Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(312)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_unittest.cc

Issue 2539933002: Roll src/third_party/boringssl/src e1cc35e58..f086df9f5 (Closed)
Patch Set: Fix SCT test. Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « DEPS ('k') | third_party/boringssl/BUILD.generated.gni » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket.h" 5 #include "net/socket/ssl_client_socket.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <utility> 10 #include <utility>
(...skipping 2280 matching lines...) Expand 10 before | Expand all | Expand 10 after
2291 ssl_options.client_cert_types.push_back(CLIENT_CERT_RSA_SIGN); 2291 ssl_options.client_cert_types.push_back(CLIENT_CERT_RSA_SIGN);
2292 ssl_options.client_cert_types.push_back(CLIENT_CERT_ECDSA_SIGN); 2292 ssl_options.client_cert_types.push_back(CLIENT_CERT_ECDSA_SIGN);
2293 scoped_refptr<SSLCertRequestInfo> request_info = GetCertRequest(ssl_options); 2293 scoped_refptr<SSLCertRequestInfo> request_info = GetCertRequest(ssl_options);
2294 ASSERT_TRUE(request_info.get()); 2294 ASSERT_TRUE(request_info.get());
2295 ASSERT_EQ(2u, request_info->cert_key_types.size()); 2295 ASSERT_EQ(2u, request_info->cert_key_types.size());
2296 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, request_info->cert_key_types[0]); 2296 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, request_info->cert_key_types[0]);
2297 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, request_info->cert_key_types[1]); 2297 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, request_info->cert_key_types[1]);
2298 } 2298 }
2299 2299
2300 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsEnabledTLSExtension) { 2300 TEST_F(SSLClientSocketTest, ConnectSignedCertTimestampsEnabledTLSExtension) {
2301 // Encoding of SCT List containing 'test'.
2302 std::string sct_ext("\x00\x06\x00\x04test", 8);
2303
2301 SpawnedTestServer::SSLOptions ssl_options; 2304 SpawnedTestServer::SSLOptions ssl_options;
2302 ssl_options.signed_cert_timestamps_tls_ext = "test"; 2305 ssl_options.signed_cert_timestamps_tls_ext = sct_ext;
2303
2304 ASSERT_TRUE(StartTestServer(ssl_options)); 2306 ASSERT_TRUE(StartTestServer(ssl_options));
2305 2307
2306 SSLConfig ssl_config; 2308 SSLConfig ssl_config;
2307 ssl_config.signed_cert_timestamps_enabled = true; 2309 ssl_config.signed_cert_timestamps_enabled = true;
2308 2310
2309 MockCTVerifier ct_verifier; 2311 MockCTVerifier ct_verifier;
2310 SetCTVerifier(&ct_verifier); 2312 SetCTVerifier(&ct_verifier);
2311 2313
2312 // Check that the SCT list is extracted as expected. 2314 // Check that the SCT list is extracted as expected.
2313 EXPECT_CALL(ct_verifier, Verify(_, "", "test", _, _)).WillRepeatedly( 2315 EXPECT_CALL(ct_verifier, Verify(_, "", sct_ext, _, _))
2314 Return(ERR_CT_NO_SCTS_VERIFIED_OK)); 2316 .WillRepeatedly(Return(ERR_CT_NO_SCTS_VERIFIED_OK));
2315 2317
2316 int rv; 2318 int rv;
2317 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); 2319 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
2318 EXPECT_THAT(rv, IsOk()); 2320 EXPECT_THAT(rv, IsOk());
2319 2321
2320 EXPECT_TRUE(sock_->signed_cert_timestamps_received_); 2322 EXPECT_TRUE(sock_->signed_cert_timestamps_received_);
2321 } 2323 }
2322 2324
2323 // Test that when an EV certificate is received, but no CT verifier 2325 // Test that when an EV certificate is received, but no CT verifier
2324 // or certificate policy enforcer are defined, then the EV status 2326 // or certificate policy enforcer are defined, then the EV status
(...skipping 1341 matching lines...) Expand 10 before | Expand all | Expand 10 after
3666 // Replace it with an alert. 3668 // Replace it with an alert.
3667 raw_transport->ReplaceReadResult( 3669 raw_transport->ReplaceReadResult(
3668 FormatTLS12Alert(49 /* AlertDescription.access_denied */)); 3670 FormatTLS12Alert(49 /* AlertDescription.access_denied */));
3669 raw_transport->UnblockReadResult(); 3671 raw_transport->UnblockReadResult();
3670 3672
3671 rv = callback.GetResult(rv); 3673 rv = callback.GetResult(rv);
3672 EXPECT_THAT(rv, IsError(ERR_BAD_SSL_CLIENT_AUTH_CERT)); 3674 EXPECT_THAT(rv, IsError(ERR_BAD_SSL_CLIENT_AUTH_CERT));
3673 } 3675 }
3674 3676
3675 } // namespace net 3677 } // namespace net
OLDNEW
« no previous file with comments | « DEPS ('k') | third_party/boringssl/BUILD.generated.gni » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698