| Index: net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| diff --git a/net/extras/cert/cert_verifier_cache_persister_unittest.cc b/net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..62caefdbb4136e6382b71815eec560cb504a7168
|
| --- /dev/null
|
| +++ b/net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| @@ -0,0 +1,584 @@
|
| +// Copyright (c) 2016 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "net/extras/cert/cert_verifier_cache_persister.h"
|
| +
|
| +#include <memory>
|
| +
|
| +#include "base/files/file_path.h"
|
| +#include "base/memory/ptr_util.h"
|
| +#include "base/memory/ref_counted.h"
|
| +#include "net/base/net_errors.h"
|
| +#include "net/base/test_completion_callback.h"
|
| +#include "net/base/test_data_directory.h"
|
| +#include "net/cert/caching_cert_verifier.h"
|
| +#include "net/cert/cert_verifier.h"
|
| +#include "net/cert/cert_verify_result.h"
|
| +#include "net/cert/mock_cert_verifier.h"
|
| +#include "net/cert/x509_certificate.h"
|
| +#include "net/log/net_log.h"
|
| +#include "net/test/cert_test_util.h"
|
| +#include "testing/gmock/include/gmock/gmock.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +
|
| +namespace net {
|
| +
|
| +namespace {
|
| +
|
| +int VerifyCert(scoped_refptr<X509Certificate> certificate,
|
| + const std::string& hostname,
|
| + CachingCertVerifier* verifier,
|
| + CertVerifyResult* verify_result) {
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + return callback.GetResult(verifier->Verify(
|
| + CertVerifier::RequestParams(certificate, hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, verify_result, callback.callback(), &request, BoundNetLog()));
|
| +}
|
| +
|
| +CertVerificationCache VerifyAndSerializeCert(const std::string& cert_name,
|
| + const std::string& hostname,
|
| + CachingCertVerifier* verifier,
|
| + CertVerifyResult* verify_result) {
|
| + base::FilePath certs_dir = GetTestCertsDirectory();
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(certs_dir, cert_name));
|
| + EXPECT_TRUE(ok_cert.get());
|
| +
|
| + int error = VerifyCert(ok_cert, hostname, verifier, verify_result);
|
| + EXPECT_TRUE(IsCertificateError(error));
|
| +
|
| + CertVerificationCache proto_cert_cache =
|
| + SerializeCertVerifierCache(*verifier);
|
| + DCHECK_EQ(1, proto_cert_cache.certs_size());
|
| + DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
|
| + return proto_cert_cache;
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +class CertVerifierCachePersisterTest : public ::testing::Test {
|
| + public:
|
| + CertVerifierCachePersisterTest()
|
| + : verifier_(base::MakeUnique<MockCertVerifier>()) {}
|
| + ~CertVerifierCachePersisterTest() override {}
|
| +
|
| + protected:
|
| + CachingCertVerifier verifier_;
|
| +};
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreEmptyData) {
|
| + // Restoring empty data should fail.
|
| + CertVerificationCache proto_cert_cache;
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier_));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, SerializeCache) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreExistingEntry) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + // Restore the cache data for an existing entry should fail.
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier_));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreDataIntoNewVerifier) {
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| + ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
|
| +
|
| + int error;
|
| + std::string example_hostname("www.example.com");
|
| + CertVerifyResult verify_result;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + CertVerificationCache proto_cert_cache =
|
| + SerializeCertVerifierCache(verifier_);
|
| + DCHECK_EQ(1, proto_cert_cache.certs_size());
|
| + DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
|
| +
|
| + // Create a new Verifier and restoring the data into it should succeed.
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_TRUE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +
|
| + CertVerifyResult verify_result2;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result2, callback.callback(), &request, BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verify_result2.cert_status, verify_result.cert_status);
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreMultipleEntriesIntoNewVerifier) {
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| + ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
|
| +
|
| + const scoped_refptr<X509Certificate> root_cert =
|
| + ImportCertFromFile(GetTestCertsDirectory(), "root_ca_cert.pem");
|
| + ASSERT_TRUE(root_cert.get());
|
| +
|
| + // Create a certificate that contains both a leaf and an intermediate/root.
|
| + X509Certificate::OSCertHandles chain;
|
| + chain.push_back(root_cert->os_cert_handle());
|
| + const scoped_refptr<X509Certificate> combined_cert =
|
| + X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), chain);
|
| + ASSERT_TRUE(combined_cert.get());
|
| +
|
| + int error;
|
| + std::string example_hostname("www.example.com");
|
| + CertVerifyResult verifyier1_result1;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verifyier1_result1, callback.callback(), &request,
|
| + BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string example2_hostname("www.example2.com");
|
| + CertVerifyResult verifier1_result2;
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
|
| + std::string(), CertificateList()),
|
| + nullptr, &verifier1_result2, callback.callback(), &request,
|
| + BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + CertVerificationCache proto_cert_cache =
|
| + SerializeCertVerifierCache(verifier_);
|
| + DCHECK_EQ(2, proto_cert_cache.certs_size());
|
| + DCHECK_EQ(2, proto_cert_cache.cache_entry_size());
|
| +
|
| + // Create a new Verifier and restoring the data into it should succeed.
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_TRUE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +
|
| + CertVerifyResult verifier2_result1;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verifier2_result1, callback.callback(), &request,
|
| + BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verifier2_result1.cert_status, verifyier1_result1.cert_status);
|
| +
|
| + CertVerifyResult verifier2_result2;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
|
| + std::string(), CertificateList()),
|
| + nullptr, &verifier2_result2, callback.callback(), &request,
|
| + BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verifier2_result2.cert_status, verifier1_result2.cert_status);
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCerts) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + proto_cert_cache.clear_certs();
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCacheEntry) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + proto_cert_cache.clear_cache_entry();
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedRequestParams) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + cache_entry->clear_request_params();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoCertificate) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + proto_request_params->clear_certificate();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoHostname) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + proto_request_params->clear_hostname();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsEmptyHostname) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + proto_request_params->set_hostname("");
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoFlags) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + proto_request_params->clear_flags();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeRequestParamsNoOcspResponse) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + proto_request_params->clear_ocsp_response();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeRequestParamsCertificateNoCertNumbers) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + CertVerificationCertificate* proto_certificate =
|
| + proto_request_params->mutable_certificate();
|
| + proto_certificate->clear_cert_numbers();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeCorruptedRequestParamsCertNumbers) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + CertVerificationCertificate* proto_certificate =
|
| + proto_request_params->mutable_certificate();
|
| + proto_certificate->set_cert_numbers(0, 100);
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeRequestParamsCertificateNoTrustAnchors) {
|
| + // |ca_cert| is the issuer of |cert|.
|
| + CertificateList ca_cert_list =
|
| + CreateCertificateListFromFile(GetTestCertsDirectory(), "root_ca_cert.pem",
|
| + X509Certificate::FORMAT_AUTO);
|
| + ASSERT_EQ(1U, ca_cert_list.size());
|
| + scoped_refptr<X509Certificate> ca_cert(ca_cert_list[0]);
|
| +
|
| + CertificateList cert_list = CreateCertificateListFromFile(
|
| + GetTestCertsDirectory(), "ok_cert.pem", X509Certificate::FORMAT_AUTO);
|
| + ASSERT_EQ(1U, cert_list.size());
|
| + scoped_refptr<X509Certificate> cert(cert_list[0]);
|
| +
|
| + // Now add the |ca_cert| to the |trust_anchors|, and verification should pass.
|
| + CertificateList trust_anchors;
|
| + trust_anchors.push_back(ca_cert);
|
| +
|
| + int error;
|
| + CertVerifyResult verify_result;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(cert, "www.example.com", 0, std::string(),
|
| + trust_anchors),
|
| + nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
|
| + EXPECT_TRUE(IsCertificateError(error));
|
| +
|
| + CertVerificationCache proto_cert_cache =
|
| + SerializeCertVerifierCache(verifier_);
|
| + DCHECK_EQ(2, proto_cert_cache.certs_size());
|
| + DCHECK_EQ(1, proto_cert_cache.cache_entry_size());
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationRequestParams* proto_request_params =
|
| + cache_entry->mutable_request_params();
|
| + for (int j = 0; j < proto_request_params->additional_trust_anchors_size();
|
| + ++j) {
|
| + CertVerificationCertificate* proto_certificate =
|
| + proto_request_params->mutable_additional_trust_anchors(j);
|
| + proto_certificate->clear_cert_numbers();
|
| + }
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedCachedResult) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + cache_entry->clear_cached_result();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoError) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + proto_cached_result->clear_error();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoResult) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + proto_cached_result->clear_result();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoCertStatus) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + CertVerificationResult* proto_result =
|
| + proto_cached_result->mutable_result();
|
| + proto_result->clear_cert_status();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCachedResultNoVerifiedCert) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + CertVerificationResult* proto_result =
|
| + proto_cached_result->mutable_result();
|
| + proto_result->clear_verified_cert();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeCachedResultNoVerifiedCertNumber) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + CertVerificationResult* proto_result =
|
| + proto_cached_result->mutable_result();
|
| + proto_result->clear_verified_cert();
|
| + CertVerificationCertificate* proto_certificate =
|
| + proto_result->mutable_verified_cert();
|
| + proto_certificate->clear_cert_numbers();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeCorruptedCachedResultVerifiedCertNumber) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + CertVerificationResult* proto_result =
|
| + proto_cached_result->mutable_result();
|
| + CertVerificationCertificate* proto_certificate =
|
| + proto_result->mutable_verified_cert();
|
| + proto_certificate->set_cert_numbers(0, 100);
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest,
|
| + DeserializeCorruptedCachedResultPublicKeyHashes) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + CertVerificationCachedResult* proto_cached_result =
|
| + cache_entry->mutable_cached_result();
|
| + CertVerificationResult* proto_result =
|
| + proto_cached_result->mutable_result();
|
| + proto_result->add_public_key_hashes("");
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, DeserializeCorruptedVerificationTime) {
|
| + CertVerifyResult verify_result;
|
| + CertVerificationCache proto_cert_cache = VerifyAndSerializeCert(
|
| + "ok_cert.pem", "www.example.com", &verifier_, &verify_result);
|
| +
|
| + for (int i = 0; i < proto_cert_cache.cache_entry_size(); ++i) {
|
| + CertVerificationCacheEntry* cache_entry =
|
| + proto_cert_cache.mutable_cache_entry(i);
|
| + cache_entry->clear_verification_time();
|
| + }
|
| +
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + EXPECT_FALSE(DeserializeCertVerifierCache(proto_cert_cache, &verifier2));
|
| +}
|
| +
|
| +} // namespace net
|
|
|
Chromium Code Reviews
Issue 2021433004:
Cert - protobufs to serialize and deserialize CertVerifierCache. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@Add_support_for_walking_1999733002