OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
10 #include "base/files/file_util.h" | 10 #include "base/files/file_util.h" |
(...skipping 681 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
692 const std::string&, | 692 const std::string&, |
693 const std::string&, | 693 const std::string&, |
694 ct::CTVerifyResult*, | 694 ct::CTVerifyResult*, |
695 const BoundNetLog&)); | 695 const BoundNetLog&)); |
696 MOCK_METHOD1(SetObserver, void(CTVerifier::Observer*)); | 696 MOCK_METHOD1(SetObserver, void(CTVerifier::Observer*)); |
697 }; | 697 }; |
698 | 698 |
699 // A mock CTPolicyEnforcer that returns a custom verification result. | 699 // A mock CTPolicyEnforcer that returns a custom verification result. |
700 class MockCTPolicyEnforcer : public CTPolicyEnforcer { | 700 class MockCTPolicyEnforcer : public CTPolicyEnforcer { |
701 public: | 701 public: |
| 702 MOCK_METHOD3(DoesConformToCertPolicy, |
| 703 ct::CertPolicyCompliance(X509Certificate* cert, |
| 704 const ct::SCTList&, |
| 705 const BoundNetLog&)); |
702 MOCK_METHOD4(DoesConformToCTEVPolicy, | 706 MOCK_METHOD4(DoesConformToCTEVPolicy, |
703 ct::EVPolicyCompliance(X509Certificate* cert, | 707 ct::EVPolicyCompliance(X509Certificate* cert, |
704 const ct::EVCertsWhitelist*, | 708 const ct::EVCertsWhitelist*, |
705 const ct::SCTList&, | 709 const ct::SCTList&, |
706 const BoundNetLog&)); | 710 const BoundNetLog&)); |
707 }; | 711 }; |
708 | 712 |
709 class SSLClientSocketTest : public PlatformTest { | 713 class SSLClientSocketTest : public PlatformTest { |
710 public: | 714 public: |
711 SSLClientSocketTest() | 715 SSLClientSocketTest() |
(...skipping 1630 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2342 | 2346 |
2343 // To activate the CT/EV policy enforcement non-null CTVerifier and | 2347 // To activate the CT/EV policy enforcement non-null CTVerifier and |
2344 // CTPolicyEnforcer are needed. | 2348 // CTPolicyEnforcer are needed. |
2345 MockCTVerifier ct_verifier; | 2349 MockCTVerifier ct_verifier; |
2346 SetCTVerifier(&ct_verifier); | 2350 SetCTVerifier(&ct_verifier); |
2347 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); | 2351 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); |
2348 | 2352 |
2349 // Emulate compliance of the certificate to the policy. | 2353 // Emulate compliance of the certificate to the policy. |
2350 MockCTPolicyEnforcer policy_enforcer; | 2354 MockCTPolicyEnforcer policy_enforcer; |
2351 SetCTPolicyEnforcer(&policy_enforcer); | 2355 SetCTPolicyEnforcer(&policy_enforcer); |
| 2356 EXPECT_CALL(policy_enforcer, DoesConformToCertPolicy(_, _, _)) |
| 2357 .WillRepeatedly( |
| 2358 Return(ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS)); |
2352 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) | 2359 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) |
2353 .WillRepeatedly( | 2360 .WillRepeatedly( |
2354 Return(ct::EVPolicyCompliance::EV_POLICY_COMPLIES_VIA_SCTS)); | 2361 Return(ct::EVPolicyCompliance::EV_POLICY_COMPLIES_VIA_SCTS)); |
2355 | 2362 |
2356 int rv; | 2363 int rv; |
2357 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2364 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2358 EXPECT_EQ(OK, rv); | 2365 EXPECT_EQ(OK, rv); |
2359 | 2366 |
2360 SSLInfo result; | 2367 SSLInfo result; |
2361 ASSERT_TRUE(sock_->GetSSLInfo(&result)); | 2368 ASSERT_TRUE(sock_->GetSSLInfo(&result)); |
(...skipping 13 matching lines...) Expand all Loading... |
2375 | 2382 |
2376 // To activate the CT/EV policy enforcement non-null CTVerifier and | 2383 // To activate the CT/EV policy enforcement non-null CTVerifier and |
2377 // CTPolicyEnforcer are needed. | 2384 // CTPolicyEnforcer are needed. |
2378 MockCTVerifier ct_verifier; | 2385 MockCTVerifier ct_verifier; |
2379 SetCTVerifier(&ct_verifier); | 2386 SetCTVerifier(&ct_verifier); |
2380 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); | 2387 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); |
2381 | 2388 |
2382 // Emulate non-compliance of the certificate to the policy. | 2389 // Emulate non-compliance of the certificate to the policy. |
2383 MockCTPolicyEnforcer policy_enforcer; | 2390 MockCTPolicyEnforcer policy_enforcer; |
2384 SetCTPolicyEnforcer(&policy_enforcer); | 2391 SetCTPolicyEnforcer(&policy_enforcer); |
| 2392 EXPECT_CALL(policy_enforcer, DoesConformToCertPolicy(_, _, _)) |
| 2393 .WillRepeatedly( |
| 2394 Return(ct::CertPolicyCompliance::CERT_POLICY_NOT_ENOUGH_SCTS)); |
2385 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) | 2395 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) |
2386 .WillRepeatedly( | 2396 .WillRepeatedly( |
2387 Return(ct::EVPolicyCompliance::EV_POLICY_NOT_ENOUGH_SCTS)); | 2397 Return(ct::EVPolicyCompliance::EV_POLICY_NOT_ENOUGH_SCTS)); |
2388 | 2398 |
2389 int rv; | 2399 int rv; |
2390 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2400 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2391 EXPECT_EQ(OK, rv); | 2401 EXPECT_EQ(OK, rv); |
2392 | 2402 |
2393 SSLInfo result; | 2403 SSLInfo result; |
2394 ASSERT_TRUE(sock_->GetSSLInfo(&result)); | 2404 ASSERT_TRUE(sock_->GetSSLInfo(&result)); |
(...skipping 963 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3358 SSLInfo ssl_info; | 3368 SSLInfo ssl_info; |
3359 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); | 3369 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); |
3360 EXPECT_TRUE(ssl_info.client_cert_sent); | 3370 EXPECT_TRUE(ssl_info.client_cert_sent); |
3361 | 3371 |
3362 sock_->Disconnect(); | 3372 sock_->Disconnect(); |
3363 EXPECT_FALSE(sock_->IsConnected()); | 3373 EXPECT_FALSE(sock_->IsConnected()); |
3364 } | 3374 } |
3365 #endif // defined(USE_OPENSSL) | 3375 #endif // defined(USE_OPENSSL) |
3366 | 3376 |
3367 } // namespace net | 3377 } // namespace net |
OLD | NEW |