| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "net/base/ip_endpoint.h" | 8 #include "net/base/ip_endpoint.h" |
| 9 #include "net/base/net_errors.h" | 9 #include "net/base/net_errors.h" |
| 10 #include "net/base/test_completion_callback.h" | 10 #include "net/base/test_completion_callback.h" |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 StringPiece chlo_hash, | 60 StringPiece chlo_hash, |
| 61 const vector<string>& certs, | 61 const vector<string>& certs, |
| 62 const string& proof, | 62 const string& proof, |
| 63 bool expected_ok) { | 63 bool expected_ok) { |
| 64 std::unique_ptr<ProofVerifyDetails> details; | 64 std::unique_ptr<ProofVerifyDetails> details; |
| 65 TestCompletionCallback comp_callback; | 65 TestCompletionCallback comp_callback; |
| 66 bool ok; | 66 bool ok; |
| 67 string error_details; | 67 string error_details; |
| 68 std::unique_ptr<ProofVerifyContext> verify_context( | 68 std::unique_ptr<ProofVerifyContext> verify_context( |
| 69 CryptoTestUtils::ProofVerifyContextForTesting()); | 69 CryptoTestUtils::ProofVerifyContextForTesting()); |
| 70 TestProofVerifierCallback* callback = | 70 std::unique_ptr<TestProofVerifierCallback> callback( |
| 71 new TestProofVerifierCallback(&comp_callback, &ok, &error_details); | 71 new TestProofVerifierCallback(&comp_callback, &ok, &error_details)); |
| 72 | 72 |
| 73 QuicAsyncStatus status = verifier->VerifyProof( | 73 QuicAsyncStatus status = verifier->VerifyProof( |
| 74 hostname, port, server_config, quic_version, chlo_hash, certs, "", proof, | 74 hostname, port, server_config, quic_version, chlo_hash, certs, "", proof, |
| 75 verify_context.get(), &error_details, &details, callback); | 75 verify_context.get(), &error_details, &details, std::move(callback)); |
| 76 | 76 |
| 77 switch (status) { | 77 switch (status) { |
| 78 case QUIC_FAILURE: | 78 case QUIC_FAILURE: |
| 79 delete callback; | |
| 80 ASSERT_FALSE(expected_ok); | 79 ASSERT_FALSE(expected_ok); |
| 81 ASSERT_NE("", error_details); | 80 ASSERT_NE("", error_details); |
| 82 return; | 81 return; |
| 83 case QUIC_SUCCESS: | 82 case QUIC_SUCCESS: |
| 84 delete callback; | |
| 85 ASSERT_TRUE(expected_ok); | 83 ASSERT_TRUE(expected_ok); |
| 86 ASSERT_EQ("", error_details); | 84 ASSERT_EQ("", error_details); |
| 87 return; | 85 return; |
| 88 case QUIC_PENDING: | 86 case QUIC_PENDING: |
| 89 comp_callback.WaitForResult(); | 87 comp_callback.WaitForResult(); |
| 90 ASSERT_EQ(expected_ok, ok); | 88 ASSERT_EQ(expected_ok, ok); |
| 91 break; | 89 break; |
| 92 } | 90 } |
| 93 } | 91 } |
| 94 | 92 |
| 95 // Reads the certificate named "quic_" + |file_name| in the test data directory. | 93 // Reads the certificate named "quic_" + |file_name| in the test data directory. |
| 96 // The certificate must be PEM encoded. Returns the DER-encoded certificate. | 94 // The certificate must be PEM encoded. Returns the DER-encoded certificate. |
| 97 string LoadTestCert(const string& file_name) { | 95 string LoadTestCert(const string& file_name) { |
| 98 base::FilePath certs_dir = GetTestCertsDirectory(); | 96 base::FilePath certs_dir = GetTestCertsDirectory(); |
| 99 scoped_refptr<X509Certificate> cert = | 97 scoped_refptr<X509Certificate> cert = |
| 100 ImportCertFromFile(certs_dir, "quic_" + file_name); | 98 ImportCertFromFile(certs_dir, "quic_" + file_name); |
| 101 CHECK_NE(static_cast<X509Certificate*>(nullptr), cert.get()); | 99 CHECK_NE(static_cast<X509Certificate*>(nullptr), cert.get()); |
| 102 | 100 |
| 103 string der_bytes; | 101 string der_bytes; |
| 104 CHECK(X509Certificate::GetDEREncoded(cert->os_cert_handle(), &der_bytes)); | 102 CHECK(X509Certificate::GetDEREncoded(cert->os_cert_handle(), &der_bytes)); |
| 105 return der_bytes; | 103 return der_bytes; |
| 106 } | 104 } |
| 107 | 105 |
| 106 class TestCallback : public ProofSource::Callback { |
| 107 public: |
| 108 explicit TestCallback(bool* called, |
| 109 bool* ok, |
| 110 scoped_refptr<ProofSource::Chain>* chain, |
| 111 string* signature, |
| 112 string* leaf_cert_sct) |
| 113 : called_(called), |
| 114 ok_(ok), |
| 115 chain_(chain), |
| 116 signature_(signature), |
| 117 leaf_cert_sct_(leaf_cert_sct) {} |
| 118 |
| 119 void Run(bool ok, |
| 120 const scoped_refptr<ProofSource::Chain>& chain, |
| 121 const string& signature, |
| 122 const string& leaf_cert_sct) override { |
| 123 *ok_ = ok; |
| 124 *chain_ = chain; |
| 125 *signature_ = signature; |
| 126 *leaf_cert_sct_ = leaf_cert_sct; |
| 127 *called_ = true; |
| 128 } |
| 129 |
| 130 private: |
| 131 bool* called_; |
| 132 bool* ok_; |
| 133 scoped_refptr<ProofSource::Chain>* chain_; |
| 134 string* signature_; |
| 135 string* leaf_cert_sct_; |
| 136 }; |
| 137 |
| 108 class ProofTest : public ::testing::TestWithParam<QuicVersion> {}; | 138 class ProofTest : public ::testing::TestWithParam<QuicVersion> {}; |
| 109 | 139 |
| 110 } // namespace | 140 } // namespace |
| 111 | 141 |
| 112 INSTANTIATE_TEST_CASE_P(QuicVersion, | 142 INSTANTIATE_TEST_CASE_P(QuicVersion, |
| 113 ProofTest, | 143 ProofTest, |
| 114 ::testing::ValuesIn(QuicSupportedVersions())); | 144 ::testing::ValuesIn(QuicSupportedVersions())); |
| 115 | 145 |
| 116 // TODO(rtenneti): Enable testing of ProofVerifier. See http://crbug.com/514468. | 146 // TODO(rtenneti): Enable testing of ProofVerifier. See http://crbug.com/514468. |
| 117 TEST_P(ProofTest, DISABLED_Verify) { | 147 TEST_P(ProofTest, DISABLED_Verify) { |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 164 | 194 |
| 165 vector<string> wrong_certs; | 195 vector<string> wrong_certs; |
| 166 for (size_t i = 1; i < chain->certs.size(); i++) { | 196 for (size_t i = 1; i < chain->certs.size(); i++) { |
| 167 wrong_certs.push_back(chain->certs[i]); | 197 wrong_certs.push_back(chain->certs[i]); |
| 168 } | 198 } |
| 169 | 199 |
| 170 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, | 200 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, |
| 171 first_chlo_hash, wrong_certs, corrupt_signature, false); | 201 first_chlo_hash, wrong_certs, corrupt_signature, false); |
| 172 } | 202 } |
| 173 | 203 |
| 204 TEST_P(ProofTest, VerifySourceAsync) { |
| 205 std::unique_ptr<ProofSource> source(CryptoTestUtils::ProofSourceForTesting()); |
| 206 |
| 207 const string server_config = "server config bytes"; |
| 208 const string hostname = "test.example.com"; |
| 209 const string first_chlo_hash = "first chlo hash bytes"; |
| 210 const string second_chlo_hash = "first chlo hash bytes"; |
| 211 const QuicVersion quic_version = GetParam(); |
| 212 IPAddress server_ip; |
| 213 |
| 214 // Call synchronous version |
| 215 scoped_refptr<ProofSource::Chain> expected_chain; |
| 216 string expected_signature; |
| 217 string expected_leaf_cert_sct; |
| 218 ASSERT_TRUE(source->GetProof(server_ip, hostname, server_config, quic_version, |
| 219 first_chlo_hash, false /* no ECDSA */, |
| 220 &expected_chain, &expected_signature, |
| 221 &expected_leaf_cert_sct)); |
| 222 |
| 223 // Call asynchronous version and compare results |
| 224 bool called = false; |
| 225 bool ok; |
| 226 scoped_refptr<ProofSource::Chain> chain; |
| 227 string signature; |
| 228 string leaf_cert_sct; |
| 229 std::unique_ptr<ProofSource::Callback> cb( |
| 230 new TestCallback(&called, &ok, &chain, &signature, &leaf_cert_sct)); |
| 231 source->GetProof(server_ip, hostname, server_config, quic_version, |
| 232 first_chlo_hash, false /* no ECDSA */, std::move(cb)); |
| 233 // TODO(gredner): whan GetProof really invokes the callback asynchronously, |
| 234 // figure out what to do here. |
| 235 ASSERT_TRUE(called); |
| 236 ASSERT_TRUE(ok); |
| 237 EXPECT_THAT(chain->certs, ::testing::ContainerEq(expected_chain->certs)); |
| 238 EXPECT_EQ(leaf_cert_sct, expected_leaf_cert_sct); |
| 239 } |
| 240 |
| 174 TEST_P(ProofTest, UseAfterFree) { | 241 TEST_P(ProofTest, UseAfterFree) { |
| 175 ProofSource* source = CryptoTestUtils::ProofSourceForTesting(); | 242 ProofSource* source = CryptoTestUtils::ProofSourceForTesting(); |
| 176 | 243 |
| 177 const string server_config = "server config bytes"; | 244 const string server_config = "server config bytes"; |
| 178 const string hostname = "test.example.com"; | 245 const string hostname = "test.example.com"; |
| 179 const string chlo_hash = "proof nonce bytes"; | 246 const string chlo_hash = "proof nonce bytes"; |
| 180 scoped_refptr<ProofSource::Chain> chain; | 247 scoped_refptr<ProofSource::Chain> chain; |
| 181 string error_details, signature, cert_sct; | 248 string error_details, signature, cert_sct; |
| 182 IPAddress server_ip; | 249 IPAddress server_ip; |
| 183 | 250 |
| (...skipping 225 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 409 for (size_t i = 1; i < certs.size(); i++) { | 476 for (size_t i = 1; i < certs.size(); i++) { |
| 410 wrong_certs.push_back(certs[i]); | 477 wrong_certs.push_back(certs[i]); |
| 411 } | 478 } |
| 412 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 479 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
| 413 chlo_hash, wrong_certs, signature, false); | 480 chlo_hash, wrong_certs, signature, false); |
| 414 } | 481 } |
| 415 } | 482 } |
| 416 | 483 |
| 417 } // namespace test | 484 } // namespace test |
| 418 } // namespace net | 485 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2130103002:
Landing Recent QUIC changes until 2016-07-02 02:45 UTC (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master