| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
| 11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/message_loop/message_loop.h" | 13 #include "base/message_loop/message_loop.h" |
| 14 #include "base/run_loop.h" | 14 #include "base/run_loop.h" |
| 15 #include "chrome/browser/chromeos/certificate_provider/certificate_provider.h" |
| 15 #include "crypto/scoped_test_nss_db.h" | 16 #include "crypto/scoped_test_nss_db.h" |
| 16 #include "net/base/test_data_directory.h" | 17 #include "net/base/test_data_directory.h" |
| 17 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
| 18 #include "net/test/cert_test_util.h" | 19 #include "net/test/cert_test_util.h" |
| 19 #include "testing/gtest/include/gtest/gtest.h" | 20 #include "testing/gtest/include/gtest/gtest.h" |
| 20 | 21 |
| 21 namespace chromeos { | 22 namespace chromeos { |
| 22 | 23 |
| 23 namespace { | 24 namespace { |
| 24 | 25 |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 | 89 |
| 89 // Ensure that cert requests, that are started before the filter is initialized, | 90 // Ensure that cert requests, that are started before the filter is initialized, |
| 90 // will wait for the initialization and succeed afterwards. | 91 // will wait for the initialization and succeed afterwards. |
| 91 TEST_F(ClientCertStoreChromeOSTest, RequestWaitsForNSSInitAndSucceeds) { | 92 TEST_F(ClientCertStoreChromeOSTest, RequestWaitsForNSSInitAndSucceeds) { |
| 92 crypto::ScopedTestNSSDB test_db; | 93 crypto::ScopedTestNSSDB test_db; |
| 93 ASSERT_TRUE(test_db.is_open()); | 94 ASSERT_TRUE(test_db.is_open()); |
| 94 | 95 |
| 95 TestCertFilter* cert_filter = | 96 TestCertFilter* cert_filter = |
| 96 new TestCertFilter(false /* init asynchronously */); | 97 new TestCertFilter(false /* init asynchronously */); |
| 97 ClientCertStoreChromeOS store( | 98 ClientCertStoreChromeOS store( |
| 98 make_scoped_ptr(cert_filter), | 99 nullptr /* no additional certs */, make_scoped_ptr(cert_filter), |
| 99 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 100 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 100 | 101 |
| 101 scoped_refptr<net::X509Certificate> cert_1( | 102 scoped_refptr<net::X509Certificate> cert_1( |
| 102 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 103 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 103 ASSERT_TRUE(cert_1.get()); | 104 ASSERT_TRUE(cert_1.get()); |
| 104 | 105 |
| 105 // Request any client certificate, which is expected to match client_1. | 106 // Request any client certificate, which is expected to match client_1. |
| 106 scoped_refptr<net::SSLCertRequestInfo> request_all( | 107 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 107 new net::SSLCertRequestInfo()); | 108 new net::SSLCertRequestInfo()); |
| 108 | 109 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 124 ASSERT_EQ(1u, request_all->client_certs.size()); | 125 ASSERT_EQ(1u, request_all->client_certs.size()); |
| 125 } | 126 } |
| 126 | 127 |
| 127 // Ensure that cert requests, that are started after the filter was initialized, | 128 // Ensure that cert requests, that are started after the filter was initialized, |
| 128 // will succeed. | 129 // will succeed. |
| 129 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 130 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
| 130 crypto::ScopedTestNSSDB test_db; | 131 crypto::ScopedTestNSSDB test_db; |
| 131 ASSERT_TRUE(test_db.is_open()); | 132 ASSERT_TRUE(test_db.is_open()); |
| 132 | 133 |
| 133 ClientCertStoreChromeOS store( | 134 ClientCertStoreChromeOS store( |
| 135 nullptr, // no additional certs |
| 134 make_scoped_ptr(new TestCertFilter(true /* init synchronously */)), | 136 make_scoped_ptr(new TestCertFilter(true /* init synchronously */)), |
| 135 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 137 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 136 | 138 |
| 137 scoped_refptr<net::X509Certificate> cert_1( | 139 scoped_refptr<net::X509Certificate> cert_1( |
| 138 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 140 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 139 ASSERT_TRUE(cert_1.get()); | 141 ASSERT_TRUE(cert_1.get()); |
| 140 | 142 |
| 141 scoped_refptr<net::SSLCertRequestInfo> request_all( | 143 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 142 new net::SSLCertRequestInfo()); | 144 new net::SSLCertRequestInfo()); |
| 143 | 145 |
| 144 base::RunLoop run_loop; | 146 base::RunLoop run_loop; |
| 145 store.GetClientCerts(*request_all, &request_all->client_certs, | 147 store.GetClientCerts(*request_all, &request_all->client_certs, |
| 146 run_loop.QuitClosure()); | 148 run_loop.QuitClosure()); |
| 147 run_loop.Run(); | 149 run_loop.Run(); |
| 148 | 150 |
| 149 ASSERT_EQ(1u, request_all->client_certs.size()); | 151 ASSERT_EQ(1u, request_all->client_certs.size()); |
| 150 } | 152 } |
| 151 | 153 |
| 152 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 154 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
| 153 crypto::ScopedTestNSSDB test_db; | 155 crypto::ScopedTestNSSDB test_db; |
| 154 ASSERT_TRUE(test_db.is_open()); | 156 ASSERT_TRUE(test_db.is_open()); |
| 155 | 157 |
| 156 TestCertFilter* cert_filter = | 158 TestCertFilter* cert_filter = |
| 157 new TestCertFilter(true /* init synchronously */); | 159 new TestCertFilter(true /* init synchronously */); |
| 158 ClientCertStoreChromeOS store( | 160 ClientCertStoreChromeOS store( |
| 159 make_scoped_ptr(cert_filter), | 161 nullptr /* no additional certs */, make_scoped_ptr(cert_filter), |
| 160 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 162 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 161 | 163 |
| 162 scoped_refptr<net::X509Certificate> cert_1( | 164 scoped_refptr<net::X509Certificate> cert_1( |
| 163 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 165 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 164 ASSERT_TRUE(cert_1.get()); | 166 ASSERT_TRUE(cert_1.get()); |
| 165 scoped_refptr<net::X509Certificate> cert_2( | 167 scoped_refptr<net::X509Certificate> cert_2( |
| 166 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 168 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
| 167 ASSERT_TRUE(cert_2.get()); | 169 ASSERT_TRUE(cert_2.get()); |
| 168 | 170 |
| 169 scoped_refptr<net::SSLCertRequestInfo> request_all( | 171 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| (...skipping 24 matching lines...) Expand all Loading... |
| 194 | 196 |
| 195 // Ensure that the delegation of the request matching to the base class is | 197 // Ensure that the delegation of the request matching to the base class is |
| 196 // functional. | 198 // functional. |
| 197 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 199 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
| 198 crypto::ScopedTestNSSDB test_db; | 200 crypto::ScopedTestNSSDB test_db; |
| 199 ASSERT_TRUE(test_db.is_open()); | 201 ASSERT_TRUE(test_db.is_open()); |
| 200 | 202 |
| 201 TestCertFilter* cert_filter = | 203 TestCertFilter* cert_filter = |
| 202 new TestCertFilter(true /* init synchronously */); | 204 new TestCertFilter(true /* init synchronously */); |
| 203 ClientCertStoreChromeOS store( | 205 ClientCertStoreChromeOS store( |
| 206 nullptr, // no additional certs |
| 204 make_scoped_ptr(cert_filter), | 207 make_scoped_ptr(cert_filter), |
| 205 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 208 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 206 | 209 |
| 207 scoped_refptr<net::X509Certificate> cert_1( | 210 scoped_refptr<net::X509Certificate> cert_1( |
| 208 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 211 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 209 ASSERT_TRUE(cert_1.get()); | 212 ASSERT_TRUE(cert_1.get()); |
| 210 scoped_refptr<net::X509Certificate> cert_2( | 213 scoped_refptr<net::X509Certificate> cert_2( |
| 211 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 214 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
| 212 ASSERT_TRUE(cert_2.get()); | 215 ASSERT_TRUE(cert_2.get()); |
| 213 | 216 |
| 214 std::vector<std::string> authority_1( | 217 std::vector<std::string> authority_1( |
| 215 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 218 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
| 216 sizeof(kAuthority1DN))); | 219 sizeof(kAuthority1DN))); |
| 217 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 220 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
| 218 request->cert_authorities = authority_1; | 221 request->cert_authorities = authority_1; |
| 219 | 222 |
| 220 base::RunLoop run_loop; | 223 base::RunLoop run_loop; |
| 221 net::CertificateList selected_certs; | 224 net::CertificateList selected_certs; |
| 222 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); | 225 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); |
| 223 run_loop.Run(); | 226 run_loop.Run(); |
| 224 | 227 |
| 225 ASSERT_EQ(1u, selected_certs.size()); | 228 ASSERT_EQ(1u, selected_certs.size()); |
| 226 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 229 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
| 227 } | 230 } |
| 228 | 231 |
| 229 } // namespace chromeos | 232 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1274143002:
ClientCertStoreChromeOS: support additional non-platform certs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master