| Index: net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| diff --git a/net/extras/cert/cert_verifier_cache_persister_unittest.cc b/net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..7e0f99ecec9b58fd9fb375b11c905334e1799d75
|
| --- /dev/null
|
| +++ b/net/extras/cert/cert_verifier_cache_persister_unittest.cc
|
| @@ -0,0 +1,201 @@
|
| +// Copyright (c) 2016 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "net/extras/cert/cert_verifier_cache_persister.h"
|
| +
|
| +#include <memory>
|
| +
|
| +#include "base/files/file_path.h"
|
| +#include "base/memory/ptr_util.h"
|
| +#include "base/memory/ref_counted.h"
|
| +#include "net/base/net_errors.h"
|
| +#include "net/base/test_completion_callback.h"
|
| +#include "net/base/test_data_directory.h"
|
| +#include "net/cert/caching_cert_verifier.h"
|
| +#include "net/cert/cert_verifier.h"
|
| +#include "net/cert/cert_verify_result.h"
|
| +#include "net/cert/mock_cert_verifier.h"
|
| +#include "net/cert/x509_certificate.h"
|
| +#include "net/log/net_log.h"
|
| +#include "net/test/cert_test_util.h"
|
| +#include "testing/gmock/include/gmock/gmock.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +
|
| +namespace net {
|
| +
|
| +class CertVerifierCachePersisterTest : public ::testing::Test {
|
| + public:
|
| + CertVerifierCachePersisterTest()
|
| + : verifier_(base::MakeUnique<MockCertVerifier>()),
|
| + persister_(&verifier_) {}
|
| + ~CertVerifierCachePersisterTest() override {}
|
| +
|
| + protected:
|
| + CachingCertVerifier verifier_;
|
| + CertVerifierCachePersister persister_;
|
| +};
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreEmptyData) {
|
| + // Restoring empty data should fail.
|
| + EXPECT_FALSE(persister_.LoadCache(std::string()));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreCorruptedData) {
|
| + // Restoring corrupted data should fail.
|
| + EXPECT_FALSE(persister_.LoadCache(std::string("junk")));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, SerializeCache) {
|
| + base::FilePath certs_dir = GetTestCertsDirectory();
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(certs_dir, "ok_cert.pem"));
|
| + ASSERT_TRUE(ok_cert.get());
|
| +
|
| + int error;
|
| + CertVerifyResult verify_result;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, "www.example.com", 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string data;
|
| + persister_.SerializeCache(&data);
|
| + EXPECT_FALSE(data.empty());
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreExistingEntry) {
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| + ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
|
| +
|
| + int error;
|
| + CertVerifyResult verify_result;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, "www.example.com", 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string data;
|
| + persister_.SerializeCache(&data);
|
| + EXPECT_FALSE(data.empty());
|
| +
|
| + // Restore the cache data for an existing entry should fail.
|
| + EXPECT_FALSE(persister_.LoadCache(data));
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreDataIntoNewVerifier) {
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| + ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
|
| +
|
| + int error;
|
| + std::string example_hostname("www.example.com");
|
| + CertVerifyResult verify_result;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string data;
|
| + persister_.SerializeCache(&data);
|
| + EXPECT_FALSE(data.empty());
|
| +
|
| + // Create a new Verifier and restoring the data into it should succeed.
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + CertVerifierCachePersister persister2(&verifier2);
|
| + EXPECT_TRUE(persister2.LoadCache(data));
|
| +
|
| + CertVerifyResult verify_result2;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify_result2, callback.callback(), &request, BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verify_result2.cert_status, verify_result.cert_status);
|
| +}
|
| +
|
| +TEST_F(CertVerifierCachePersisterTest, RestoreMultipleEntriesIntoNewVerifier) {
|
| + scoped_refptr<X509Certificate> ok_cert(
|
| + ImportCertFromFile(GetTestCertsDirectory(), "ok_cert.pem"));
|
| + ASSERT_NE(static_cast<X509Certificate*>(NULL), ok_cert.get());
|
| +
|
| + const scoped_refptr<X509Certificate> root_cert =
|
| + ImportCertFromFile(GetTestCertsDirectory(), "root_ca_cert.pem");
|
| + ASSERT_TRUE(root_cert.get());
|
| +
|
| + // Create a certificate that contains both a leaf and an intermediate/root.
|
| + X509Certificate::OSCertHandles chain;
|
| + chain.push_back(root_cert->os_cert_handle());
|
| + const scoped_refptr<X509Certificate> combined_cert =
|
| + X509Certificate::CreateFromHandle(ok_cert->os_cert_handle(), chain);
|
| + ASSERT_TRUE(combined_cert.get());
|
| +
|
| + int error;
|
| + std::string example_hostname("www.example.com");
|
| + CertVerifyResult verify1_result1;
|
| + TestCompletionCallback callback;
|
| + std::unique_ptr<CertVerifier::Request> request;
|
| +
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify1_result1, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string example2_hostname("www.example2.com");
|
| + CertVerifyResult verify1_result2;
|
| + error = callback.GetResult(verifier_.Verify(
|
| + CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
|
| + std::string(), CertificateList()),
|
| + nullptr, &verify1_result2, callback.callback(), &request, BoundNetLog()));
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| +
|
| + std::string data;
|
| + persister_.SerializeCache(&data);
|
| + EXPECT_FALSE(data.empty());
|
| +
|
| + // Create a new Verifier and restoring the data into it should succeed.
|
| + CachingCertVerifier verifier2(base::MakeUnique<MockCertVerifier>());
|
| + CertVerifierCachePersister persister2(&verifier2);
|
| + EXPECT_TRUE(persister2.LoadCache(data));
|
| +
|
| + CertVerifyResult verify2_result1;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(ok_cert, example_hostname, 0, std::string(),
|
| + CertificateList()),
|
| + nullptr, &verify2_result1, callback.callback(), &request, BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verify2_result1.cert_status, verify1_result1.cert_status);
|
| +
|
| + CertVerifyResult verify2_result2;
|
| + error = callback.GetResult(verifier2.Verify(
|
| + CertVerifier::RequestParams(combined_cert, example2_hostname, 0,
|
| + std::string(), CertificateList()),
|
| + nullptr, &verify2_result2, callback.callback(), &request, BoundNetLog()));
|
| + // Synchronous completion and verify it is same as serialized data.
|
| + ASSERT_NE(ERR_IO_PENDING, error);
|
| + ASSERT_TRUE(IsCertificateError(error));
|
| + ASSERT_FALSE(request);
|
| + EXPECT_EQ(verify2_result2.cert_status, verify1_result2.cert_status);
|
| +}
|
| +
|
| +} // namespace net
|
|
|
Chromium Code Reviews
Issue 2021433004:
Cert - protobufs to serialize and deserialize CertVerifierCache. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@Add_support_for_walking_1999733002