Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/extras/cert/cert_verifier_cache_persister_unittest.cc

Issue 2021433004: Cert - protobufs to serialize and deserialize CertVerifierCache. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@Add_support_for_walking_1999733002
Patch Set: Fix comments and more tests Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/extras/cert/cert_verifier_cache_persister.cc ('K') | « net/extras/cert/cert_verifier_cache_persister.cc ('k') | net/extras/cert/proto/cert_verification.proto » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/extras/cert/cert_verifier_cache_persister.h"
6
7 #include <memory>
8
9 #include "base/files/file_path.h"
10 #include "base/memory/ptr_util.h"
11 #include "base/memory/ref_counted.h"
12 #include "net/base/net_errors.h"
13 #include "net/base/test_completion_callback.h"
14 #include "net/base/test_data_directory.h"
15 #include "net/cert/caching_cert_verifier.h"
16 #include "net/cert/cert_verifier.h"
17 #include "net/cert/cert_verify_result.h"
18 #include "net/cert/mock_cert_verifier.h"
19 #include "net/cert/x509_certificate.h"
20 #include "net/log/net_log.h"
21 #include "net/test/cert_test_util.h"
22 #include "testing/gmock/include/gmock/gmock.h"
23 #include "testing/gtest/include/gtest/gtest.h"
24
25 namespace net {
26
27 namespace {
28
29 int VerifyCert(scoped_refptr<X509Certificate> certificate,
30 const std::string& hostname,
31 CachingCertVerifier* verifier,
32 CertVerifyResult* verify_result) {
33 TestCompletionCallback callback;
34 std::unique_ptr<CertVerifier::Request> request;
35
36 return callback.GetResult(verifier->Verify(
37 CertVerifier::RequestParams(certificate, hostname, 0, std::string(),
38 CertificateList()),
39 nullptr, verify_result, callback.callback(), &request, BoundNetLog()));
40 }
41
42 CertVerificationCache VerifyAndSerializeCert(const std::string& cert_name,
43 const std::string& hostname,
44 CachingCertVerifier* verifier,
45 CertVerifyResult* verify_result) {
46 base::FilePath certs_dir = GetTestCertsDirectory();
47 scoped_refptr<X509Certificate> ok_cert(
48 ImportCertFromFile(certs_dir, cert_name));
49 EXPECT_TRUE(ok_cert.get());
50
51 int error = VerifyCert(ok_cert, hostname, verifier, verify_result);
52 EXPECT_TRUE(IsCertificateError(error));
53
54 CertVerificationCache proto_cert_cache =
55 SerializeCertVerifierCache(*verifier);
56 DCHECK_EQ(1, proto_cert_cache.certs_size());
57 DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
58 return proto_cert_cache;
59 }
60
61 } // namespace
62
63 class CertVerifierCachePersisterTest : public ::testing::Test {
64 public:
65 CertVerifierCachePersisterTest()
66 : verifier_(base::MakeUnique<MockCertVerifier>()) {}
67 ~CertVerifierCachePersisterTest() override {}
68
69 protected:
70 CachingCertVerifier verifier_;
71 };
72
73 TEST_F(CertVerifierCachePersisterTest, RestoreEmptyData) {
74 // Restoring empty data should fail.
75 CertVerificationCache proto_cert_cache;
76 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier_));
77 }
78
79 TEST_F(CertVerifierCachePersisterTest, SerializeCache) {
80 CertVerifyResult verify_result;
81 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
82 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
83 }
84
85 TEST_F(CertVerifierCachePersisterTest, RestoreExistingEntry) {
86 CertVerifyResult verify_result;
87 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
88 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
89
90 // Restore the cache data for an existing entry should fail.
91 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier_));
92 }
93
94 TEST_F(CertVerifierCachePersisterTest, RestoreDataIntoNewVerifier) {
95 scoped_refptr<X509Certificate> ok_cert(
96 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
97 ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
98
99 int error;
100 std::string example_hostname("www.example.com");
101 CertVerifyResult verify_result;
102 TestCompletionCallback callback;
103 std::unique_ptr<CertVerifier::Request> request;
104
105 error = callback.GetResult(verifier_.Verify(
106 CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
107 CertificateList()),
108 nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
109 ASSERT_TRUE(IsCertificateError(error));
110
111 CertVerificationCache proto_cert_cache =
112 SerializeCertVerifierCache(verifier_);
113 DCHECK_EQ(1, proto_cert_cache.certs_size());
114 DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
115
116 // Create a new Verifier and restoring the data into it should succeed.
117 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
118 EXPECT_TRUE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
119
120 CertVerifyResult verify_result2;
121 error = callback.GetResult(verifier2.Verify(
122 CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
123 CertificateList()),
124 nullptr, &verify_result2, callback.callback(), &request, BoundNetLog()));
125 // Synchronous completion and verify it is same as serialized data.
126 ASSERT_NE(ERR_IO_PENDING, error);
127 ASSERT_TRUE(IsCertificateError(error));
128 ASSERT_FALSE(request);
129 EXPECT_EQ(verify_result2.cert_status, verify_result.cert_status);
130 }
131
132 TEST_F(CertVerifierCachePersisterTest, RestoreMultipleEntriesIntoNewVerifier) {
133 scoped_refptr<X509Certificate> ok_cert(
134 ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
135 ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
136
137 const scoped_refptr<X509Certificate> root_cert =
138 ImportCertFromFile(GetTestCertsDirectory(), "root_ca_cert.pem");
139 ASSERT_TRUE(root_cert.get());
140
141 // Create a certificate that contains both a leaf and an intermediate/root.
142 X509Certificate::OSCertHandles chain;
143 chain.push_back(root_cert->os_cert_handle());
144 const scoped_refptr<X509Certificate> combined_cert =
145 X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), chain);
146 ASSERT_TRUE(combined_cert.get());
147
148 int error;
149 std::string example_hostname("www.example.com");
150 CertVerifyResult verifyier1_result1;
151 TestCompletionCallback callback;
152 std::unique_ptr<CertVerifier::Request> request;
153
154 error = callback.GetResult(verifier_.Verify(
155 CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
156 CertificateList()),
157 nullptr, &verifyier1_result1, callback.callback(), &request,
158 BoundNetLog()));
159 ASSERT_TRUE(IsCertificateError(error));
160
161 std::string example2_hostname("www.example2.com");
162 CertVerifyResult verifier1_result2;
163 error = callback.GetResult(verifier_.Verify(
164 CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
165 std::string(), CertificateList()),
166 nullptr, &verifier1_result2, callback.callback(), &request,
167 BoundNetLog()));
168 ASSERT_TRUE(IsCertificateError(error));
169
170 CertVerificationCache proto_cert_cache =
171 SerializeCertVerifierCache(verifier_);
172 DCHECK_EQ(2, proto_cert_cache.certs_size());
173 DCHECK_EQ(2, proto_cert_cache.cache_entry_size());
174
175 // Create a new Verifier and restoring the data into it should succeed.
176 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
177 EXPECT_TRUE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
178
179 CertVerifyResult verifier2_result1;
180 error = callback.GetResult(verifier2.Verify(
181 CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
182 CertificateList()),
183 nullptr, &verifier2_result1, callback.callback(), &request,
184 BoundNetLog()));
185 // Synchronous completion and verify it is same as serialized data.
186 ASSERT_NE(ERR_IO_PENDING, error);
187 ASSERT_TRUE(IsCertificateError(error));
188 ASSERT_FALSE(request);
189 EXPECT_EQ(verifier2_result1.cert_status, verifyier1_result1.cert_status);
190
191 CertVerifyResult verifier2_result2;
192 error = callback.GetResult(verifier2.Verify(
193 CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
194 std::string(), CertificateList()),
195 nullptr, &verifier2_result2, callback.callback(), &request,
196 BoundNetLog()));
197 // Synchronous completion and verify it is same as serialized data.
198 ASSERT_NE(ERR_IO_PENDING, error);
199 ASSERT_TRUE(IsCertificateError(error));
200 ASSERT_FALSE(request);
201 EXPECT_EQ(verifier2_result2.cert_status, verifier1_result2.cert_status);
202 }
203
204 TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCerts) {
205 CertVerifyResult verify_result;
206 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
207 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
208
209 proto_cert_cache.clear_certs();
210
211 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
212 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
213 }
214
215 TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCacheEntry) {
216 CertVerifyResult verify_result;
217 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
218 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
219
220 proto_cert_cache.clear_cache_entry();
221
222 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
223 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
224 }
225
226 TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedRequestParams) {
227 CertVerifyResult verify_result;
228 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
229 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
230
231 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
232 CertVerificationCacheEntry* cache_entry =
233 proto_cert_cache.mutable_cache_entry(i);
234 cache_entry->clear_request_params();
235 }
236
237 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
238 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
239 }
240
241 TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoCertificate) {
242 CertVerifyResult verify_result;
243 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
244 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
245
246 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
247 CertVerificationCacheEntry* cache_entry =
248 proto_cert_cache.mutable_cache_entry(i);
249 CertVerificationRequestParams* proto_request_params =
250 cache_entry->mutable_request_params();
251 proto_request_params->clear_certificate();
252 }
253
254 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
255 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
256 }
257
258 TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoHostname) {
259 CertVerifyResult verify_result;
260 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
261 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
262
263 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
264 CertVerificationCacheEntry* cache_entry =
265 proto_cert_cache.mutable_cache_entry(i);
266 CertVerificationRequestParams* proto_request_params =
267 cache_entry->mutable_request_params();
268 proto_request_params->clear_hostname();
269 }
270
271 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
272 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
273 }
274
275 TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsEmptyHostname) {
276 CertVerifyResult verify_result;
277 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
278 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
279
280 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
281 CertVerificationCacheEntry* cache_entry =
282 proto_cert_cache.mutable_cache_entry(i);
283 CertVerificationRequestParams* proto_request_params =
284 cache_entry->mutable_request_params();
285 proto_request_params->set_hostname("");
286 }
287
288 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
289 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
290 }
291
292 TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoFlags) {
293 CertVerifyResult verify_result;
294 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
295 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
296
297 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
298 CertVerificationCacheEntry* cache_entry =
299 proto_cert_cache.mutable_cache_entry(i);
300 CertVerificationRequestParams* proto_request_params =
301 cache_entry->mutable_request_params();
302 proto_request_params->clear_flags();
303 }
304
305 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
306 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
307 }
308
309 TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoOcspResponse) {
310 CertVerifyResult verify_result;
311 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
312 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
313
314 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
315 CertVerificationCacheEntry* cache_entry =
316 proto_cert_cache.mutable_cache_entry(i);
317 CertVerificationRequestParams* proto_request_params =
318 cache_entry->mutable_request_params();
319 proto_request_params->clear_ocsp_response();
320 }
321
322 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
323 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
324 }
325
326 TEST_F(CertVerifierCachePersisterTest,
327 DeserializeRequestParamsCertificateNoCertNumbers) {
328 CertVerifyResult verify_result;
329 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
330 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
331
332 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
333 CertVerificationCacheEntry* cache_entry =
334 proto_cert_cache.mutable_cache_entry(i);
335 CertVerificationRequestParams* proto_request_params =
336 cache_entry->mutable_request_params();
337 CertVerificationCertificate* proto_certificate =
338 proto_request_params->mutable_certificate();
339 proto_certificate->clear_cert_numbers();
340 }
341
342 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
343 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
344 }
345
346 TEST_F(CertVerifierCachePersisterTest,
347 DeserializeCorruptedRequestParamsCertNumbers) {
348 CertVerifyResult verify_result;
349 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
350 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
351
352 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
353 CertVerificationCacheEntry* cache_entry =
354 proto_cert_cache.mutable_cache_entry(i);
355 CertVerificationRequestParams* proto_request_params =
356 cache_entry->mutable_request_params();
357 CertVerificationCertificate* proto_certificate =
358 proto_request_params->mutable_certificate();
359 proto_certificate->set_cert_numbers(0, 100);
360 }
361
362 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
363 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
364 }
365
366 TEST_F(CertVerifierCachePersisterTest,
367 DeserializeRequestParamsCertificateNoTrustAnchors) {
368 // |ca_cert| is the issuer of |cert|.
369 CertificateList ca_cert_list =
370 CreateCertificateListFromFile(GetTestCertsDirectory(), "root_ca_cert.pem",
371 X509Certificate::FORMAT_AUTO);
372 ASSERT_EQ(1U, ca_cert_list.size());
373 scoped_refptr<X509Certificate> ca_cert(ca_cert_list[0]);
374
375 CertificateList cert_list = CreateCertificateListFromFile(
376 GetTestCertsDirectory(), "ok_cert.pem", X509Certificate::FORMAT_AUTO);
377 ASSERT_EQ(1U, cert_list.size());
378 scoped_refptr<X509Certificate> cert(cert_list[0]);
379
380 // Now add the |ca_cert| to the |trust_anchors|, and verification should pass.
381 CertificateList trust_anchors;
382 trust_anchors.push_back(ca_cert);
383
384 int error;
385 CertVerifyResult verify_result;
386 TestCompletionCallback callback;
387 std::unique_ptr<CertVerifier::Request> request;
388
389 error = callback.GetResult(verifier_.Verify(
390 CertVerifier::RequestParams(cert, "www.example.com", 0, std::string(),
391 trust_anchors),
392 nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
393 EXPECT_TRUE(IsCertificateError(error));
394
395 CertVerificationCache proto_cert_cache =
396 SerializeCertVerifierCache(verifier_);
397 DCHECK_EQ(2, proto_cert_cache.certs_size());
398 DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
399
400 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
401 CertVerificationCacheEntry* cache_entry =
402 proto_cert_cache.mutable_cache_entry(i);
403 CertVerificationRequestParams* proto_request_params =
404 cache_entry->mutable_request_params();
405 for (int j = 0; j < proto_request_params->additional_trust_anchors_size();
406 ++j) {
407 CertVerificationCertificate* proto_certificate =
408 proto_request_params->mutable_additional_trust_anchors(j);
409 proto_certificate->clear_cert_numbers();
410 }
411 }
412
413 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
414 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
415 }
416
417 TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCachedResult) {
418 CertVerifyResult verify_result;
419 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
420 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
421
422 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
423 CertVerificationCacheEntry* cache_entry =
424 proto_cert_cache.mutable_cache_entry(i);
425 cache_entry->clear_cached_result();
426 }
427
428 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
429 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
430 }
431
432 TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoError) {
433 CertVerifyResult verify_result;
434 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
435 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
436
437 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
438 CertVerificationCacheEntry* cache_entry =
439 proto_cert_cache.mutable_cache_entry(i);
440 CertVerificationCachedResult* proto_cached_result =
441 cache_entry->mutable_cached_result();
442 proto_cached_result->clear_error();
443 }
444
445 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
446 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
447 }
448
449 TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoResult) {
450 CertVerifyResult verify_result;
451 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
452 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
453
454 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
455 CertVerificationCacheEntry* cache_entry =
456 proto_cert_cache.mutable_cache_entry(i);
457 CertVerificationCachedResult* proto_cached_result =
458 cache_entry->mutable_cached_result();
459 proto_cached_result->clear_result();
460 }
461
462 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
463 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
464 }
465
466 TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoCertStatus) {
467 CertVerifyResult verify_result;
468 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
469 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
470
471 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
472 CertVerificationCacheEntry* cache_entry =
473 proto_cert_cache.mutable_cache_entry(i);
474 CertVerificationCachedResult* proto_cached_result =
475 cache_entry->mutable_cached_result();
476 CertVerificationResult* proto_result =
477 proto_cached_result->mutable_result();
478 proto_result->clear_cert_status();
479 }
480
481 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
482 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
483 }
484
485 TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoVerifiedCert) {
486 CertVerifyResult verify_result;
487 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
488 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
489
490 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
491 CertVerificationCacheEntry* cache_entry =
492 proto_cert_cache.mutable_cache_entry(i);
493 CertVerificationCachedResult* proto_cached_result =
494 cache_entry->mutable_cached_result();
495 CertVerificationResult* proto_result =
496 proto_cached_result->mutable_result();
497 proto_result->clear_verified_cert();
498 }
499
500 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
501 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
502 }
503
504 TEST_F(CertVerifierCachePersisterTest,
505 DeserializeCachedResultNoVerifiedCertNumber) {
506 CertVerifyResult verify_result;
507 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
508 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
509
510 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
511 CertVerificationCacheEntry* cache_entry =
512 proto_cert_cache.mutable_cache_entry(i);
513 CertVerificationCachedResult* proto_cached_result =
514 cache_entry->mutable_cached_result();
515 CertVerificationResult* proto_result =
516 proto_cached_result->mutable_result();
517 proto_result->clear_verified_cert();
518 CertVerificationCertificate* proto_certificate =
519 proto_result->mutable_verified_cert();
520 proto_certificate->clear_cert_numbers();
521 }
522
523 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
524 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
525 }
526
527 TEST_F(CertVerifierCachePersisterTest,
528 DeserializeCorruptedCachedResultVerifiedCertNumber) {
529 CertVerifyResult verify_result;
530 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
531 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
532
533 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
534 CertVerificationCacheEntry* cache_entry =
535 proto_cert_cache.mutable_cache_entry(i);
536 CertVerificationCachedResult* proto_cached_result =
537 cache_entry->mutable_cached_result();
538 CertVerificationResult* proto_result =
539 proto_cached_result->mutable_result();
540 CertVerificationCertificate* proto_certificate =
541 proto_result->mutable_verified_cert();
542 proto_certificate->set_cert_numbers(0, 100);
543 }
544
545 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
546 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
547 }
548
549 TEST_F(CertVerifierCachePersisterTest,
550 DeserializeCorruptedCachedResultPublicKeyHashes) {
551 CertVerifyResult verify_result;
552 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
553 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
554
555 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
556 CertVerificationCacheEntry* cache_entry =
557 proto_cert_cache.mutable_cache_entry(i);
558 CertVerificationCachedResult* proto_cached_result =
559 cache_entry->mutable_cached_result();
560 CertVerificationResult* proto_result =
561 proto_cached_result->mutable_result();
562 proto_result->add_public_key_hashes("");
563 }
564
565 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
566 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
567 }
568
569 TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedVerificationTime) {
570 CertVerifyResult verify_result;
571 CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
572 "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
573
574 for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
575 CertVerificationCacheEntry* cache_entry =
576 proto_cert_cache.mutable_cache_entry(i);
577 cache_entry->clear_verification_time();
578 }
579
580 CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
581 EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
582 }
583
584 } // namespace net
OLDNEW
« net/extras/cert/cert_verifier_cache_persister.cc ('K') | « net/extras/cert/cert_verifier_cache_persister.cc ('k') | net/extras/cert/proto/cert_verification.proto » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698