Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(215)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/test_tools/crypto_test_utils_chromium.cc

Issue 1882433002: Removing NSS files and USE_OPENSSL flag (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Removing unused test code' Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« build/common.gypi ('K') | « net/quic/quic_stream_factory.cc ('k') | net/quic/test_tools/crypto_test_utils_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/test_tools/crypto_test_utils.h" 5 #include "net/quic/test_tools/crypto_test_utils.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/callback_helpers.h" 9 #include "base/callback_helpers.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
71 private: 71 private:
72 ScopedTestRoot scoped_root_; 72 ScopedTestRoot scoped_root_;
73 scoped_ptr<CertVerifier> cert_verifier_; 73 scoped_ptr<CertVerifier> cert_verifier_;
74 scoped_ptr<TransportSecurityState> transport_security_state_; 74 scoped_ptr<TransportSecurityState> transport_security_state_;
75 scoped_ptr<CTVerifier> cert_transparency_verifier_; 75 scoped_ptr<CTVerifier> cert_transparency_verifier_;
76 }; 76 };
77 77
78 const char kSignature[] = "signature"; 78 const char kSignature[] = "signature";
79 const char kSCT[] = "CryptoServerTests"; 79 const char kSCT[] = "CryptoServerTests";
80 80
81 class FakeProofSource : public ProofSource {
82 public:
83 FakeProofSource() {}
84 ~FakeProofSource() override {}
85
86 // ProofSource interface
87 bool Initialize(const base::FilePath& cert_path,
88 const base::FilePath& key_path,
89 const base::FilePath& sct_path) {
90 std::string cert_data;
91 if (!base::ReadFileToString(cert_path, &cert_data)) {
92 DLOG(FATAL) << "Unable to read certificates.";
93 return false;
94 }
95
96 CertificateList certs_in_file =
97 X509Certificate::CreateCertificateListFromBytes(
98 cert_data.data(), cert_data.size(), X509Certificate::FORMAT_AUTO);
99
100 if (certs_in_file.empty()) {
101 DLOG(FATAL) << "No certificates.";
102 return false;
103 }
104
105 vector<string> certs;
106 for (const scoped_refptr<X509Certificate>& cert : certs_in_file) {
107 std::string der_encoded_cert;
108 if (!X509Certificate::GetDEREncoded(cert->os_cert_handle(),
109 &der_encoded_cert)) {
110 return false;
111 }
112 certs.push_back(der_encoded_cert);
113 }
114 chain_ = new ProofSource::Chain(certs);
115 return true;
116 }
117
118 bool GetProof(const IPAddress& server_ip,
119 const std::string& hostname,
120 const std::string& server_config,
121 QuicVersion quic_version,
122 StringPiece chlo_hash,
123 bool ecdsa_ok,
124 scoped_refptr<ProofSource::Chain>* out_chain,
125 std::string* out_signature,
126 std::string* out_leaf_cert_sct) override {
127 out_signature->assign(kSignature);
128 *out_chain = chain_;
129 *out_leaf_cert_sct = kSCT;
130 return true;
131 }
132
133 private:
134 scoped_refptr<ProofSource::Chain> chain_;
135
136 DISALLOW_COPY_AND_ASSIGN(FakeProofSource);
137 };
138
139 class FakeProofVerifier : public TestProofVerifierChromium {
140 public:
141 FakeProofVerifier(scoped_ptr<CertVerifier> cert_verifier,
142 scoped_ptr<TransportSecurityState> transport_security_state,
143 scoped_ptr<CTVerifier> cert_transparency_verifier,
144 const std::string& cert_file)
145 : TestProofVerifierChromium(std::move(cert_verifier),
146 std::move(transport_security_state),
147 std::move(cert_transparency_verifier),
148 cert_file) {}
149 ~FakeProofVerifier() override {}
150
151 // ProofVerifier interface
152 QuicAsyncStatus VerifyProof(const std::string& hostname,
153 const uint16_t port,
154 const std::string& server_config,
155 QuicVersion quic_version,
156 StringPiece chlo_hash,
157 const std::vector<std::string>& certs,
158 const std::string& cert_sct,
159 const std::string& signature,
160 const ProofVerifyContext* verify_context,
161 std::string* error_details,
162 scoped_ptr<ProofVerifyDetails>* verify_details,
163 ProofVerifierCallback* callback) override {
164 error_details->clear();
165 scoped_ptr<ProofVerifyDetailsChromium> verify_details_chromium(
166 new ProofVerifyDetailsChromium);
167 DCHECK(!certs.empty());
168 // Convert certs to X509Certificate.
169 vector<StringPiece> cert_pieces(certs.size());
170 for (unsigned i = 0; i < certs.size(); i++) {
171 cert_pieces[i] = base::StringPiece(certs[i]);
172 }
173 scoped_refptr<X509Certificate> x509_cert =
174 X509Certificate::CreateFromDERCertChain(cert_pieces);
175
176 if (!x509_cert.get()) {
177 *error_details = "Failed to create certificate chain";
178 verify_details_chromium->cert_verify_result.cert_status =
179 CERT_STATUS_INVALID;
180 *verify_details = std::move(verify_details_chromium);
181 return QUIC_FAILURE;
182 }
183
184 const ProofVerifyContextChromium* chromium_context =
185 reinterpret_cast<const ProofVerifyContextChromium*>(verify_context);
186 scoped_ptr<CertVerifier::Request> cert_verifier_request_;
187 TestCompletionCallback test_callback;
188 int result = cert_verifier()->Verify(
189 x509_cert.get(), hostname, std::string(),
190 chromium_context->cert_verify_flags,
191 SSLConfigService::GetCRLSet().get(),
192 &verify_details_chromium->cert_verify_result, test_callback.callback(),
193 &cert_verifier_request_, chromium_context->net_log);
194 if (result != OK) {
195 std::string error_string = ErrorToString(result);
196 *error_details = StringPrintf("Failed to verify certificate chain: %s",
197 error_string.c_str());
198 verify_details_chromium->cert_verify_result.cert_status =
199 CERT_STATUS_INVALID;
200 *verify_details = std::move(verify_details_chromium);
201 return QUIC_FAILURE;
202 }
203 if (signature != kSignature) {
204 *error_details = "Invalid proof";
205 verify_details_chromium->cert_verify_result.cert_status =
206 CERT_STATUS_INVALID;
207 *verify_details = std::move(verify_details_chromium);
208 return QUIC_FAILURE;
209 }
210 *verify_details = std::move(verify_details_chromium);
211 return QUIC_SUCCESS;
212 }
213
214 private:
215 DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
216 };
217
218 } // namespace 81 } // namespace
219 82
220 // static 83 // static
221 ProofSource* CryptoTestUtils::ProofSourceForTesting() { 84 ProofSource* CryptoTestUtils::ProofSourceForTesting() {
222 #if defined(USE_OPENSSL)
223 ProofSourceChromium* source = new ProofSourceChromium(); 85 ProofSourceChromium* source = new ProofSourceChromium();
224 #else
225 FakeProofSource* source = new FakeProofSource();
226 #endif
227 base::FilePath certs_dir = GetTestCertsDirectory(); 86 base::FilePath certs_dir = GetTestCertsDirectory();
228 CHECK(source->Initialize( 87 CHECK(source->Initialize(
229 certs_dir.AppendASCII("quic_chain.crt"), 88 certs_dir.AppendASCII("quic_chain.crt"),
230 certs_dir.AppendASCII("quic_test.example.com.key.pkcs8"), 89 certs_dir.AppendASCII("quic_test.example.com.key.pkcs8"),
231 certs_dir.AppendASCII("quic_test.example.com.key.sct"))); 90 certs_dir.AppendASCII("quic_test.example.com.key.sct")));
232 return source; 91 return source;
233 } 92 }
234 93
235 // static 94 // static
236 ProofVerifier* ProofVerifierForTestingInternal(bool use_real_proof_verifier) { 95 ProofVerifier* ProofVerifierForTestingInternal(bool use_real_proof_verifier) {
237 // TODO(rch): use a real cert verifier? 96 // TODO(rch): use a real cert verifier?
238 scoped_ptr<MockCertVerifier> cert_verifier(new MockCertVerifier()); 97 scoped_ptr<MockCertVerifier> cert_verifier(new MockCertVerifier());
239 net::CertVerifyResult verify_result; 98 net::CertVerifyResult verify_result;
240 verify_result.verified_cert = 99 verify_result.verified_cert =
241 ImportCertFromFile(GetTestCertsDirectory(), "quic_test.example.com.crt"); 100 ImportCertFromFile(GetTestCertsDirectory(), "quic_test.example.com.crt");
242 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(), 101 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
243 "test.example.com", verify_result, OK); 102 "test.example.com", verify_result, OK);
244 verify_result.verified_cert = ImportCertFromFile( 103 verify_result.verified_cert = ImportCertFromFile(
245 GetTestCertsDirectory(), "quic_test_ecc.example.com.crt"); 104 GetTestCertsDirectory(), "quic_test_ecc.example.com.crt");
246 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(), 105 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
247 "test.example.com", verify_result, OK); 106 "test.example.com", verify_result, OK);
248 if (use_real_proof_verifier) { 107 if (use_real_proof_verifier) {
249 return new TestProofVerifierChromium( 108 return new TestProofVerifierChromium(
250 std::move(cert_verifier), make_scoped_ptr(new TransportSecurityState), 109 std::move(cert_verifier), make_scoped_ptr(new TransportSecurityState),
251 make_scoped_ptr(new MultiLogCTVerifier), "quic_root.crt"); 110 make_scoped_ptr(new MultiLogCTVerifier), "quic_root.crt");
252 } 111 }
253 #if defined(USE_OPENSSL)
254 return new TestProofVerifierChromium( 112 return new TestProofVerifierChromium(
255 std::move(cert_verifier), make_scoped_ptr(new TransportSecurityState), 113 std::move(cert_verifier), make_scoped_ptr(new TransportSecurityState),
256 make_scoped_ptr(new MultiLogCTVerifier), "quic_root.crt"); 114 make_scoped_ptr(new MultiLogCTVerifier), "quic_root.crt");
257 #else
258 return new FakeProofVerifier(
259 std::move(cert_verifier), make_scoped_ptr(new TransportSecurityState),
260 make_scoped_ptr(new MultiLogCTVerifier), "quic_root.crt");
261 #endif
262 } 115 }
263 116
264 // static 117 // static
265 ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() { 118 ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
266 return ProofVerifierForTestingInternal(/*use_real_proof_verifier=*/false); 119 return ProofVerifierForTestingInternal(/*use_real_proof_verifier=*/false);
267 } 120 }
268 121
269 // static 122 // static
270 ProofVerifier* CryptoTestUtils::RealProofVerifierForTesting() { 123 ProofVerifier* CryptoTestUtils::RealProofVerifierForTesting() {
271 return ProofVerifierForTestingInternal(/*use_real_proof_verifier=*/true); 124 return ProofVerifierForTestingInternal(/*use_real_proof_verifier=*/true);
272 } 125 }
273 126
274 // static 127 // static
275 ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() { 128 ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
276 return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog()); 129 return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog());
277 } 130 }
278 131
279 } // namespace test 132 } // namespace test
280 133
281 } // namespace net 134 } // namespace net
OLDNEW
« build/common.gypi ('K') | « net/quic/quic_stream_factory.cc ('k') | net/quic/test_tools/crypto_test_utils_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698