| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/socket/ssl_client_socket.h" | 5 #include "net/socket/ssl_client_socket.h" |
| 6 | 6 |
| 7 #include <errno.h> | 7 #include <errno.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 695 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 706 const ct::EVCertsWhitelist*, | 706 const ct::EVCertsWhitelist*, |
| 707 const ct::SCTList&, | 707 const ct::SCTList&, |
| 708 const BoundNetLog&)); | 708 const BoundNetLog&)); |
| 709 }; | 709 }; |
| 710 | 710 |
| 711 class SSLClientSocketTest : public PlatformTest { | 711 class SSLClientSocketTest : public PlatformTest { |
| 712 public: | 712 public: |
| 713 SSLClientSocketTest() | 713 SSLClientSocketTest() |
| 714 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), | 714 : socket_factory_(ClientSocketFactory::GetDefaultFactory()), |
| 715 cert_verifier_(new MockCertVerifier), | 715 cert_verifier_(new MockCertVerifier), |
| 716 transport_security_state_(new TransportSecurityState) { | 716 transport_security_state_(new TransportSecurityState), |
| 717 ct_verifier_(new MockCTVerifier), |
| 718 ct_policy_enforcer_(new MockCTPolicyEnforcer) { |
| 717 cert_verifier_->set_default_result(OK); | 719 cert_verifier_->set_default_result(OK); |
| 718 context_.cert_verifier = cert_verifier_.get(); | 720 context_.cert_verifier = cert_verifier_.get(); |
| 719 context_.transport_security_state = transport_security_state_.get(); | 721 context_.transport_security_state = transport_security_state_.get(); |
| 722 context_.cert_transparency_verifier = ct_verifier_.get(); |
| 723 context_.ct_policy_enforcer = ct_policy_enforcer_.get(); |
| 724 |
| 725 EXPECT_CALL(*ct_verifier_, Verify(_, _, _, _, _)) |
| 726 .WillRepeatedly(Return(OK)); |
| 727 EXPECT_CALL(*ct_policy_enforcer_, DoesConformToCertPolicy(_, _, _)) |
| 728 .WillRepeatedly( |
| 729 Return(ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS)); |
| 730 EXPECT_CALL(*ct_policy_enforcer_, DoesConformToCTEVPolicy(_, _, _, _)) |
| 731 .WillRepeatedly( |
| 732 Return(ct::EVPolicyCompliance::EV_POLICY_COMPLIES_VIA_SCTS)); |
| 720 } | 733 } |
| 721 | 734 |
| 722 protected: | 735 protected: |
| 723 // The address of the spawned test server, after calling StartTestServer(). | 736 // The address of the spawned test server, after calling StartTestServer(). |
| 724 const AddressList& addr() const { return addr_; } | 737 const AddressList& addr() const { return addr_; } |
| 725 | 738 |
| 726 // The SpawnedTestServer object, after calling StartTestServer(). | 739 // The SpawnedTestServer object, after calling StartTestServer(). |
| 727 const SpawnedTestServer* spawned_test_server() const { | 740 const SpawnedTestServer* spawned_test_server() const { |
| 728 return spawned_test_server_.get(); | 741 return spawned_test_server_.get(); |
| 729 } | 742 } |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 801 // Get the MockCertVerifier to verify it as an EV cert. | 814 // Get the MockCertVerifier to verify it as an EV cert. |
| 802 CertVerifyResult verify_result; | 815 CertVerifyResult verify_result; |
| 803 verify_result.cert_status = status; | 816 verify_result.cert_status = status; |
| 804 verify_result.verified_cert = server_cert; | 817 verify_result.verified_cert = server_cert; |
| 805 cert_verifier_->AddResultForCert(server_cert.get(), verify_result, OK); | 818 cert_verifier_->AddResultForCert(server_cert.get(), verify_result, OK); |
| 806 } | 819 } |
| 807 | 820 |
| 808 ClientSocketFactory* socket_factory_; | 821 ClientSocketFactory* socket_factory_; |
| 809 std::unique_ptr<MockCertVerifier> cert_verifier_; | 822 std::unique_ptr<MockCertVerifier> cert_verifier_; |
| 810 std::unique_ptr<TransportSecurityState> transport_security_state_; | 823 std::unique_ptr<TransportSecurityState> transport_security_state_; |
| 824 std::unique_ptr<MockCTVerifier> ct_verifier_; |
| 825 std::unique_ptr<MockCTPolicyEnforcer> ct_policy_enforcer_; |
| 811 SSLClientSocketContext context_; | 826 SSLClientSocketContext context_; |
| 812 std::unique_ptr<SSLClientSocket> sock_; | 827 std::unique_ptr<SSLClientSocket> sock_; |
| 813 TestNetLog log_; | 828 TestNetLog log_; |
| 814 | 829 |
| 815 private: | 830 private: |
| 816 std::unique_ptr<SpawnedTestServer> spawned_test_server_; | 831 std::unique_ptr<SpawnedTestServer> spawned_test_server_; |
| 817 TestCompletionCallback callback_; | 832 TestCompletionCallback callback_; |
| 818 AddressList addr_; | 833 AddressList addr_; |
| 819 }; | 834 }; |
| 820 | 835 |
| (...skipping 2509 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3330 SSLInfo ssl_info; | 3345 SSLInfo ssl_info; |
| 3331 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); | 3346 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); |
| 3332 | 3347 |
| 3333 EXPECT_EQ(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, rv); | 3348 EXPECT_EQ(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, rv); |
| 3334 EXPECT_TRUE(sock_->IsConnected()); | 3349 EXPECT_TRUE(sock_->IsConnected()); |
| 3335 | 3350 |
| 3336 EXPECT_FALSE(ssl_info.pkp_bypassed); | 3351 EXPECT_FALSE(ssl_info.pkp_bypassed); |
| 3337 } | 3352 } |
| 3338 | 3353 |
| 3339 } // namespace net | 3354 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2067843003:
Require a CTVerifier and CTPolicyEnforcer for TLS/QUIC sockets (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master