| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/server_bound_cert_service.h" | 5 #include "net/ssl/server_bound_cert_service.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 112 err, | 112 err, |
| 113 server_identifier_, | 113 server_identifier_, |
| 114 expiration_time, | 114 expiration_time, |
| 115 private_key, | 115 private_key, |
| 116 cert)); | 116 cert)); |
| 117 } | 117 } |
| 118 | 118 |
| 119 class ServerBoundCertServiceTest : public testing::Test { | 119 class ServerBoundCertServiceTest : public testing::Test { |
| 120 public: | 120 public: |
| 121 ServerBoundCertServiceTest() | 121 ServerBoundCertServiceTest() |
| 122 : service_(new ServerBoundCertService( | 122 : service_( |
| 123 new DefaultServerBoundCertStore(NULL), | 123 new ServerBoundCertService(new DefaultServerBoundCertStore(NULL), |
| 124 base::MessageLoopProxy::current())) { | 124 base::MessageLoopProxy::current())) {} |
| 125 } | |
| 126 | 125 |
| 127 protected: | 126 protected: |
| 128 scoped_ptr<ServerBoundCertService> service_; | 127 scoped_ptr<ServerBoundCertService> service_; |
| 129 }; | 128 }; |
| 130 | 129 |
| 131 TEST_F(ServerBoundCertServiceTest, GetDomainForHost) { | 130 TEST_F(ServerBoundCertServiceTest, GetDomainForHost) { |
| 132 EXPECT_EQ("google.com", | 131 EXPECT_EQ("google.com", |
| 133 ServerBoundCertService::GetDomainForHost("google.com")); | 132 ServerBoundCertService::GetDomainForHost("google.com")); |
| 134 EXPECT_EQ("google.com", | 133 EXPECT_EQ("google.com", |
| 135 ServerBoundCertService::GetDomainForHost("www.google.com")); | 134 ServerBoundCertService::GetDomainForHost("www.google.com")); |
| 136 EXPECT_EQ("foo.appspot.com", | 135 EXPECT_EQ("foo.appspot.com", |
| 137 ServerBoundCertService::GetDomainForHost("foo.appspot.com")); | 136 ServerBoundCertService::GetDomainForHost("foo.appspot.com")); |
| 138 EXPECT_EQ("bar.appspot.com", | 137 EXPECT_EQ("bar.appspot.com", |
| 139 ServerBoundCertService::GetDomainForHost("foo.bar.appspot.com")); | 138 ServerBoundCertService::GetDomainForHost("foo.bar.appspot.com")); |
| 140 EXPECT_EQ("appspot.com", | 139 EXPECT_EQ("appspot.com", |
| 141 ServerBoundCertService::GetDomainForHost("appspot.com")); | 140 ServerBoundCertService::GetDomainForHost("appspot.com")); |
| 142 EXPECT_EQ("google.com", | 141 EXPECT_EQ("google.com", |
| 143 ServerBoundCertService::GetDomainForHost("www.mail.google.com")); | 142 ServerBoundCertService::GetDomainForHost("www.mail.google.com")); |
| 144 EXPECT_EQ("goto", | 143 EXPECT_EQ("goto", ServerBoundCertService::GetDomainForHost("goto")); |
| 145 ServerBoundCertService::GetDomainForHost("goto")); | 144 EXPECT_EQ("127.0.0.1", ServerBoundCertService::GetDomainForHost("127.0.0.1")); |
| 146 EXPECT_EQ("127.0.0.1", | |
| 147 ServerBoundCertService::GetDomainForHost("127.0.0.1")); | |
| 148 } | 145 } |
| 149 | 146 |
| 150 TEST_F(ServerBoundCertServiceTest, GetCacheMiss) { | 147 TEST_F(ServerBoundCertServiceTest, GetCacheMiss) { |
| 151 std::string host("encrypted.google.com"); | 148 std::string host("encrypted.google.com"); |
| 152 | 149 |
| 153 int error; | 150 int error; |
| 154 TestCompletionCallback callback; | 151 TestCompletionCallback callback; |
| 155 ServerBoundCertService::RequestHandle request_handle; | 152 ServerBoundCertService::RequestHandle request_handle; |
| 156 | 153 |
| 157 // Synchronous completion, because the store is initialized. | 154 // Synchronous completion, because the store is initialized. |
| (...skipping 10 matching lines...) Expand all Loading... |
| 168 TEST_F(ServerBoundCertServiceTest, CacheHit) { | 165 TEST_F(ServerBoundCertServiceTest, CacheHit) { |
| 169 std::string host("encrypted.google.com"); | 166 std::string host("encrypted.google.com"); |
| 170 | 167 |
| 171 int error; | 168 int error; |
| 172 TestCompletionCallback callback; | 169 TestCompletionCallback callback; |
| 173 ServerBoundCertService::RequestHandle request_handle; | 170 ServerBoundCertService::RequestHandle request_handle; |
| 174 | 171 |
| 175 // Asynchronous completion. | 172 // Asynchronous completion. |
| 176 std::string private_key_info1, der_cert1; | 173 std::string private_key_info1, der_cert1; |
| 177 EXPECT_EQ(0, service_->cert_count()); | 174 EXPECT_EQ(0, service_->cert_count()); |
| 178 error = service_->GetOrCreateDomainBoundCert( | 175 error = service_->GetOrCreateDomainBoundCert(host, |
| 179 host, &private_key_info1, &der_cert1, | 176 &private_key_info1, |
| 180 callback.callback(), &request_handle); | 177 &der_cert1, |
| 178 callback.callback(), |
| 179 &request_handle); |
| 181 EXPECT_EQ(ERR_IO_PENDING, error); | 180 EXPECT_EQ(ERR_IO_PENDING, error); |
| 182 EXPECT_TRUE(request_handle.is_active()); | 181 EXPECT_TRUE(request_handle.is_active()); |
| 183 error = callback.WaitForResult(); | 182 error = callback.WaitForResult(); |
| 184 EXPECT_EQ(OK, error); | 183 EXPECT_EQ(OK, error); |
| 185 EXPECT_EQ(1, service_->cert_count()); | 184 EXPECT_EQ(1, service_->cert_count()); |
| 186 EXPECT_FALSE(private_key_info1.empty()); | 185 EXPECT_FALSE(private_key_info1.empty()); |
| 187 EXPECT_FALSE(der_cert1.empty()); | 186 EXPECT_FALSE(der_cert1.empty()); |
| 188 EXPECT_FALSE(request_handle.is_active()); | 187 EXPECT_FALSE(request_handle.is_active()); |
| 189 | 188 |
| 190 // Synchronous completion. | 189 // Synchronous completion. |
| 191 std::string private_key_info2, der_cert2; | 190 std::string private_key_info2, der_cert2; |
| 192 error = service_->GetOrCreateDomainBoundCert( | 191 error = service_->GetOrCreateDomainBoundCert(host, |
| 193 host, &private_key_info2, &der_cert2, | 192 &private_key_info2, |
| 194 callback.callback(), &request_handle); | 193 &der_cert2, |
| 194 callback.callback(), |
| 195 &request_handle); |
| 195 EXPECT_FALSE(request_handle.is_active()); | 196 EXPECT_FALSE(request_handle.is_active()); |
| 196 EXPECT_EQ(OK, error); | 197 EXPECT_EQ(OK, error); |
| 197 EXPECT_EQ(1, service_->cert_count()); | 198 EXPECT_EQ(1, service_->cert_count()); |
| 198 EXPECT_EQ(private_key_info1, private_key_info2); | 199 EXPECT_EQ(private_key_info1, private_key_info2); |
| 199 EXPECT_EQ(der_cert1, der_cert2); | 200 EXPECT_EQ(der_cert1, der_cert2); |
| 200 | 201 |
| 201 // Synchronous get. | 202 // Synchronous get. |
| 202 std::string private_key_info3, der_cert3; | 203 std::string private_key_info3, der_cert3; |
| 203 error = service_->GetDomainBoundCert( | 204 error = service_->GetDomainBoundCert(host, |
| 204 host, &private_key_info3, &der_cert3, callback.callback(), | 205 &private_key_info3, |
| 205 &request_handle); | 206 &der_cert3, |
| 207 callback.callback(), |
| 208 &request_handle); |
| 206 EXPECT_FALSE(request_handle.is_active()); | 209 EXPECT_FALSE(request_handle.is_active()); |
| 207 EXPECT_EQ(OK, error); | 210 EXPECT_EQ(OK, error); |
| 208 EXPECT_EQ(1, service_->cert_count()); | 211 EXPECT_EQ(1, service_->cert_count()); |
| 209 EXPECT_EQ(der_cert1, der_cert3); | 212 EXPECT_EQ(der_cert1, der_cert3); |
| 210 EXPECT_EQ(private_key_info1, private_key_info3); | 213 EXPECT_EQ(private_key_info1, private_key_info3); |
| 211 | 214 |
| 212 EXPECT_EQ(3u, service_->requests()); | 215 EXPECT_EQ(3u, service_->requests()); |
| 213 EXPECT_EQ(2u, service_->cert_store_hits()); | 216 EXPECT_EQ(2u, service_->cert_store_hits()); |
| 214 EXPECT_EQ(0u, service_->inflight_joins()); | 217 EXPECT_EQ(0u, service_->inflight_joins()); |
| 215 } | 218 } |
| 216 | 219 |
| 217 TEST_F(ServerBoundCertServiceTest, StoreCerts) { | 220 TEST_F(ServerBoundCertServiceTest, StoreCerts) { |
| 218 int error; | 221 int error; |
| 219 TestCompletionCallback callback; | 222 TestCompletionCallback callback; |
| 220 ServerBoundCertService::RequestHandle request_handle; | 223 ServerBoundCertService::RequestHandle request_handle; |
| 221 | 224 |
| 222 std::string host1("encrypted.google.com"); | 225 std::string host1("encrypted.google.com"); |
| 223 std::string private_key_info1, der_cert1; | 226 std::string private_key_info1, der_cert1; |
| 224 EXPECT_EQ(0, service_->cert_count()); | 227 EXPECT_EQ(0, service_->cert_count()); |
| 225 error = service_->GetOrCreateDomainBoundCert( | 228 error = service_->GetOrCreateDomainBoundCert(host1, |
| 226 host1, &private_key_info1, &der_cert1, | 229 &private_key_info1, |
| 227 callback.callback(), &request_handle); | 230 &der_cert1, |
| 231 callback.callback(), |
| 232 &request_handle); |
| 228 EXPECT_EQ(ERR_IO_PENDING, error); | 233 EXPECT_EQ(ERR_IO_PENDING, error); |
| 229 EXPECT_TRUE(request_handle.is_active()); | 234 EXPECT_TRUE(request_handle.is_active()); |
| 230 error = callback.WaitForResult(); | 235 error = callback.WaitForResult(); |
| 231 EXPECT_EQ(OK, error); | 236 EXPECT_EQ(OK, error); |
| 232 EXPECT_EQ(1, service_->cert_count()); | 237 EXPECT_EQ(1, service_->cert_count()); |
| 233 | 238 |
| 234 std::string host2("www.verisign.com"); | 239 std::string host2("www.verisign.com"); |
| 235 std::string private_key_info2, der_cert2; | 240 std::string private_key_info2, der_cert2; |
| 236 error = service_->GetOrCreateDomainBoundCert( | 241 error = service_->GetOrCreateDomainBoundCert(host2, |
| 237 host2, &private_key_info2, &der_cert2, | 242 &private_key_info2, |
| 238 callback.callback(), &request_handle); | 243 &der_cert2, |
| 244 callback.callback(), |
| 245 &request_handle); |
| 239 EXPECT_EQ(ERR_IO_PENDING, error); | 246 EXPECT_EQ(ERR_IO_PENDING, error); |
| 240 EXPECT_TRUE(request_handle.is_active()); | 247 EXPECT_TRUE(request_handle.is_active()); |
| 241 error = callback.WaitForResult(); | 248 error = callback.WaitForResult(); |
| 242 EXPECT_EQ(OK, error); | 249 EXPECT_EQ(OK, error); |
| 243 EXPECT_EQ(2, service_->cert_count()); | 250 EXPECT_EQ(2, service_->cert_count()); |
| 244 | 251 |
| 245 std::string host3("www.twitter.com"); | 252 std::string host3("www.twitter.com"); |
| 246 std::string private_key_info3, der_cert3; | 253 std::string private_key_info3, der_cert3; |
| 247 error = service_->GetOrCreateDomainBoundCert( | 254 error = service_->GetOrCreateDomainBoundCert(host3, |
| 248 host3, &private_key_info3, &der_cert3, | 255 &private_key_info3, |
| 249 callback.callback(), &request_handle); | 256 &der_cert3, |
| 257 callback.callback(), |
| 258 &request_handle); |
| 250 EXPECT_EQ(ERR_IO_PENDING, error); | 259 EXPECT_EQ(ERR_IO_PENDING, error); |
| 251 EXPECT_TRUE(request_handle.is_active()); | 260 EXPECT_TRUE(request_handle.is_active()); |
| 252 error = callback.WaitForResult(); | 261 error = callback.WaitForResult(); |
| 253 EXPECT_EQ(OK, error); | 262 EXPECT_EQ(OK, error); |
| 254 EXPECT_EQ(3, service_->cert_count()); | 263 EXPECT_EQ(3, service_->cert_count()); |
| 255 | 264 |
| 256 EXPECT_NE(private_key_info1, private_key_info2); | 265 EXPECT_NE(private_key_info1, private_key_info2); |
| 257 EXPECT_NE(der_cert1, der_cert2); | 266 EXPECT_NE(der_cert1, der_cert2); |
| 258 EXPECT_NE(private_key_info1, private_key_info3); | 267 EXPECT_NE(private_key_info1, private_key_info3); |
| 259 EXPECT_NE(der_cert1, der_cert3); | 268 EXPECT_NE(der_cert1, der_cert3); |
| 260 EXPECT_NE(private_key_info2, private_key_info3); | 269 EXPECT_NE(private_key_info2, private_key_info3); |
| 261 EXPECT_NE(der_cert2, der_cert3); | 270 EXPECT_NE(der_cert2, der_cert3); |
| 262 } | 271 } |
| 263 | 272 |
| 264 // Tests an inflight join. | 273 // Tests an inflight join. |
| 265 TEST_F(ServerBoundCertServiceTest, InflightJoin) { | 274 TEST_F(ServerBoundCertServiceTest, InflightJoin) { |
| 266 std::string host("encrypted.google.com"); | 275 std::string host("encrypted.google.com"); |
| 267 int error; | 276 int error; |
| 268 | 277 |
| 269 std::string private_key_info1, der_cert1; | 278 std::string private_key_info1, der_cert1; |
| 270 TestCompletionCallback callback1; | 279 TestCompletionCallback callback1; |
| 271 ServerBoundCertService::RequestHandle request_handle1; | 280 ServerBoundCertService::RequestHandle request_handle1; |
| 272 | 281 |
| 273 std::string private_key_info2, der_cert2; | 282 std::string private_key_info2, der_cert2; |
| 274 TestCompletionCallback callback2; | 283 TestCompletionCallback callback2; |
| 275 ServerBoundCertService::RequestHandle request_handle2; | 284 ServerBoundCertService::RequestHandle request_handle2; |
| 276 | 285 |
| 277 error = service_->GetOrCreateDomainBoundCert( | 286 error = service_->GetOrCreateDomainBoundCert(host, |
| 278 host, &private_key_info1, &der_cert1, | 287 &private_key_info1, |
| 279 callback1.callback(), &request_handle1); | 288 &der_cert1, |
| 289 callback1.callback(), |
| 290 &request_handle1); |
| 280 EXPECT_EQ(ERR_IO_PENDING, error); | 291 EXPECT_EQ(ERR_IO_PENDING, error); |
| 281 EXPECT_TRUE(request_handle1.is_active()); | 292 EXPECT_TRUE(request_handle1.is_active()); |
| 282 // Should join with the original request. | 293 // Should join with the original request. |
| 283 error = service_->GetOrCreateDomainBoundCert( | 294 error = service_->GetOrCreateDomainBoundCert(host, |
| 284 host, &private_key_info2, &der_cert2, | 295 &private_key_info2, |
| 285 callback2.callback(), &request_handle2); | 296 &der_cert2, |
| 297 callback2.callback(), |
| 298 &request_handle2); |
| 286 EXPECT_EQ(ERR_IO_PENDING, error); | 299 EXPECT_EQ(ERR_IO_PENDING, error); |
| 287 EXPECT_TRUE(request_handle2.is_active()); | 300 EXPECT_TRUE(request_handle2.is_active()); |
| 288 | 301 |
| 289 error = callback1.WaitForResult(); | 302 error = callback1.WaitForResult(); |
| 290 EXPECT_EQ(OK, error); | 303 EXPECT_EQ(OK, error); |
| 291 error = callback2.WaitForResult(); | 304 error = callback2.WaitForResult(); |
| 292 EXPECT_EQ(OK, error); | 305 EXPECT_EQ(OK, error); |
| 293 | 306 |
| 294 EXPECT_EQ(2u, service_->requests()); | 307 EXPECT_EQ(2u, service_->requests()); |
| 295 EXPECT_EQ(0u, service_->cert_store_hits()); | 308 EXPECT_EQ(0u, service_->cert_store_hits()); |
| 296 EXPECT_EQ(1u, service_->inflight_joins()); | 309 EXPECT_EQ(1u, service_->inflight_joins()); |
| 297 EXPECT_EQ(1u, service_->workers_created()); | 310 EXPECT_EQ(1u, service_->workers_created()); |
| 298 } | 311 } |
| 299 | 312 |
| 300 // Tests an inflight join of a Get request to a GetOrCreate request. | 313 // Tests an inflight join of a Get request to a GetOrCreate request. |
| 301 TEST_F(ServerBoundCertServiceTest, InflightJoinGetOrCreateAndGet) { | 314 TEST_F(ServerBoundCertServiceTest, InflightJoinGetOrCreateAndGet) { |
| 302 std::string host("encrypted.google.com"); | 315 std::string host("encrypted.google.com"); |
| 303 int error; | 316 int error; |
| 304 | 317 |
| 305 std::string private_key_info1, der_cert1; | 318 std::string private_key_info1, der_cert1; |
| 306 TestCompletionCallback callback1; | 319 TestCompletionCallback callback1; |
| 307 ServerBoundCertService::RequestHandle request_handle1; | 320 ServerBoundCertService::RequestHandle request_handle1; |
| 308 | 321 |
| 309 std::string private_key_info2; | 322 std::string private_key_info2; |
| 310 std::string der_cert2; | 323 std::string der_cert2; |
| 311 TestCompletionCallback callback2; | 324 TestCompletionCallback callback2; |
| 312 ServerBoundCertService::RequestHandle request_handle2; | 325 ServerBoundCertService::RequestHandle request_handle2; |
| 313 | 326 |
| 314 error = service_->GetOrCreateDomainBoundCert( | 327 error = service_->GetOrCreateDomainBoundCert(host, |
| 315 host, &private_key_info1, &der_cert1, | 328 &private_key_info1, |
| 316 callback1.callback(), &request_handle1); | 329 &der_cert1, |
| 330 callback1.callback(), |
| 331 &request_handle1); |
| 317 EXPECT_EQ(ERR_IO_PENDING, error); | 332 EXPECT_EQ(ERR_IO_PENDING, error); |
| 318 EXPECT_TRUE(request_handle1.is_active()); | 333 EXPECT_TRUE(request_handle1.is_active()); |
| 319 // Should join with the original request. | 334 // Should join with the original request. |
| 320 error = service_->GetDomainBoundCert( | 335 error = service_->GetDomainBoundCert(host, |
| 321 host, &private_key_info2, &der_cert2, callback2.callback(), | 336 &private_key_info2, |
| 322 &request_handle2); | 337 &der_cert2, |
| 338 callback2.callback(), |
| 339 &request_handle2); |
| 323 EXPECT_EQ(ERR_IO_PENDING, error); | 340 EXPECT_EQ(ERR_IO_PENDING, error); |
| 324 EXPECT_TRUE(request_handle2.is_active()); | 341 EXPECT_TRUE(request_handle2.is_active()); |
| 325 | 342 |
| 326 error = callback1.WaitForResult(); | 343 error = callback1.WaitForResult(); |
| 327 EXPECT_EQ(OK, error); | 344 EXPECT_EQ(OK, error); |
| 328 error = callback2.WaitForResult(); | 345 error = callback2.WaitForResult(); |
| 329 EXPECT_EQ(OK, error); | 346 EXPECT_EQ(OK, error); |
| 330 EXPECT_EQ(der_cert1, der_cert2); | 347 EXPECT_EQ(der_cert1, der_cert2); |
| 331 | 348 |
| 332 EXPECT_EQ(2u, service_->requests()); | 349 EXPECT_EQ(2u, service_->requests()); |
| 333 EXPECT_EQ(0u, service_->cert_store_hits()); | 350 EXPECT_EQ(0u, service_->cert_store_hits()); |
| 334 EXPECT_EQ(1u, service_->inflight_joins()); | 351 EXPECT_EQ(1u, service_->inflight_joins()); |
| 335 EXPECT_EQ(1u, service_->workers_created()); | 352 EXPECT_EQ(1u, service_->workers_created()); |
| 336 } | 353 } |
| 337 | 354 |
| 338 TEST_F(ServerBoundCertServiceTest, ExtractValuesFromBytesEC) { | 355 TEST_F(ServerBoundCertServiceTest, ExtractValuesFromBytesEC) { |
| 339 std::string host("encrypted.google.com"); | 356 std::string host("encrypted.google.com"); |
| 340 std::string private_key_info, der_cert; | 357 std::string private_key_info, der_cert; |
| 341 int error; | 358 int error; |
| 342 TestCompletionCallback callback; | 359 TestCompletionCallback callback; |
| 343 ServerBoundCertService::RequestHandle request_handle; | 360 ServerBoundCertService::RequestHandle request_handle; |
| 344 | 361 |
| 345 error = service_->GetOrCreateDomainBoundCert( | 362 error = service_->GetOrCreateDomainBoundCert( |
| 346 host, &private_key_info, &der_cert, callback.callback(), | 363 host, &private_key_info, &der_cert, callback.callback(), &request_handle); |
| 347 &request_handle); | |
| 348 EXPECT_EQ(ERR_IO_PENDING, error); | 364 EXPECT_EQ(ERR_IO_PENDING, error); |
| 349 EXPECT_TRUE(request_handle.is_active()); | 365 EXPECT_TRUE(request_handle.is_active()); |
| 350 error = callback.WaitForResult(); | 366 error = callback.WaitForResult(); |
| 351 EXPECT_EQ(OK, error); | 367 EXPECT_EQ(OK, error); |
| 352 | 368 |
| 353 base::StringPiece spki_piece; | 369 base::StringPiece spki_piece; |
| 354 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(der_cert, &spki_piece)); | 370 ASSERT_TRUE(asn1::ExtractSPKIFromDERCert(der_cert, &spki_piece)); |
| 355 std::vector<uint8> spki( | 371 std::vector<uint8> spki(spki_piece.data(), |
| 356 spki_piece.data(), | 372 spki_piece.data() + spki_piece.size()); |
| 357 spki_piece.data() + spki_piece.size()); | |
| 358 | 373 |
| 359 // Check that we can retrieve the key from the bytes. | 374 // Check that we can retrieve the key from the bytes. |
| 360 std::vector<uint8> key_vec(private_key_info.begin(), private_key_info.end()); | 375 std::vector<uint8> key_vec(private_key_info.begin(), private_key_info.end()); |
| 361 scoped_ptr<crypto::ECPrivateKey> private_key( | 376 scoped_ptr<crypto::ECPrivateKey> private_key( |
| 362 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | 377 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
| 363 ServerBoundCertService::kEPKIPassword, key_vec, spki)); | 378 ServerBoundCertService::kEPKIPassword, key_vec, spki)); |
| 364 EXPECT_TRUE(private_key != NULL); | 379 EXPECT_TRUE(private_key != NULL); |
| 365 | 380 |
| 366 // Check that we can retrieve the cert from the bytes. | 381 // Check that we can retrieve the cert from the bytes. |
| 367 scoped_refptr<X509Certificate> x509cert( | 382 scoped_refptr<X509Certificate> x509cert( |
| (...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 537 | 552 |
| 538 EXPECT_NE(private_key_info2, private_key_info3); | 553 EXPECT_NE(private_key_info2, private_key_info3); |
| 539 EXPECT_NE(der_cert2, der_cert3); | 554 EXPECT_NE(der_cert2, der_cert3); |
| 540 | 555 |
| 541 EXPECT_EQ(3, service_->cert_count()); | 556 EXPECT_EQ(3, service_->cert_count()); |
| 542 } | 557 } |
| 543 | 558 |
| 544 TEST_F(ServerBoundCertServiceTest, Expiration) { | 559 TEST_F(ServerBoundCertServiceTest, Expiration) { |
| 545 ServerBoundCertStore* store = service_->GetCertStore(); | 560 ServerBoundCertStore* store = service_->GetCertStore(); |
| 546 base::Time now = base::Time::Now(); | 561 base::Time now = base::Time::Now(); |
| 547 store->SetServerBoundCert("good", | 562 store->SetServerBoundCert( |
| 548 now, | 563 "good", now, now + base::TimeDelta::FromDays(1), "a", "b"); |
| 549 now + base::TimeDelta::FromDays(1), | |
| 550 "a", | |
| 551 "b"); | |
| 552 store->SetServerBoundCert("expired", | 564 store->SetServerBoundCert("expired", |
| 553 now - base::TimeDelta::FromDays(2), | 565 now - base::TimeDelta::FromDays(2), |
| 554 now - base::TimeDelta::FromDays(1), | 566 now - base::TimeDelta::FromDays(1), |
| 555 "c", | 567 "c", |
| 556 "d"); | 568 "d"); |
| 557 EXPECT_EQ(2, service_->cert_count()); | 569 EXPECT_EQ(2, service_->cert_count()); |
| 558 | 570 |
| 559 int error; | 571 int error; |
| 560 TestCompletionCallback callback; | 572 TestCompletionCallback callback; |
| 561 ServerBoundCertService::RequestHandle request_handle; | 573 ServerBoundCertService::RequestHandle request_handle; |
| 562 | 574 |
| 563 // Cert is valid - synchronous completion. | 575 // Cert is valid - synchronous completion. |
| 564 std::string private_key_info1, der_cert1; | 576 std::string private_key_info1, der_cert1; |
| 565 error = service_->GetOrCreateDomainBoundCert( | 577 error = service_->GetOrCreateDomainBoundCert("good", |
| 566 "good", &private_key_info1, &der_cert1, | 578 &private_key_info1, |
| 567 callback.callback(), &request_handle); | 579 &der_cert1, |
| 580 callback.callback(), |
| 581 &request_handle); |
| 568 EXPECT_EQ(OK, error); | 582 EXPECT_EQ(OK, error); |
| 569 EXPECT_FALSE(request_handle.is_active()); | 583 EXPECT_FALSE(request_handle.is_active()); |
| 570 EXPECT_EQ(2, service_->cert_count()); | 584 EXPECT_EQ(2, service_->cert_count()); |
| 571 EXPECT_STREQ("a", private_key_info1.c_str()); | 585 EXPECT_STREQ("a", private_key_info1.c_str()); |
| 572 EXPECT_STREQ("b", der_cert1.c_str()); | 586 EXPECT_STREQ("b", der_cert1.c_str()); |
| 573 | 587 |
| 574 // Expired cert is valid as well - synchronous completion. | 588 // Expired cert is valid as well - synchronous completion. |
| 575 std::string private_key_info2, der_cert2; | 589 std::string private_key_info2, der_cert2; |
| 576 error = service_->GetOrCreateDomainBoundCert( | 590 error = service_->GetOrCreateDomainBoundCert("expired", |
| 577 "expired", &private_key_info2, &der_cert2, | 591 &private_key_info2, |
| 578 callback.callback(), &request_handle); | 592 &der_cert2, |
| 593 callback.callback(), |
| 594 &request_handle); |
| 579 EXPECT_EQ(OK, error); | 595 EXPECT_EQ(OK, error); |
| 580 EXPECT_FALSE(request_handle.is_active()); | 596 EXPECT_FALSE(request_handle.is_active()); |
| 581 EXPECT_EQ(2, service_->cert_count()); | 597 EXPECT_EQ(2, service_->cert_count()); |
| 582 EXPECT_STREQ("c", private_key_info2.c_str()); | 598 EXPECT_STREQ("c", private_key_info2.c_str()); |
| 583 EXPECT_STREQ("d", der_cert2.c_str()); | 599 EXPECT_STREQ("d", der_cert2.c_str()); |
| 584 } | 600 } |
| 585 | 601 |
| 586 TEST_F(ServerBoundCertServiceTest, AsyncStoreGetOrCreateNoCertsInStore) { | 602 TEST_F(ServerBoundCertServiceTest, AsyncStoreGetOrCreateNoCertsInStore) { |
| 587 MockServerBoundCertStoreWithAsyncGet* mock_store = | 603 MockServerBoundCertStoreWithAsyncGet* mock_store = |
| 588 new MockServerBoundCertStoreWithAsyncGet(); | 604 new MockServerBoundCertStoreWithAsyncGet(); |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 765 EXPECT_EQ(der_cert1, der_cert2); | 781 EXPECT_EQ(der_cert1, der_cert2); |
| 766 EXPECT_FALSE(private_key1.empty()); | 782 EXPECT_FALSE(private_key1.empty()); |
| 767 EXPECT_EQ(private_key1, private_key2); | 783 EXPECT_EQ(private_key1, private_key2); |
| 768 EXPECT_FALSE(request_handle1.is_active()); | 784 EXPECT_FALSE(request_handle1.is_active()); |
| 769 EXPECT_FALSE(request_handle2.is_active()); | 785 EXPECT_FALSE(request_handle2.is_active()); |
| 770 } | 786 } |
| 771 | 787 |
| 772 } // namespace | 788 } // namespace |
| 773 | 789 |
| 774 } // namespace net | 790 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
