OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
10 #include "base/location.h" | 10 #include "base/location.h" |
(...skipping 667 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
678 const std::string&, | 678 const std::string&, |
679 ct::CTVerifyResult*, | 679 ct::CTVerifyResult*, |
680 const BoundNetLog&)); | 680 const BoundNetLog&)); |
681 MOCK_METHOD1(SetObserver, void(CTVerifier::Observer*)); | 681 MOCK_METHOD1(SetObserver, void(CTVerifier::Observer*)); |
682 }; | 682 }; |
683 | 683 |
684 // A mock CTPolicyEnforcer that returns a custom verification result. | 684 // A mock CTPolicyEnforcer that returns a custom verification result. |
685 class MockCTPolicyEnforcer : public CTPolicyEnforcer { | 685 class MockCTPolicyEnforcer : public CTPolicyEnforcer { |
686 public: | 686 public: |
687 MOCK_METHOD4(DoesConformToCTEVPolicy, | 687 MOCK_METHOD4(DoesConformToCTEVPolicy, |
688 bool(X509Certificate* cert, | 688 ct::EVPolicyCompliance(X509Certificate* cert, |
689 const ct::EVCertsWhitelist*, | 689 const ct::EVCertsWhitelist*, |
690 const ct::CTVerifyResult&, | 690 const ct::SCTList&, |
691 const BoundNetLog&)); | 691 const BoundNetLog&)); |
692 }; | 692 }; |
693 | 693 |
694 class SSLClientSocketTest : public PlatformTest { | 694 class SSLClientSocketTest : public PlatformTest { |
695 public: | 695 public: |
696 SSLClientSocketTest() | 696 SSLClientSocketTest() |
697 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), | 697 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), |
698 cert_verifier_(new MockCertVerifier), | 698 cert_verifier_(new MockCertVerifier), |
699 transport_security_state_(new TransportSecurityState) { | 699 transport_security_state_(new TransportSecurityState) { |
700 cert_verifier_->set_default_result(OK); | 700 cert_verifier_->set_default_result(OK); |
701 context_.cert_verifier = cert_verifier_.get(); | 701 context_.cert_verifier = cert_verifier_.get(); |
(...skipping 1626 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2328 // To activate the CT/EV policy enforcement non-null CTVerifier and | 2328 // To activate the CT/EV policy enforcement non-null CTVerifier and |
2329 // CTPolicyEnforcer are needed. | 2329 // CTPolicyEnforcer are needed. |
2330 MockCTVerifier ct_verifier; | 2330 MockCTVerifier ct_verifier; |
2331 SetCTVerifier(&ct_verifier); | 2331 SetCTVerifier(&ct_verifier); |
2332 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); | 2332 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); |
2333 | 2333 |
2334 // Emulate compliance of the certificate to the policy. | 2334 // Emulate compliance of the certificate to the policy. |
2335 MockCTPolicyEnforcer policy_enforcer; | 2335 MockCTPolicyEnforcer policy_enforcer; |
2336 SetCTPolicyEnforcer(&policy_enforcer); | 2336 SetCTPolicyEnforcer(&policy_enforcer); |
2337 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) | 2337 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) |
2338 .WillRepeatedly(Return(true)); | 2338 .WillRepeatedly(Return(ct::EV_POLICY_COMPLIES_VIA_SCTS)); |
2339 | 2339 |
2340 int rv; | 2340 int rv; |
2341 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2341 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2342 EXPECT_EQ(OK, rv); | 2342 EXPECT_EQ(OK, rv); |
2343 | 2343 |
2344 SSLInfo result; | 2344 SSLInfo result; |
2345 ASSERT_TRUE(sock_->GetSSLInfo(&result)); | 2345 ASSERT_TRUE(sock_->GetSSLInfo(&result)); |
2346 | 2346 |
2347 EXPECT_TRUE(result.cert_status & CERT_STATUS_IS_EV); | 2347 EXPECT_TRUE(result.cert_status & CERT_STATUS_IS_EV); |
2348 } | 2348 } |
(...skipping 11 matching lines...) Expand all Loading... |
2360 // To activate the CT/EV policy enforcement non-null CTVerifier and | 2360 // To activate the CT/EV policy enforcement non-null CTVerifier and |
2361 // CTPolicyEnforcer are needed. | 2361 // CTPolicyEnforcer are needed. |
2362 MockCTVerifier ct_verifier; | 2362 MockCTVerifier ct_verifier; |
2363 SetCTVerifier(&ct_verifier); | 2363 SetCTVerifier(&ct_verifier); |
2364 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); | 2364 EXPECT_CALL(ct_verifier, Verify(_, "", "", _, _)).WillRepeatedly(Return(OK)); |
2365 | 2365 |
2366 // Emulate non-compliance of the certificate to the policy. | 2366 // Emulate non-compliance of the certificate to the policy. |
2367 MockCTPolicyEnforcer policy_enforcer; | 2367 MockCTPolicyEnforcer policy_enforcer; |
2368 SetCTPolicyEnforcer(&policy_enforcer); | 2368 SetCTPolicyEnforcer(&policy_enforcer); |
2369 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) | 2369 EXPECT_CALL(policy_enforcer, DoesConformToCTEVPolicy(_, _, _, _)) |
2370 .WillRepeatedly(Return(false)); | 2370 .WillRepeatedly(Return(ct::EV_POLICY_NOT_ENOUGH_SCTS)); |
2371 | 2371 |
2372 int rv; | 2372 int rv; |
2373 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); | 2373 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); |
2374 EXPECT_EQ(OK, rv); | 2374 EXPECT_EQ(OK, rv); |
2375 | 2375 |
2376 SSLInfo result; | 2376 SSLInfo result; |
2377 ASSERT_TRUE(sock_->GetSSLInfo(&result)); | 2377 ASSERT_TRUE(sock_->GetSSLInfo(&result)); |
2378 | 2378 |
2379 EXPECT_FALSE(result.cert_status & CERT_STATUS_IS_EV); | 2379 EXPECT_FALSE(result.cert_status & CERT_STATUS_IS_EV); |
2380 EXPECT_TRUE(result.cert_status & CERT_STATUS_CT_COMPLIANCE_FAILED); | 2380 EXPECT_TRUE(result.cert_status & CERT_STATUS_CT_COMPLIANCE_FAILED); |
(...skipping 853 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3234 int rv; | 3234 int rv; |
3235 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); | 3235 ASSERT_TRUE(CreateAndConnectSSLClientSocket(client_config, &rv)); |
3236 EXPECT_EQ(OK, rv); | 3236 EXPECT_EQ(OK, rv); |
3237 | 3237 |
3238 std::string proto; | 3238 std::string proto; |
3239 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported, | 3239 EXPECT_EQ(SSLClientSocket::kNextProtoUnsupported, |
3240 sock_->GetNextProto(&proto)); | 3240 sock_->GetNextProto(&proto)); |
3241 } | 3241 } |
3242 | 3242 |
3243 } // namespace net | 3243 } // namespace net |
OLD | NEW |