OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
6 | 6 |
| 7 #include <memory> |
7 #include <string> | 8 #include <string> |
8 | 9 |
9 #include "base/callback.h" | 10 #include "base/callback.h" |
10 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
| 12 #include "base/memory/ptr_util.h" |
11 #include "base/memory/ref_counted.h" | 13 #include "base/memory/ref_counted.h" |
12 #include "base/memory/scoped_ptr.h" | |
13 #include "base/message_loop/message_loop.h" | 14 #include "base/message_loop/message_loop.h" |
14 #include "base/run_loop.h" | 15 #include "base/run_loop.h" |
15 #include "chrome/browser/chromeos/certificate_provider/certificate_provider.h" | 16 #include "chrome/browser/chromeos/certificate_provider/certificate_provider.h" |
16 #include "crypto/scoped_test_nss_db.h" | 17 #include "crypto/scoped_test_nss_db.h" |
17 #include "net/base/test_data_directory.h" | 18 #include "net/base/test_data_directory.h" |
18 #include "net/cert/x509_certificate.h" | 19 #include "net/cert/x509_certificate.h" |
19 #include "net/ssl/ssl_cert_request_info.h" | 20 #include "net/ssl/ssl_cert_request_info.h" |
20 #include "net/test/cert_test_util.h" | 21 #include "net/test/cert_test_util.h" |
21 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
22 | 23 |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
78 | 79 |
79 scoped_refptr<net::X509Certificate> ImportCertToSlot( | 80 scoped_refptr<net::X509Certificate> ImportCertToSlot( |
80 const std::string& cert_filename, | 81 const std::string& cert_filename, |
81 const std::string& key_filename, | 82 const std::string& key_filename, |
82 PK11SlotInfo* slot) { | 83 PK11SlotInfo* slot) { |
83 return net::ImportClientCertAndKeyFromFile( | 84 return net::ImportClientCertAndKeyFromFile( |
84 net::GetTestCertsDirectory(), cert_filename, key_filename, slot); | 85 net::GetTestCertsDirectory(), cert_filename, key_filename, slot); |
85 } | 86 } |
86 | 87 |
87 private: | 88 private: |
88 scoped_ptr<base::MessageLoop> message_loop_; | 89 std::unique_ptr<base::MessageLoop> message_loop_; |
89 }; | 90 }; |
90 | 91 |
91 // Ensure that cert requests, that are started before the filter is initialized, | 92 // Ensure that cert requests, that are started before the filter is initialized, |
92 // will wait for the initialization and succeed afterwards. | 93 // will wait for the initialization and succeed afterwards. |
93 TEST_F(ClientCertStoreChromeOSTest, RequestWaitsForNSSInitAndSucceeds) { | 94 TEST_F(ClientCertStoreChromeOSTest, RequestWaitsForNSSInitAndSucceeds) { |
94 crypto::ScopedTestNSSDB test_db; | 95 crypto::ScopedTestNSSDB test_db; |
95 ASSERT_TRUE(test_db.is_open()); | 96 ASSERT_TRUE(test_db.is_open()); |
96 | 97 |
97 TestCertFilter* cert_filter = | 98 TestCertFilter* cert_filter = |
98 new TestCertFilter(false /* init asynchronously */); | 99 new TestCertFilter(false /* init asynchronously */); |
99 ClientCertStoreChromeOS store( | 100 ClientCertStoreChromeOS store( |
100 nullptr /* no additional provider */, make_scoped_ptr(cert_filter), | 101 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
101 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 102 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
102 | 103 |
103 scoped_refptr<net::X509Certificate> cert_1( | 104 scoped_refptr<net::X509Certificate> cert_1( |
104 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 105 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
105 ASSERT_TRUE(cert_1.get()); | 106 ASSERT_TRUE(cert_1.get()); |
106 | 107 |
107 // Request any client certificate, which is expected to match client_1. | 108 // Request any client certificate, which is expected to match client_1. |
108 scoped_refptr<net::SSLCertRequestInfo> request_all( | 109 scoped_refptr<net::SSLCertRequestInfo> request_all( |
109 new net::SSLCertRequestInfo()); | 110 new net::SSLCertRequestInfo()); |
110 | 111 |
(...skipping 16 matching lines...) Expand all Loading... |
127 } | 128 } |
128 | 129 |
129 // Ensure that cert requests, that are started after the filter was initialized, | 130 // Ensure that cert requests, that are started after the filter was initialized, |
130 // will succeed. | 131 // will succeed. |
131 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 132 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
132 crypto::ScopedTestNSSDB test_db; | 133 crypto::ScopedTestNSSDB test_db; |
133 ASSERT_TRUE(test_db.is_open()); | 134 ASSERT_TRUE(test_db.is_open()); |
134 | 135 |
135 ClientCertStoreChromeOS store( | 136 ClientCertStoreChromeOS store( |
136 nullptr, // no additional provider | 137 nullptr, // no additional provider |
137 make_scoped_ptr(new TestCertFilter(true /* init synchronously */)), | 138 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), |
138 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 139 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
139 | 140 |
140 scoped_refptr<net::X509Certificate> cert_1( | 141 scoped_refptr<net::X509Certificate> cert_1( |
141 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 142 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
142 ASSERT_TRUE(cert_1.get()); | 143 ASSERT_TRUE(cert_1.get()); |
143 | 144 |
144 scoped_refptr<net::SSLCertRequestInfo> request_all( | 145 scoped_refptr<net::SSLCertRequestInfo> request_all( |
145 new net::SSLCertRequestInfo()); | 146 new net::SSLCertRequestInfo()); |
146 | 147 |
147 base::RunLoop run_loop; | 148 base::RunLoop run_loop; |
148 store.GetClientCerts(*request_all, &request_all->client_certs, | 149 store.GetClientCerts(*request_all, &request_all->client_certs, |
149 run_loop.QuitClosure()); | 150 run_loop.QuitClosure()); |
150 run_loop.Run(); | 151 run_loop.Run(); |
151 | 152 |
152 ASSERT_EQ(1u, request_all->client_certs.size()); | 153 ASSERT_EQ(1u, request_all->client_certs.size()); |
153 } | 154 } |
154 | 155 |
155 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 156 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
156 crypto::ScopedTestNSSDB test_db; | 157 crypto::ScopedTestNSSDB test_db; |
157 ASSERT_TRUE(test_db.is_open()); | 158 ASSERT_TRUE(test_db.is_open()); |
158 | 159 |
159 TestCertFilter* cert_filter = | 160 TestCertFilter* cert_filter = |
160 new TestCertFilter(true /* init synchronously */); | 161 new TestCertFilter(true /* init synchronously */); |
161 ClientCertStoreChromeOS store( | 162 ClientCertStoreChromeOS store( |
162 nullptr /* no additional provider */, make_scoped_ptr(cert_filter), | 163 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
163 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 164 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
164 | 165 |
165 scoped_refptr<net::X509Certificate> cert_1( | 166 scoped_refptr<net::X509Certificate> cert_1( |
166 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 167 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
167 ASSERT_TRUE(cert_1.get()); | 168 ASSERT_TRUE(cert_1.get()); |
168 scoped_refptr<net::X509Certificate> cert_2( | 169 scoped_refptr<net::X509Certificate> cert_2( |
169 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 170 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
170 ASSERT_TRUE(cert_2.get()); | 171 ASSERT_TRUE(cert_2.get()); |
171 | 172 |
172 scoped_refptr<net::SSLCertRequestInfo> request_all( | 173 scoped_refptr<net::SSLCertRequestInfo> request_all( |
(...skipping 25 matching lines...) Expand all Loading... |
198 // Ensure that the delegation of the request matching to the base class is | 199 // Ensure that the delegation of the request matching to the base class is |
199 // functional. | 200 // functional. |
200 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 201 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
201 crypto::ScopedTestNSSDB test_db; | 202 crypto::ScopedTestNSSDB test_db; |
202 ASSERT_TRUE(test_db.is_open()); | 203 ASSERT_TRUE(test_db.is_open()); |
203 | 204 |
204 TestCertFilter* cert_filter = | 205 TestCertFilter* cert_filter = |
205 new TestCertFilter(true /* init synchronously */); | 206 new TestCertFilter(true /* init synchronously */); |
206 ClientCertStoreChromeOS store( | 207 ClientCertStoreChromeOS store( |
207 nullptr, // no additional provider | 208 nullptr, // no additional provider |
208 make_scoped_ptr(cert_filter), | 209 base::WrapUnique(cert_filter), |
209 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 210 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
210 | 211 |
211 scoped_refptr<net::X509Certificate> cert_1( | 212 scoped_refptr<net::X509Certificate> cert_1( |
212 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 213 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
213 ASSERT_TRUE(cert_1.get()); | 214 ASSERT_TRUE(cert_1.get()); |
214 scoped_refptr<net::X509Certificate> cert_2( | 215 scoped_refptr<net::X509Certificate> cert_2( |
215 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 216 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
216 ASSERT_TRUE(cert_2.get()); | 217 ASSERT_TRUE(cert_2.get()); |
217 | 218 |
218 std::vector<std::string> authority_1( | 219 std::vector<std::string> authority_1( |
219 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 220 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
220 sizeof(kAuthority1DN))); | 221 sizeof(kAuthority1DN))); |
221 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 222 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
222 request->cert_authorities = authority_1; | 223 request->cert_authorities = authority_1; |
223 | 224 |
224 base::RunLoop run_loop; | 225 base::RunLoop run_loop; |
225 net::CertificateList selected_certs; | 226 net::CertificateList selected_certs; |
226 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); | 227 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); |
227 run_loop.Run(); | 228 run_loop.Run(); |
228 | 229 |
229 ASSERT_EQ(1u, selected_certs.size()); | 230 ASSERT_EQ(1u, selected_certs.size()); |
230 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 231 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
231 } | 232 } |
232 | 233 |
233 } // namespace chromeos | 234 } // namespace chromeos |
OLD | NEW |