Implement an openssl version of a QUIC ProofSource.

net/quic/test_tools/crypto_test_utils_chromium.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/quic/test_tools/crypto_test_utils.h"
 
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
+#include "net/base/net_errors.h"
 #include "net/base/test_data_directory.h"
 #include "net/cert/cert_verifier.h"
+#include "net/cert/mock_cert_verifier.h"
 #include "net/cert/test_root_certs.h"
 #include "net/cert/x509_certificate.h"
 #include "net/http/transport_security_state.h"
 #include "net/quic/crypto/proof_source_chromium.h"
 #include "net/quic/crypto/proof_verifier_chromium.h"
 #include "net/test/cert_test_util.h"
 
 namespace net {
 
 namespace test {
 
 namespace {
 
 class TestProofVerifierChromium : public ProofVerifierChromium {
  public:
+  // TODO(rch): |transport_security_state| should be a scoped_ptr.
   TestProofVerifierChromium(CertVerifier* cert_verifier,
                             TransportSecurityState* transport_security_state,
                             const std::string& cert_file)
       : ProofVerifierChromium(cert_verifier, nullptr, transport_security_state),
         cert_verifier_(cert_verifier),
         transport_security_state_(transport_security_state) {
     // Load and install the root for the validated chain.
     scoped_refptr<X509Certificate> root_cert =
         ImportCertFromFile(GetTestCertsDirectory(), cert_file);
     scoped_root_.Reset(root_cert.get());
@@ skipping 65 matching lines @@
   }
 
  private:
   DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
 };
 
 }  // namespace
 
 // static
 ProofSource* CryptoTestUtils::ProofSourceForTesting() {
-  return new ProofSourceChromium();
+  ProofSourceChromium* source = new ProofSourceChromium();
+  base::FilePath certs_dir = GetTestCertsDirectory();
+  CHECK(source->Initialize(
+      certs_dir.AppendASCII("quic_chain.crt"),
+      certs_dir.AppendASCII("quic_test.example.com.key.pkcs8")));
+  return source;
 }
 
 // static
 ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
-  TestProofVerifierChromium* proof_verifier = new TestProofVerifierChromium(
-      CertVerifier::CreateDefault(), new TransportSecurityState,
-      "quic_root.crt");
-  return proof_verifier;
+  // TODO(rch): use a real cert verifier?
+  MockCertVerifier* cert_verifier = new MockCertVerifier();
+  net::CertVerifyResult verify_result;
+  verify_result.verified_cert =
+      ImportCertFromFile(GetTestCertsDirectory(), "quic_test.example.com.crt");
+  cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
+                                         "test.example.com", verify_result, OK);
+  verify_result.verified_cert = ImportCertFromFile(
+      GetTestCertsDirectory(), "quic_test_ecc.example.com.crt");
+  cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
+                                         "test.example.com", verify_result, OK);
+  return new TestProofVerifierChromium(
+      cert_verifier, new TransportSecurityState, "quic_root.crt");
 }
 
 // static
 ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
   return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog());
 }
 
 // static
 ProofSource* CryptoTestUtils::FakeProofSourceForTesting() {
   return new FakeProofSource();
 }
 
 // static
 ProofVerifier* CryptoTestUtils::FakeProofVerifierForTesting() {
   return new FakeProofVerifier();
 }
 
 // static
 ProofVerifyContext* CryptoTestUtils::FakeProofVerifyContextForTesting() {
   return nullptr;
 }
 
 }  // namespace test
 
 }  // namespace net