OLD | NEW |
(Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "net/cert/internal/trust_store_collection.h" |
| 6 |
| 7 #include "base/bind.h" |
| 8 #include "base/run_loop.h" |
| 9 #include "net/cert/internal/parsed_certificate.h" |
| 10 #include "net/cert/internal/test_helpers.h" |
| 11 #include "net/cert/internal/trust_store_static.h" |
| 12 #include "net/cert/internal/trust_store_test_helpers.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" |
| 14 |
| 15 namespace net { |
| 16 |
| 17 namespace { |
| 18 |
| 19 ::testing::AssertionResult ReadTestPem(const std::string& file_name, |
| 20 const std::string& block_name, |
| 21 std::string* result) { |
| 22 const PemBlockMapping mappings[] = { |
| 23 {block_name.c_str(), result}, |
| 24 }; |
| 25 |
| 26 return ReadTestDataFromPemFile(file_name, mappings); |
| 27 } |
| 28 |
| 29 ::testing::AssertionResult ReadTestCert( |
| 30 const std::string& file_name, |
| 31 scoped_refptr<ParsedCertificate>* result) { |
| 32 std::string der; |
| 33 ::testing::AssertionResult r = ReadTestPem( |
| 34 "net/data/ssl/certificates/" + file_name, "CERTIFICATE", &der); |
| 35 if (!r) |
| 36 return r; |
| 37 *result = ParsedCertificate::CreateFromCertificateCopy(der, {}); |
| 38 if (!*result) |
| 39 return ::testing::AssertionFailure() << "CreateFromCertificateCopy failed"; |
| 40 return ::testing::AssertionSuccess(); |
| 41 } |
| 42 |
| 43 void NotCalled(bool) { |
| 44 FAIL(); |
| 45 } |
| 46 |
| 47 // If all the stores in the collection return trust results synchronously, the |
| 48 // TrustStoreCollection itself should also return synchronously. |
| 49 TEST(TrustStoreCollection, StaticResultTrusted) { |
| 50 scoped_refptr<ParsedCertificate> cert; |
| 51 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 52 |
| 53 TrustStoreCollection trust_store_collection; |
| 54 TrustStoreStatic trust_store1; |
| 55 TrustStoreStatic trust_store2; |
| 56 trust_store1.AddTrustedCertificate(cert); |
| 57 trust_store2.AddTrustedCertificate(cert); |
| 58 trust_store_collection.AddStore(&trust_store1); |
| 59 trust_store_collection.AddStore(&trust_store2); |
| 60 |
| 61 bool trusted = false; |
| 62 std::unique_ptr<TrustStore::Request> request; |
| 63 trust_store_collection.IsTrustedCertificate(cert, base::Bind(&NotCalled), |
| 64 &trusted, &request); |
| 65 EXPECT_FALSE(request); |
| 66 EXPECT_TRUE(trusted); |
| 67 } |
| 68 |
| 69 // If all the stores in the collection return trust results synchronously, the |
| 70 // TrustStoreCollection itself should also return synchronously. |
| 71 TEST(TrustStoreCollection, StaticResultNotTrusted) { |
| 72 scoped_refptr<ParsedCertificate> cert; |
| 73 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 74 |
| 75 TrustStoreCollection trust_store_collection; |
| 76 TrustStoreStatic trust_store1; |
| 77 TrustStoreStatic trust_store2; |
| 78 trust_store_collection.AddStore(&trust_store1); |
| 79 trust_store_collection.AddStore(&trust_store2); |
| 80 |
| 81 bool trusted = true; |
| 82 std::unique_ptr<TrustStore::Request> request; |
| 83 trust_store_collection.IsTrustedCertificate(cert, base::Bind(&NotCalled), |
| 84 &trusted, &request); |
| 85 EXPECT_FALSE(request); |
| 86 EXPECT_FALSE(trusted); |
| 87 } |
| 88 |
| 89 // If a store returns a synchronous trusted result, result should be |
| 90 // synchronous even if there were already async requests started. |
| 91 TEST(TrustStoreCollection, SynchronousTrustedResultTakesPrecedenceOverAsync) { |
| 92 scoped_refptr<ParsedCertificate> cert; |
| 93 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 94 |
| 95 TrustStoreCollection trust_store_collection; |
| 96 AsyncTrustStoreStatic trust_store1; |
| 97 TrustStoreStatic trust_store2; |
| 98 trust_store1.AddTrustedCertificate(cert); |
| 99 trust_store2.AddTrustedCertificate(cert); |
| 100 trust_store_collection.AddStore(&trust_store1); |
| 101 trust_store_collection.AddStore(&trust_store2); |
| 102 |
| 103 bool trusted = false; |
| 104 std::unique_ptr<TrustStore::Request> request; |
| 105 trust_store_collection.IsTrustedCertificate(cert, base::Bind(&NotCalled), |
| 106 &trusted, &request); |
| 107 EXPECT_FALSE(request); |
| 108 EXPECT_TRUE(trusted); |
| 109 } |
| 110 |
| 111 // If a store returns a synchronous not trusted result and there are other |
| 112 // stores that are async, the result should wait for the async result. |
| 113 TEST(TrustStoreCollection, SynchronousUntrustedResultFallsBackToAsync) { |
| 114 scoped_refptr<ParsedCertificate> cert; |
| 115 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 116 |
| 117 TrustStoreCollection trust_store_collection; |
| 118 AsyncTrustStoreStatic trust_store1; |
| 119 TrustStoreStatic trust_store2; |
| 120 trust_store1.AddTrustedCertificate(cert); |
| 121 trust_store_collection.AddStore(&trust_store1); |
| 122 trust_store_collection.AddStore(&trust_store2); |
| 123 |
| 124 TrustResultRecorder result_recorder; |
| 125 bool unused_trusted = false; |
| 126 std::unique_ptr<TrustStore::Request> request; |
| 127 trust_store_collection.IsTrustedCertificate(cert, result_recorder.Callback(), |
| 128 &unused_trusted, &request); |
| 129 EXPECT_FALSE(unused_trusted); |
| 130 ASSERT_TRUE(request); |
| 131 EXPECT_TRUE(result_recorder.results().empty()); |
| 132 result_recorder.Run(); |
| 133 ASSERT_EQ(1U, result_recorder.results().size()); |
| 134 EXPECT_TRUE(result_recorder.results()[0]); |
| 135 } |
| 136 |
| 137 // The callback passed into TrustStoreCollection::IsTrustedCertificate should |
| 138 // only be called once, even if the collection itself issues multiple requests |
| 139 // that would each generate a callback. |
| 140 TEST(TrustStoreCollection, CallbackCalledOnlyOnce) { |
| 141 scoped_refptr<ParsedCertificate> cert; |
| 142 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 143 |
| 144 TrustStoreCollection trust_store_collection; |
| 145 AsyncTrustStoreStatic trust_store1; |
| 146 AsyncTrustStoreStatic trust_store2; |
| 147 trust_store1.AddTrustedCertificate(cert); |
| 148 trust_store2.AddTrustedCertificate(cert); |
| 149 trust_store_collection.AddStore(&trust_store1); |
| 150 trust_store_collection.AddStore(&trust_store2); |
| 151 |
| 152 TrustResultRecorder result_recorder; |
| 153 bool unused_trusted = false; |
| 154 std::unique_ptr<TrustStore::Request> request; |
| 155 trust_store_collection.IsTrustedCertificate(cert, result_recorder.Callback(), |
| 156 &unused_trusted, &request); |
| 157 ASSERT_TRUE(request); |
| 158 EXPECT_FALSE(unused_trusted); |
| 159 EXPECT_TRUE(result_recorder.results().empty()); |
| 160 result_recorder.Run(); |
| 161 ASSERT_EQ(1U, result_recorder.results().size()); |
| 162 EXPECT_TRUE(result_recorder.results()[0]); |
| 163 |
| 164 base::RunLoop().RunUntilIdle(); |
| 165 ASSERT_EQ(1U, result_recorder.results().size()); |
| 166 } |
| 167 |
| 168 // If the Request is cancelled, the callback should not be called. |
| 169 TEST(TrustStoreCollection, RequestDeletedBeforeCallback) { |
| 170 scoped_refptr<ParsedCertificate> cert; |
| 171 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 172 |
| 173 TrustStoreCollection trust_store_collection; |
| 174 AsyncTrustStoreStatic trust_store1; |
| 175 AsyncTrustStoreStatic trust_store2; |
| 176 trust_store1.AddTrustedCertificate(cert); |
| 177 trust_store2.AddTrustedCertificate(cert); |
| 178 trust_store_collection.AddStore(&trust_store1); |
| 179 trust_store_collection.AddStore(&trust_store2); |
| 180 |
| 181 TrustResultRecorder result_recorder; |
| 182 bool unused_trusted = false; |
| 183 std::unique_ptr<TrustStore::Request> request; |
| 184 trust_store_collection.IsTrustedCertificate( |
| 185 cert, base::Bind(&TrustResultRecorder::HandleResult, |
| 186 base::Unretained(&result_recorder)), |
| 187 &unused_trusted, &request); |
| 188 ASSERT_TRUE(request); |
| 189 EXPECT_FALSE(unused_trusted); |
| 190 EXPECT_TRUE(result_recorder.results().empty()); |
| 191 |
| 192 request.reset(); |
| 193 |
| 194 base::RunLoop().RunUntilIdle(); |
| 195 |
| 196 EXPECT_TRUE(result_recorder.results().empty()); |
| 197 } |
| 198 |
| 199 // If the Request is cancelled after receiving the result, but while there could |
| 200 // still be sub-Requests pending, make sure nothing crashes. |
| 201 TEST(TrustStoreCollection, RequestDeletedAfterFirstSubCallback) { |
| 202 scoped_refptr<ParsedCertificate> cert; |
| 203 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 204 |
| 205 TrustStoreCollection trust_store_collection; |
| 206 AsyncTrustStoreStatic trust_store1; |
| 207 AsyncTrustStoreStatic trust_store2; |
| 208 trust_store1.AddTrustedCertificate(cert); |
| 209 trust_store2.AddTrustedCertificate(cert); |
| 210 trust_store_collection.AddStore(&trust_store1); |
| 211 trust_store_collection.AddStore(&trust_store2); |
| 212 |
| 213 TrustResultRecorder result_recorder; |
| 214 bool unused_trusted = false; |
| 215 std::unique_ptr<TrustStore::Request> request; |
| 216 trust_store_collection.IsTrustedCertificate( |
| 217 cert, base::Bind(&TrustResultRecorder::HandleResult, |
| 218 base::Unretained(&result_recorder)), |
| 219 &unused_trusted, &request); |
| 220 ASSERT_TRUE(request); |
| 221 EXPECT_FALSE(unused_trusted); |
| 222 EXPECT_TRUE(result_recorder.results().empty()); |
| 223 result_recorder.Run(); |
| 224 ASSERT_EQ(1U, result_recorder.results().size()); |
| 225 EXPECT_TRUE(result_recorder.results()[0]); |
| 226 |
| 227 request.reset(); |
| 228 |
| 229 base::RunLoop().RunUntilIdle(); |
| 230 ASSERT_EQ(1U, result_recorder.results().size()); |
| 231 } |
| 232 |
| 233 // If the Request is cancelled during the callback, shouldn't crash. |
| 234 TEST(TrustStoreCollection, RequestDeletedDuringCallback) { |
| 235 scoped_refptr<ParsedCertificate> cert; |
| 236 ASSERT_TRUE(ReadTestCert("root_ca_cert.pem", &cert)); |
| 237 |
| 238 TrustStoreCollection trust_store_collection; |
| 239 AsyncTrustStoreStatic trust_store1; |
| 240 AsyncTrustStoreStatic trust_store2; |
| 241 trust_store1.AddTrustedCertificate(cert); |
| 242 trust_store2.AddTrustedCertificate(cert); |
| 243 trust_store_collection.AddStore(&trust_store1); |
| 244 trust_store_collection.AddStore(&trust_store2); |
| 245 |
| 246 bool unused_trusted = false; |
| 247 base::RunLoop run_loop; |
| 248 std::unique_ptr<TrustStore::Request> request; |
| 249 trust_store_collection.IsTrustedCertificate( |
| 250 cert, base::Bind(&TrustRequestDeleter, &request, run_loop.QuitClosure()), |
| 251 &unused_trusted, &request); |
| 252 ASSERT_TRUE(request); |
| 253 run_loop.Run(); |
| 254 ASSERT_FALSE(request); |
| 255 base::RunLoop().RunUntilIdle(); |
| 256 } |
| 257 |
| 258 |
| 259 } // namespace |
| 260 |
| 261 } // namespace net |
OLD | NEW |