| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <openssl/bio.h> | 10 #include <openssl/bio.h> |
| (...skipping 18 matching lines...) Expand all Loading... |
| 29 #include "net/dns/host_resolver.h" | 29 #include "net/dns/host_resolver.h" |
| 30 #include "net/http/transport_security_state.h" | 30 #include "net/http/transport_security_state.h" |
| 31 #include "net/log/net_log.h" | 31 #include "net/log/net_log.h" |
| 32 #include "net/socket/client_socket_factory.h" | 32 #include "net/socket/client_socket_factory.h" |
| 33 #include "net/socket/client_socket_handle.h" | 33 #include "net/socket/client_socket_handle.h" |
| 34 #include "net/socket/socket_test_util.h" | 34 #include "net/socket/socket_test_util.h" |
| 35 #include "net/socket/tcp_client_socket.h" | 35 #include "net/socket/tcp_client_socket.h" |
| 36 #include "net/ssl/openssl_client_key_store.h" | 36 #include "net/ssl/openssl_client_key_store.h" |
| 37 #include "net/ssl/ssl_cert_request_info.h" | 37 #include "net/ssl/ssl_cert_request_info.h" |
| 38 #include "net/ssl/ssl_config_service.h" | 38 #include "net/ssl/ssl_config_service.h" |
| 39 #include "net/ssl/ssl_platform_key.h" |
| 39 #include "net/test/cert_test_util.h" | 40 #include "net/test/cert_test_util.h" |
| 40 #include "net/test/spawned_test_server/spawned_test_server.h" | 41 #include "net/test/spawned_test_server/spawned_test_server.h" |
| 41 #include "testing/gtest/include/gtest/gtest.h" | 42 #include "testing/gtest/include/gtest/gtest.h" |
| 42 #include "testing/platform_test.h" | 43 #include "testing/platform_test.h" |
| 43 | 44 |
| 44 namespace net { | 45 namespace net { |
| 45 | 46 |
| 46 namespace { | 47 namespace { |
| 47 | 48 |
| 48 // These client auth tests are currently dependent on OpenSSL's struct X509. | 49 // These client auth tests are currently dependent on OpenSSL's struct X509. |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 211 ssl_options.request_client_certificate = true; | 212 ssl_options.request_client_certificate = true; |
| 212 ssl_options.client_authorities.push_back( | 213 ssl_options.client_authorities.push_back( |
| 213 GetTestClientCertsDirectory().AppendASCII("client_1_ca.pem")); | 214 GetTestClientCertsDirectory().AppendASCII("client_1_ca.pem")); |
| 214 | 215 |
| 215 ASSERT_TRUE(ConnectToTestServer(ssl_options)); | 216 ASSERT_TRUE(ConnectToTestServer(ssl_options)); |
| 216 | 217 |
| 217 base::FilePath certs_dir = GetTestCertsDirectory(); | 218 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 218 SSLConfig ssl_config; | 219 SSLConfig ssl_config; |
| 219 ssl_config.send_client_cert = true; | 220 ssl_config.send_client_cert = true; |
| 220 ssl_config.client_cert = NULL; | 221 ssl_config.client_cert = NULL; |
| 222 ssl_config.client_private_key = NULL; |
| 221 | 223 |
| 222 int rv; | 224 int rv; |
| 223 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 225 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
| 224 | 226 |
| 225 EXPECT_EQ(OK, rv); | 227 EXPECT_EQ(OK, rv); |
| 226 EXPECT_TRUE(sock_->IsConnected()); | 228 EXPECT_TRUE(sock_->IsConnected()); |
| 227 } | 229 } |
| 228 | 230 |
| 229 // Connect to a server requesting client authentication. Send it a | 231 // Connect to a server requesting client authentication. Send it a |
| 230 // matching certificate. It should allow the connection. | 232 // matching certificate. It should allow the connection. |
| (...skipping 10 matching lines...) Expand all Loading... |
| 241 ssl_config.send_client_cert = true; | 243 ssl_config.send_client_cert = true; |
| 242 ssl_config.client_cert = ImportCertFromFile(certs_dir, "client_1.pem"); | 244 ssl_config.client_cert = ImportCertFromFile(certs_dir, "client_1.pem"); |
| 243 | 245 |
| 244 // This is required to ensure that signing works with the client | 246 // This is required to ensure that signing works with the client |
| 245 // certificate's private key. | 247 // certificate's private key. |
| 246 crypto::ScopedEVP_PKEY client_private_key; | 248 crypto::ScopedEVP_PKEY client_private_key; |
| 247 ASSERT_TRUE(LoadPrivateKeyOpenSSL(certs_dir.AppendASCII("client_1.key"), | 249 ASSERT_TRUE(LoadPrivateKeyOpenSSL(certs_dir.AppendASCII("client_1.key"), |
| 248 &client_private_key)); | 250 &client_private_key)); |
| 249 EXPECT_TRUE(RecordPrivateKey(ssl_config, client_private_key.get())); | 251 EXPECT_TRUE(RecordPrivateKey(ssl_config, client_private_key.get())); |
| 250 | 252 |
| 253 ssl_config.client_private_key = |
| 254 FetchClientCertPrivateKey(ssl_config.client_cert.get()); |
| 255 |
| 251 int rv; | 256 int rv; |
| 252 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 257 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
| 253 | 258 |
| 254 EXPECT_EQ(OK, rv); | 259 EXPECT_EQ(OK, rv); |
| 255 EXPECT_TRUE(sock_->IsConnected()); | 260 EXPECT_TRUE(sock_->IsConnected()); |
| 256 | 261 |
| 257 EXPECT_TRUE(CheckSSLClientSocketSentCert()); | 262 EXPECT_TRUE(CheckSSLClientSocketSentCert()); |
| 258 | 263 |
| 259 sock_->Disconnect(); | 264 sock_->Disconnect(); |
| 260 EXPECT_FALSE(sock_->IsConnected()); | 265 EXPECT_FALSE(sock_->IsConnected()); |
| 261 } | 266 } |
| 262 #endif // defined(USE_OPENSSL_CERTS) | 267 #endif // defined(USE_OPENSSL_CERTS) |
| 263 | 268 |
| 264 } // namespace | 269 } // namespace |
| 265 } // namespace net | 270 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1422573008:
Plumbing SSLPrivateKey (//net) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master