Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/protocol/ssl_hmac_channel_authenticator_unittest.cc

Issue 1739503003: Ignore host certificate in remoting::V2Authenticator on the client side. Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « remoting/protocol/ssl_hmac_channel_authenticator.cc ('k') | remoting/protocol/v2_authenticator.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after
145 MockChannelDoneCallback client_callback_; 145 MockChannelDoneCallback client_callback_;
146 MockChannelDoneCallback host_callback_; 146 MockChannelDoneCallback host_callback_;
147 scoped_ptr<P2PStreamSocket> client_socket_; 147 scoped_ptr<P2PStreamSocket> client_socket_;
148 scoped_ptr<P2PStreamSocket> host_socket_; 148 scoped_ptr<P2PStreamSocket> host_socket_;
149 149
150 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticatorTest); 150 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticatorTest);
151 }; 151 };
152 152
153 // Verify that a channel can be connected using a valid shared secret. 153 // Verify that a channel can be connected using a valid shared secret.
154 TEST_F(SslHmacChannelAuthenticatorTest, SuccessfulAuth) { 154 TEST_F(SslHmacChannelAuthenticatorTest, SuccessfulAuth) {
155 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( 155 client_auth_ =
156 host_cert_, kTestSharedSecret); 156 SslHmacChannelAuthenticator::CreateForClient(kTestSharedSecret);
157 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( 157 host_auth_ = SslHmacChannelAuthenticator::CreateForHost(host_cert_, key_pair_,
158 host_cert_, key_pair_, kTestSharedSecret); 158 kTestSharedSecret);
159 159
160 RunChannelAuth(net::OK, net::OK); 160 RunChannelAuth(net::OK, net::OK);
161 161
162 ASSERT_TRUE(client_socket_.get() != nullptr); 162 ASSERT_TRUE(client_socket_.get() != nullptr);
163 ASSERT_TRUE(host_socket_.get() != nullptr); 163 ASSERT_TRUE(host_socket_.get() != nullptr);
164 164
165 StreamConnectionTester tester(host_socket_.get(), client_socket_.get(), 165 StreamConnectionTester tester(host_socket_.get(), client_socket_.get(),
166 100, 2); 166 100, 2);
167 167
168 tester.Start(); 168 tester.Start();
169 message_loop_.Run(); 169 message_loop_.Run();
170 tester.CheckResults(); 170 tester.CheckResults();
171 } 171 }
172 172
173 // Verify that channels cannot be using invalid shared secret. 173 // Verify that channels cannot be connected using invalid shared secret.
174 TEST_F(SslHmacChannelAuthenticatorTest, InvalidChannelSecret) { 174 TEST_F(SslHmacChannelAuthenticatorTest, InvalidChannelSecret) {
175 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( 175 client_auth_ =
176 host_cert_, kTestSharedSecretBad); 176 SslHmacChannelAuthenticator::CreateForClient(kTestSharedSecretBad);
177 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( 177 host_auth_ = SslHmacChannelAuthenticator::CreateForHost(
178 host_cert_, key_pair_, kTestSharedSecret); 178 host_cert_, key_pair_, kTestSharedSecret);
179 179
180 RunChannelAuth(net::ERR_FAILED, net::ERR_FAILED); 180 RunChannelAuth(net::ERR_FAILED, net::ERR_FAILED);
181 181
182 ASSERT_TRUE(host_socket_.get() == nullptr); 182 ASSERT_TRUE(host_socket_.get() == nullptr);
183 } 183 }
184 184
185 // Verify that channels cannot be using invalid certificate.
186 TEST_F(SslHmacChannelAuthenticatorTest, InvalidCertificate) {
187 // Import a second certificate for the client to expect.
188 scoped_refptr<net::X509Certificate> host_cert2(
189 net::ImportCertFromFile(net::GetTestCertsDirectory(), "ok_cert.pem"));
190 std::string host_cert2_der;
191 ASSERT_TRUE(net::X509Certificate::GetDEREncoded(host_cert2->os_cert_handle(),
192 &host_cert2_der));
193
194 client_auth_ = SslHmacChannelAuthenticator::CreateForClient(
195 host_cert2_der, kTestSharedSecret);
196 host_auth_ = SslHmacChannelAuthenticator::CreateForHost(
197 host_cert_, key_pair_, kTestSharedSecret);
198
199 RunChannelAuth(net::ERR_CERT_INVALID, net::ERR_CONNECTION_CLOSED);
200
201 ASSERT_TRUE(host_socket_.get() == nullptr);
202 }
203
204 } // namespace protocol 185 } // namespace protocol
205 } // namespace remoting 186 } // namespace remoting
OLDNEW
« no previous file with comments | « remoting/protocol/ssl_hmac_channel_authenticator.cc ('k') | remoting/protocol/v2_authenticator.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698