FAIL() << "Message." ?
Also, you should only use
mattm
2013/01/08 04:53:21
Done.
| |
| 28 } | |
| 29 | |
| 30 void GetCertCallbackNotCalled(const std::string& server_identifier, | |
| 31 SSLClientCertType type, | |
| 32 base::Time expiration_time, | |
| 33 const std::string& private_key_result, | |
| 34 const std::string& cert_result) { | |
| 35 ASSERT_TRUE(false); | |
| 36 } | |
| 37 | |
| 38 class AsyncGetCertHelper { | |
| 39 public: | |
| 40 AsyncGetCertHelper() : called_(false) {} | |
| 41 | |
| 42 void Callback(const std::string& server_identifier, | |
| 43 SSLClientCertType type, | |
| 44 base::Time expiration_time, | |
| 45 const std::string& private_key_result, | |
| 46 const std::string& cert_result) { | |
| 47 server_identifier_ = server_identifier; | |
| 48 type_ = type; | |
| 49 expiration_time_ = expiration_time; | |
| 50 private_key_ = private_key_result; | |
| 51 cert_ = cert_result; | |
| 52 called_ = true; | |
| 53 } | |
| 54 | |
| 55 std::string server_identifier_; | |
| 56 SSLClientCertType type_; | |
| 57 base::Time expiration_time_; | |
| 58 std::string private_key_; | |
| 59 std::string cert_; | |
| 60 bool called_; | |
| 61 }; | |
| 62 | |
| 63 void GetAllCallback( | |
| 64 ServerBoundCertStore::ServerBoundCertList* dest, | |
| 65 const ServerBoundCertStore::ServerBoundCertList& result) { | |
| 66 *dest = result; | |
| 67 } | |
| 68 | |
| 19 class MockPersistentStore | 69 class MockPersistentStore |
| 20 : public DefaultServerBoundCertStore::PersistentStore { | 70 : public DefaultServerBoundCertStore::PersistentStore { |
| 21 public: | 71 public: |
| 22 MockPersistentStore(); | 72 MockPersistentStore(); |
| 23 | 73 |
| 24 // DefaultServerBoundCertStore::PersistentStore implementation. | 74 // DefaultServerBoundCertStore::PersistentStore implementation. |
| 25 virtual bool Load( | 75 virtual void Load(const LoadedCallback& loaded_callback) OVERRIDE; |
| 26 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) | |
| 27 OVERRIDE; | |
| 28 virtual void AddServerBoundCert( | 76 virtual void AddServerBoundCert( |
| 29 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 77 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
| 30 virtual void DeleteServerBoundCert( | 78 virtual void DeleteServerBoundCert( |
| 31 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 79 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
| 32 virtual void SetForceKeepSessionState() OVERRIDE; | 80 virtual void SetForceKeepSessionState() OVERRIDE; |
| 33 virtual void Flush(const base::Closure& completion_task) OVERRIDE; | 81 virtual void Flush(const base::Closure& completion_task) OVERRIDE; |
| 34 | 82 |
| 35 protected: | 83 protected: |
| 36 virtual ~MockPersistentStore(); | 84 virtual ~MockPersistentStore(); |
| 37 | 85 |
| 38 private: | 86 private: |
| 39 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> | 87 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> |
| 40 ServerBoundCertMap; | 88 ServerBoundCertMap; |
| 41 | 89 |
| 42 ServerBoundCertMap origin_certs_; | 90 ServerBoundCertMap origin_certs_; |
| 43 }; | 91 }; |
| 44 | 92 |
| 45 MockPersistentStore::MockPersistentStore() {} | 93 MockPersistentStore::MockPersistentStore() {} |
| 46 | 94 |
| 47 bool MockPersistentStore::Load( | 95 void MockPersistentStore::Load(const LoadedCallback& loaded_callback) { |
| 48 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) { | 96 scoped_ptr<ScopedVector<DefaultServerBoundCertStore::ServerBoundCert> > |
| 97 certs(new ScopedVector<DefaultServerBoundCertStore::ServerBoundCert>()); | |
| 49 ServerBoundCertMap::iterator it; | 98 ServerBoundCertMap::iterator it; |
| 50 | 99 |
| 51 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { | 100 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { |
| 52 certs->push_back( | 101 certs->push_back( |
| 53 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); | 102 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); |
| 54 } | 103 } |
| 55 | 104 |
| 56 return true; | 105 MessageLoop::current()->PostTask( |
| 106 FROM_HERE, base::Bind(loaded_callback, base::Passed(&certs))); | |
| 57 } | 107 } |
| 58 | 108 |
| 59 void MockPersistentStore::AddServerBoundCert( | 109 void MockPersistentStore::AddServerBoundCert( |
| 60 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 110 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
| 61 origin_certs_[cert.server_identifier()] = cert; | 111 origin_certs_[cert.server_identifier()] = cert; |
| 62 } | 112 } |
| 63 | 113 |
| 64 void MockPersistentStore::DeleteServerBoundCert( | 114 void MockPersistentStore::DeleteServerBoundCert( |
| 65 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 115 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
| 66 origin_certs_.erase(cert.server_identifier()); | 116 origin_certs_.erase(cert.server_identifier()); |
| 67 } | 117 } |
| 68 | 118 |
| 69 void MockPersistentStore::SetForceKeepSessionState() {} | 119 void MockPersistentStore::SetForceKeepSessionState() {} |
| 70 | 120 |
| 71 void MockPersistentStore::Flush(const base::Closure& completion_task) { | 121 void MockPersistentStore::Flush(const base::Closure& completion_task) { |
| 72 NOTREACHED(); | 122 NOTREACHED(); |
| 73 } | 123 } |
| 74 | 124 |
| 75 MockPersistentStore::~MockPersistentStore() {} | 125 MockPersistentStore::~MockPersistentStore() {} |
| 76 | 126 |
| 127 } // namespace | |
| 128 | |
| 77 TEST(DefaultServerBoundCertStoreTest, TestLoading) { | 129 TEST(DefaultServerBoundCertStoreTest, TestLoading) { |
| 78 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 130 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 79 | 131 |
| 80 persistent_store->AddServerBoundCert( | 132 persistent_store->AddServerBoundCert( |
| 81 DefaultServerBoundCertStore::ServerBoundCert( | 133 DefaultServerBoundCertStore::ServerBoundCert( |
| 82 "google.com", | 134 "google.com", |
| 83 CLIENT_CERT_RSA_SIGN, | 135 CLIENT_CERT_RSA_SIGN, |
| 84 base::Time(), | 136 base::Time(), |
| 85 base::Time(), | 137 base::Time(), |
| 86 "a", "b")); | 138 "a", "b")); |
| 87 persistent_store->AddServerBoundCert( | 139 persistent_store->AddServerBoundCert( |
| 88 DefaultServerBoundCertStore::ServerBoundCert( | 140 DefaultServerBoundCertStore::ServerBoundCert( |
| 89 "verisign.com", | 141 "verisign.com", |
| 90 CLIENT_CERT_ECDSA_SIGN, | 142 CLIENT_CERT_ECDSA_SIGN, |
| 91 base::Time(), | 143 base::Time(), |
| 92 base::Time(), | 144 base::Time(), |
| 93 "c", "d")); | 145 "c", "d")); |
| 94 | 146 |
| 95 // Make sure certs load properly. | 147 // Make sure certs load properly. |
| 96 DefaultServerBoundCertStore store(persistent_store.get()); | 148 DefaultServerBoundCertStore store(persistent_store.get()); |
| 97 EXPECT_EQ(2, store.GetCertCount()); | 149 // Load has not occurred yet. |
| 150 EXPECT_EQ(0, store.GetCertCount()); | |
| 98 store.SetServerBoundCert( | 151 store.SetServerBoundCert( |
| 99 "verisign.com", | 152 "verisign.com", |
| 100 CLIENT_CERT_RSA_SIGN, | 153 CLIENT_CERT_RSA_SIGN, |
| 101 base::Time(), | 154 base::Time(), |
| 102 base::Time(), | 155 base::Time(), |
| 103 "e", "f"); | 156 "e", "f"); |
| 157 // Wait for load & queued set task. | |
| 158 MessageLoop::current()->RunUntilIdle(); | |
| 104 EXPECT_EQ(2, store.GetCertCount()); | 159 EXPECT_EQ(2, store.GetCertCount()); |
| 105 store.SetServerBoundCert( | 160 store.SetServerBoundCert( |
| 106 "twitter.com", | 161 "twitter.com", |
| 107 CLIENT_CERT_RSA_SIGN, | 162 CLIENT_CERT_RSA_SIGN, |
| 108 base::Time(), | 163 base::Time(), |
| 109 base::Time(), | 164 base::Time(), |
| 110 "g", "h"); | 165 "g", "h"); |
| 166 // Set should be synchronous now that load is done. | |
| 111 EXPECT_EQ(3, store.GetCertCount()); | 167 EXPECT_EQ(3, store.GetCertCount()); |
| 112 } | 168 } |
| 113 | 169 |
| 170 //TODO(mattm): add more tests of without a persistent store? | |
| 114 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { | 171 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { |
| 172 // No persistent store, all calls will be synchronous. | |
| 115 DefaultServerBoundCertStore store(NULL); | 173 DefaultServerBoundCertStore store(NULL); |
| 116 SSLClientCertType type; | 174 SSLClientCertType type; |
| 117 base::Time creation_time; | |
| 118 base::Time expiration_time; | 175 base::Time expiration_time; |
| 119 std::string private_key, cert; | 176 std::string private_key, cert; |
| 120 EXPECT_EQ(0, store.GetCertCount()); | 177 EXPECT_EQ(0, store.GetCertCount()); |
| 121 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 178 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
| 122 &type, | 179 &type, |
| 123 &creation_time, | 180 &expiration_time, |
| 124 &expiration_time, | 181 &private_key, |
| 125 &private_key, | 182 &cert, |
| 126 &cert)); | 183 base::Bind(&GetCertCallbackNotCalled))); |
| 184 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
| 127 EXPECT_TRUE(private_key.empty()); | 185 EXPECT_TRUE(private_key.empty()); |
| 128 EXPECT_TRUE(cert.empty()); | 186 EXPECT_TRUE(cert.empty()); |
| 129 store.SetServerBoundCert( | 187 store.SetServerBoundCert( |
| 130 "verisign.com", | 188 "verisign.com", |
| 131 CLIENT_CERT_RSA_SIGN, | 189 CLIENT_CERT_RSA_SIGN, |
| 132 base::Time::FromInternalValue(123), | 190 base::Time::FromInternalValue(123), |
| 133 base::Time::FromInternalValue(456), | 191 base::Time::FromInternalValue(456), |
| 134 "i", "j"); | 192 "i", "j"); |
| 135 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 193 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
| 136 &type, | 194 &type, |
| 137 &creation_time, | |
| 138 &expiration_time, | 195 &expiration_time, |
| 139 &private_key, | 196 &private_key, |
| 140 &cert)); | 197 &cert, |
| 198 base::Bind(&GetCertCallbackNotCalled))); | |
| 141 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); | 199 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); |
| 142 EXPECT_EQ(123, creation_time.ToInternalValue()); | |
| 143 EXPECT_EQ(456, expiration_time.ToInternalValue()); | 200 EXPECT_EQ(456, expiration_time.ToInternalValue()); |
| 144 EXPECT_EQ("i", private_key); | 201 EXPECT_EQ("i", private_key); |
| 145 EXPECT_EQ("j", cert); | 202 EXPECT_EQ("j", cert); |
| 146 } | 203 } |
| 147 | 204 |
| 148 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { | 205 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { |
| 149 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 206 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 150 DefaultServerBoundCertStore store(persistent_store.get()); | 207 DefaultServerBoundCertStore store(persistent_store.get()); |
| 151 | 208 |
| 152 SSLClientCertType type; | 209 SSLClientCertType type; |
| 153 base::Time creation_time; | |
| 154 base::Time expiration_time; | 210 base::Time expiration_time; |
| 155 std::string private_key, cert; | 211 std::string private_key, cert; |
| 156 EXPECT_EQ(0, store.GetCertCount()); | 212 EXPECT_EQ(0, store.GetCertCount()); |
| 157 store.SetServerBoundCert( | 213 store.SetServerBoundCert( |
| 158 "verisign.com", | 214 "verisign.com", |
| 159 CLIENT_CERT_RSA_SIGN, | 215 CLIENT_CERT_RSA_SIGN, |
| 160 base::Time::FromInternalValue(123), | 216 base::Time::FromInternalValue(123), |
| 161 base::Time::FromInternalValue(1234), | 217 base::Time::FromInternalValue(1234), |
| 162 "a", "b"); | 218 "a", "b"); |
| 163 store.SetServerBoundCert( | 219 store.SetServerBoundCert( |
| 164 "verisign.com", | 220 "verisign.com", |
| 165 CLIENT_CERT_ECDSA_SIGN, | 221 CLIENT_CERT_ECDSA_SIGN, |
| 166 base::Time::FromInternalValue(456), | 222 base::Time::FromInternalValue(456), |
| 167 base::Time::FromInternalValue(4567), | 223 base::Time::FromInternalValue(4567), |
| 168 "c", "d"); | 224 "c", "d"); |
| 169 | 225 |
| 226 // Wait for load & queued set tasks. | |
| 227 MessageLoop::current()->RunUntilIdle(); | |
| 170 EXPECT_EQ(1, store.GetCertCount()); | 228 EXPECT_EQ(1, store.GetCertCount()); |
| 171 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 229 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
| 172 &type, | 230 &type, |
| 173 &creation_time, | |
| 174 &expiration_time, | 231 &expiration_time, |
| 175 &private_key, | 232 &private_key, |
| 176 &cert)); | 233 &cert, |
| 234 base::Bind(&GetCertCallbackNotCalled))); | |
| 177 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); | 235 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); |
| 178 EXPECT_EQ(456, creation_time.ToInternalValue()); | |
| 179 EXPECT_EQ(4567, expiration_time.ToInternalValue()); | 236 EXPECT_EQ(4567, expiration_time.ToInternalValue()); |
| 180 EXPECT_EQ("c", private_key); | 237 EXPECT_EQ("c", private_key); |
| 181 EXPECT_EQ("d", cert); | 238 EXPECT_EQ("d", cert); |
| 182 } | 239 } |
| 183 | 240 |
| 241 TEST(DefaultServerBoundCertStoreTest, TestAsyncGet) { | |
| 242 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
| 243 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 244 "verisign.com", | |
| 245 CLIENT_CERT_RSA_SIGN, | |
| 246 base::Time::FromInternalValue(123), | |
| 247 base::Time::FromInternalValue(1234), | |
| 248 "a", "b")); | |
| 249 | |
| 250 DefaultServerBoundCertStore store(persistent_store.get()); | |
| 251 AsyncGetCertHelper helper; | |
| 252 SSLClientCertType type; | |
| 253 base::Time expiration_time; | |
| 254 std::string private_key; | |
| 255 std::string cert = "not set"; | |
| 256 EXPECT_EQ(0, store.GetCertCount()); | |
| 257 EXPECT_FALSE(store.GetServerBoundCert( | |
| 258 "verisign.com", &type, &expiration_time, &private_key, &cert, | |
| 259 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&helper)))); | |
| 260 | |
| 261 // Wait for load & queued get tasks. | |
| 262 MessageLoop::current()->RunUntilIdle(); | |
| 263 EXPECT_EQ(1, store.GetCertCount()); | |
| 264 EXPECT_EQ("not set", cert); | |
| 265 EXPECT_TRUE(helper.called_); | |
| 266 EXPECT_EQ("verisign.com", helper.server_identifier_); | |
| 267 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, helper.type_); | |
| 268 EXPECT_EQ(1234, helper.expiration_time_.ToInternalValue()); | |
| 269 EXPECT_EQ("a", helper.private_key_); | |
| 270 EXPECT_EQ("b", helper.cert_); | |
| 271 } | |
| 272 | |
| 184 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { | 273 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { |
| 185 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 274 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 186 DefaultServerBoundCertStore store(persistent_store.get()); | 275 DefaultServerBoundCertStore store(persistent_store.get()); |
| 187 | 276 |
| 188 EXPECT_EQ(0, store.GetCertCount()); | |
| 189 store.SetServerBoundCert( | 277 store.SetServerBoundCert( |
| 190 "verisign.com", | 278 "verisign.com", |
| 191 CLIENT_CERT_RSA_SIGN, | 279 CLIENT_CERT_RSA_SIGN, |
| 192 base::Time(), | 280 base::Time(), |
| 193 base::Time(), | 281 base::Time(), |
| 194 "a", "b"); | 282 "a", "b"); |
| 195 store.SetServerBoundCert( | 283 store.SetServerBoundCert( |
| 196 "google.com", | 284 "google.com", |
| 197 CLIENT_CERT_RSA_SIGN, | 285 CLIENT_CERT_RSA_SIGN, |
| 198 base::Time(), | 286 base::Time(), |
| 199 base::Time(), | 287 base::Time(), |
| 200 "c", "d"); | 288 "c", "d"); |
| 201 store.SetServerBoundCert( | 289 store.SetServerBoundCert( |
| 202 "harvard.com", | 290 "harvard.com", |
| 203 CLIENT_CERT_RSA_SIGN, | 291 CLIENT_CERT_RSA_SIGN, |
| 204 base::Time(), | 292 base::Time(), |
| 205 base::Time(), | 293 base::Time(), |
| 206 "e", "f"); | 294 "e", "f"); |
| 295 // Wait for load & queued set tasks. | |
| 296 MessageLoop::current()->RunUntilIdle(); | |
| 207 | 297 |
| 208 EXPECT_EQ(3, store.GetCertCount()); | 298 EXPECT_EQ(3, store.GetCertCount()); |
| 209 store.DeleteAll(); | 299 int delete_finished = 0; |
| 300 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); | |
| 301 ASSERT_EQ(1, delete_finished); | |
| 210 EXPECT_EQ(0, store.GetCertCount()); | 302 EXPECT_EQ(0, store.GetCertCount()); |
| 211 } | 303 } |
| 212 | 304 |
| 305 TEST(DefaultServerBoundCertStoreTest, TestAsyncGetAndDeleteAll) { | |
| 306 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
| 307 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 308 "verisign.com", | |
| 309 CLIENT_CERT_RSA_SIGN, | |
| 310 base::Time(), | |
| 311 base::Time(), | |
| 312 "a", "b")); | |
| 313 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 314 "google.com", | |
| 315 CLIENT_CERT_RSA_SIGN, | |
| 316 base::Time(), | |
| 317 base::Time(), | |
| 318 "c", "d")); | |
| 319 | |
| 320 ServerBoundCertStore::ServerBoundCertList pre_certs; | |
| 321 ServerBoundCertStore::ServerBoundCertList post_certs; | |
| 322 int delete_finished = 0; | |
| 323 DefaultServerBoundCertStore store(persistent_store.get()); | |
| 324 | |
| 325 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &pre_certs)); | |
| 326 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); | |
| 327 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &post_certs)); | |
| 328 // Tasks have not run yet. | |
| 329 EXPECT_EQ(0u, pre_certs.size()); | |
| 330 // Wait for load & queued tasks. | |
| 331 MessageLoop::current()->RunUntilIdle(); | |
| 332 EXPECT_EQ(0, store.GetCertCount()); | |
| 333 EXPECT_EQ(2u, pre_certs.size()); | |
| 334 EXPECT_EQ(0u, post_certs.size()); | |
| 335 } | |
| 336 | |
| 213 TEST(DefaultServerBoundCertStoreTest, TestDelete) { | 337 TEST(DefaultServerBoundCertStoreTest, TestDelete) { |
| 214 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 338 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 215 DefaultServerBoundCertStore store(persistent_store.get()); | 339 DefaultServerBoundCertStore store(persistent_store.get()); |
| 216 | 340 |
| 217 SSLClientCertType type; | 341 SSLClientCertType type; |
| 218 base::Time creation_time; | |
| 219 base::Time expiration_time; | 342 base::Time expiration_time; |
| 220 std::string private_key, cert; | 343 std::string private_key, cert; |
| 221 EXPECT_EQ(0, store.GetCertCount()); | 344 EXPECT_EQ(0, store.GetCertCount()); |
| 222 store.SetServerBoundCert( | 345 store.SetServerBoundCert( |
| 223 "verisign.com", | 346 "verisign.com", |
| 224 CLIENT_CERT_RSA_SIGN, | 347 CLIENT_CERT_RSA_SIGN, |
| 225 base::Time(), | 348 base::Time(), |
| 226 base::Time(), | 349 base::Time(), |
| 227 "a", "b"); | 350 "a", "b"); |
| 351 // Wait for load & queued set task. | |
| 352 MessageLoop::current()->RunUntilIdle(); | |
| 353 | |
| 228 store.SetServerBoundCert( | 354 store.SetServerBoundCert( |
| 229 "google.com", | 355 "google.com", |
| 230 CLIENT_CERT_ECDSA_SIGN, | 356 CLIENT_CERT_ECDSA_SIGN, |
| 231 base::Time(), | 357 base::Time(), |
| 232 base::Time(), | 358 base::Time(), |
| 233 "c", "d"); | 359 "c", "d"); |
| 234 | 360 |
| 235 EXPECT_EQ(2, store.GetCertCount()); | 361 EXPECT_EQ(2, store.GetCertCount()); |
| 236 store.DeleteServerBoundCert("verisign.com"); | 362 int delete_finished = 0; |
| 363 store.DeleteServerBoundCert("verisign.com", | |
| 364 base::Bind(&CallCounter, &delete_finished)); | |
| 365 ASSERT_EQ(1, delete_finished); | |
| 237 EXPECT_EQ(1, store.GetCertCount()); | 366 EXPECT_EQ(1, store.GetCertCount()); |
| 238 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 367 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
| 239 &type, | 368 &type, |
| 240 &creation_time, | 369 &expiration_time, |
| 241 &expiration_time, | 370 &private_key, |
| 242 &private_key, | 371 &cert, |
| 243 &cert)); | 372 base::Bind(&GetCertCallbackNotCalled))); |
| 373 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
| 244 EXPECT_TRUE(store.GetServerBoundCert("google.com", | 374 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
| 245 &type, | 375 &type, |
| 246 &creation_time, | |
| 247 &expiration_time, | 376 &expiration_time, |
| 248 &private_key, | 377 &private_key, |
| 249 &cert)); | 378 &cert, |
| 250 store.DeleteServerBoundCert("google.com"); | 379 base::Bind(&GetCertCallbackNotCalled))); |
| 380 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); | |
| 381 int delete2_finished = 0; | |
| 382 store.DeleteServerBoundCert("google.com", | |
| 383 base::Bind(&CallCounter, &delete2_finished)); | |
| 384 ASSERT_EQ(1, delete2_finished); | |
| 251 EXPECT_EQ(0, store.GetCertCount()); | 385 EXPECT_EQ(0, store.GetCertCount()); |
| 252 EXPECT_FALSE(store.GetServerBoundCert("google.com", | 386 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
| 253 &type, | 387 &type, |
| 254 &creation_time, | 388 &expiration_time, |
| 255 &expiration_time, | 389 &private_key, |
| 256 &private_key, | 390 &cert, |
| 257 &cert)); | 391 base::Bind(&GetCertCallbackNotCalled))); |
| 392 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); | |
| 393 } | |
| 394 | |
| 395 TEST(DefaultServerBoundCertStoreTest, TestAsyncDelete) { | |
| 396 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
| 397 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 398 "a.com", | |
| 399 CLIENT_CERT_RSA_SIGN, | |
| 400 base::Time::FromInternalValue(1), | |
| 401 base::Time::FromInternalValue(2), | |
| 402 "a", "b")); | |
| 403 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 404 "b.com", | |
| 405 CLIENT_CERT_RSA_SIGN, | |
| 406 base::Time::FromInternalValue(3), | |
| 407 base::Time::FromInternalValue(4), | |
| 408 "c", "d")); | |
| 409 DefaultServerBoundCertStore store(persistent_store.get()); | |
| 410 int delete_finished = 0; | |
| 411 store.DeleteServerBoundCert("a.com", | |
| 412 base::Bind(&CallCounter, &delete_finished)); | |
| 413 | |
| 414 AsyncGetCertHelper a_helper; | |
| 415 AsyncGetCertHelper b_helper; | |
| 416 SSLClientCertType type; | |
| 417 base::Time expiration_time; | |
| 418 std::string private_key; | |
| 419 std::string cert = "not set"; | |
| 420 EXPECT_EQ(0, store.GetCertCount()); | |
| 421 EXPECT_FALSE(store.GetServerBoundCert( | |
| 422 "a.com", &type, &expiration_time, &private_key, &cert, | |
| 423 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&a_helper)))); | |
| 424 EXPECT_FALSE(store.GetServerBoundCert( | |
| 425 "b.com", &type, &expiration_time, &private_key, &cert, | |
| 426 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&b_helper)))); | |
| 427 | |
| 428 EXPECT_EQ(0, delete_finished); | |
| 429 EXPECT_FALSE(a_helper.called_); | |
| 430 EXPECT_FALSE(b_helper.called_); | |
| 431 // Wait for load & queued tasks. | |
| 432 MessageLoop::current()->RunUntilIdle(); | |
| 433 EXPECT_EQ(1, delete_finished); | |
| 434 EXPECT_EQ(1, store.GetCertCount()); | |
| 435 EXPECT_EQ("not set", cert); | |
| 436 EXPECT_TRUE(a_helper.called_); | |
| 437 EXPECT_EQ("a.com", a_helper.server_identifier_); | |
| 438 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, a_helper.type_); | |
| 439 EXPECT_EQ(0, a_helper.expiration_time_.ToInternalValue()); | |
| 440 EXPECT_EQ("", a_helper.private_key_); | |
| 441 EXPECT_EQ("", a_helper.cert_); | |
| 442 EXPECT_TRUE(b_helper.called_); | |
| 443 EXPECT_EQ("b.com", b_helper.server_identifier_); | |
| 444 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, b_helper.type_); | |
| 445 EXPECT_EQ(4, b_helper.expiration_time_.ToInternalValue()); | |
| 446 EXPECT_EQ("c", b_helper.private_key_); | |
| 447 EXPECT_EQ("d", b_helper.cert_); | |
| 258 } | 448 } |
| 259 | 449 |
| 260 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { | 450 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { |
| 261 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 451 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 262 DefaultServerBoundCertStore store(persistent_store.get()); | 452 DefaultServerBoundCertStore store(persistent_store.get()); |
| 263 | 453 |
| 264 EXPECT_EQ(0, store.GetCertCount()); | 454 EXPECT_EQ(0, store.GetCertCount()); |
| 265 store.SetServerBoundCert( | 455 store.SetServerBoundCert( |
| 266 "verisign.com", | 456 "verisign.com", |
| 267 CLIENT_CERT_RSA_SIGN, | 457 CLIENT_CERT_RSA_SIGN, |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 279 CLIENT_CERT_RSA_SIGN, | 469 CLIENT_CERT_RSA_SIGN, |
| 280 base::Time(), | 470 base::Time(), |
| 281 base::Time(), | 471 base::Time(), |
| 282 "e", "f"); | 472 "e", "f"); |
| 283 store.SetServerBoundCert( | 473 store.SetServerBoundCert( |
| 284 "mit.com", | 474 "mit.com", |
| 285 CLIENT_CERT_RSA_SIGN, | 475 CLIENT_CERT_RSA_SIGN, |
| 286 base::Time(), | 476 base::Time(), |
| 287 base::Time(), | 477 base::Time(), |
| 288 "g", "h"); | 478 "g", "h"); |
| 479 // Wait for load & queued set tasks. | |
| 480 MessageLoop::current()->RunUntilIdle(); | |
| 289 | 481 |
| 290 EXPECT_EQ(4, store.GetCertCount()); | 482 EXPECT_EQ(4, store.GetCertCount()); |
| 291 ServerBoundCertStore::ServerBoundCertList certs; | 483 ServerBoundCertStore::ServerBoundCertList certs; |
| 292 store.GetAllServerBoundCerts(&certs); | 484 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
| 293 EXPECT_EQ(4u, certs.size()); | 485 EXPECT_EQ(4u, certs.size()); |
| 294 } | 486 } |
| 295 | 487 |
| 296 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { | 488 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { |
| 297 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 489 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 298 DefaultServerBoundCertStore store(persistent_store.get()); | 490 DefaultServerBoundCertStore store(persistent_store.get()); |
| 299 | 491 |
| 300 store.SetServerBoundCert( | 492 store.SetServerBoundCert( |
| 301 "preexisting.com", | 493 "preexisting.com", |
| 302 CLIENT_CERT_RSA_SIGN, | 494 CLIENT_CERT_RSA_SIGN, |
| 303 base::Time(), | 495 base::Time(), |
| 304 base::Time(), | 496 base::Time(), |
| 305 "a", "b"); | 497 "a", "b"); |
| 306 store.SetServerBoundCert( | 498 store.SetServerBoundCert( |
| 307 "both.com", | 499 "both.com", |
| 308 CLIENT_CERT_ECDSA_SIGN, | 500 CLIENT_CERT_ECDSA_SIGN, |
| 309 base::Time(), | 501 base::Time(), |
| 310 base::Time(), | 502 base::Time(), |
| 311 "c", "d"); | 503 "c", "d"); |
| 504 // Wait for load & queued set tasks. | |
| 505 MessageLoop::current()->RunUntilIdle(); | |
| 312 EXPECT_EQ(2, store.GetCertCount()); | 506 EXPECT_EQ(2, store.GetCertCount()); |
| 313 | 507 |
| 314 ServerBoundCertStore::ServerBoundCertList source_certs; | 508 ServerBoundCertStore::ServerBoundCertList source_certs; |
| 315 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 509 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
| 316 "both.com", | 510 "both.com", |
| 317 CLIENT_CERT_RSA_SIGN, | 511 CLIENT_CERT_RSA_SIGN, |
| 318 base::Time(), | 512 base::Time(), |
| 319 base::Time(), | 513 base::Time(), |
| 320 // Key differs from above to test that existing entries are overwritten. | 514 // Key differs from above to test that existing entries are overwritten. |
| 321 "e", "f")); | 515 "e", "f")); |
| 322 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 516 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
| 323 "copied.com", | 517 "copied.com", |
| 324 CLIENT_CERT_RSA_SIGN, | 518 CLIENT_CERT_RSA_SIGN, |
| 325 base::Time(), | 519 base::Time(), |
| 326 base::Time(), | 520 base::Time(), |
| 327 "g", "h")); | 521 "g", "h")); |
| 328 store.InitializeFrom(source_certs); | 522 store.InitializeFrom(source_certs); |
| 329 EXPECT_EQ(3, store.GetCertCount()); | 523 EXPECT_EQ(3, store.GetCertCount()); |
| 330 | 524 |
| 331 ServerBoundCertStore::ServerBoundCertList certs; | 525 ServerBoundCertStore::ServerBoundCertList certs; |
| 332 store.GetAllServerBoundCerts(&certs); | 526 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
| 333 ASSERT_EQ(3u, certs.size()); | 527 ASSERT_EQ(3u, certs.size()); |
| 334 | 528 |
| 335 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); | 529 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); |
| 530 EXPECT_EQ("both.com", cert->server_identifier()); | |
| 531 EXPECT_EQ("e", cert->private_key()); | |
| 532 | |
| 533 ++cert; | |
| 534 EXPECT_EQ("copied.com", cert->server_identifier()); | |
| 535 EXPECT_EQ("g", cert->private_key()); | |
| 536 | |
| 537 ++cert; | |
| 538 EXPECT_EQ("preexisting.com", cert->server_identifier()); | |
| 539 EXPECT_EQ("a", cert->private_key()); | |
| 540 } | |
| 541 | |
| 542 TEST(DefaultServerBoundCertStoreTest, TestAsyncInitializeFrom) { | |
| 543 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | |
| 544 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 545 "preexisting.com", | |
| 546 CLIENT_CERT_RSA_SIGN, | |
| 547 base::Time(), | |
| 548 base::Time(), | |
| 549 "a", "b")); | |
| 550 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( | |
| 551 "both.com", | |
| 552 CLIENT_CERT_RSA_SIGN, | |
| 553 base::Time(), | |
| 554 base::Time(), | |
| 555 "c", "d")); | |
| 556 | |
| 557 DefaultServerBoundCertStore store(persistent_store.get()); | |
| 558 ServerBoundCertStore::ServerBoundCertList source_certs; | |
| 559 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | |
| 560 "both.com", | |
| 561 CLIENT_CERT_RSA_SIGN, | |
| 562 base::Time(), | |
| 563 base::Time(), | |
| 564 // Key differs from above to test that existing entries are overwritten. | |
| 565 "e", "f")); | |
| 566 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | |
| 567 "copied.com", | |
| 568 CLIENT_CERT_RSA_SIGN, | |
| 569 base::Time(), | |
| 570 base::Time(), | |
| 571 "g", "h")); | |
| 572 store.InitializeFrom(source_certs); | |
| 573 EXPECT_EQ(0, store.GetCertCount()); | |
| 574 // Wait for load & queued tasks. | |
| 575 MessageLoop::current()->RunUntilIdle(); | |
| 576 EXPECT_EQ(3, store.GetCertCount()); | |
| 577 | |
| 578 ServerBoundCertStore::ServerBoundCertList certs; | |
| 579 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); | |
| 580 ASSERT_EQ(3u, certs.size()); | |
| 581 | |
| 582 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); | |
| 336 EXPECT_EQ("both.com", cert->server_identifier()); | 583 EXPECT_EQ("both.com", cert->server_identifier()); |
| 337 EXPECT_EQ("e", cert->private_key()); | 584 EXPECT_EQ("e", cert->private_key()); |
| 338 | 585 |
| 339 ++cert; | 586 ++cert; |
| 340 EXPECT_EQ("copied.com", cert->server_identifier()); | 587 EXPECT_EQ("copied.com", cert->server_identifier()); |
| 341 EXPECT_EQ("g", cert->private_key()); | 588 EXPECT_EQ("g", cert->private_key()); |
| 342 | 589 |
| 343 ++cert; | 590 ++cert; |
| 344 EXPECT_EQ("preexisting.com", cert->server_identifier()); | 591 EXPECT_EQ("preexisting.com", cert->server_identifier()); |
| 345 EXPECT_EQ("a", cert->private_key()); | 592 EXPECT_EQ("a", cert->private_key()); |
| 346 } | 593 } |
| 347 | 594 |
| 348 } // namespace net | 595 } // namespace net |
| OLD | NEW |
