| OLD | NEW |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <memory> | 5 #include <memory> |
| 6 | 6 |
| 7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
| 8 #include "net/base/ip_endpoint.h" | 8 #include "net/base/ip_endpoint.h" |
| 9 #include "net/base/net_errors.h" | 9 #include "net/base/net_errors.h" |
| 10 #include "net/base/test_completion_callback.h" | 10 #include "net/base/test_completion_callback.h" |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 129 std::unique_ptr<ProofVerifier> verifier( | 129 std::unique_ptr<ProofVerifier> verifier( |
| 130 crypto_test_utils::ProofVerifierForTesting()); | 130 crypto_test_utils::ProofVerifierForTesting()); |
| 131 | 131 |
| 132 const string server_config = "server config bytes"; | 132 const string server_config = "server config bytes"; |
| 133 const string hostname = "test.example.com"; | 133 const string hostname = "test.example.com"; |
| 134 const uint16_t port = 8443; | 134 const uint16_t port = 8443; |
| 135 const string first_chlo_hash = "first chlo hash bytes"; | 135 const string first_chlo_hash = "first chlo hash bytes"; |
| 136 const string second_chlo_hash = "first chlo hash bytes"; | 136 const string second_chlo_hash = "first chlo hash bytes"; |
| 137 const QuicVersion quic_version = GetParam(); | 137 const QuicVersion quic_version = GetParam(); |
| 138 | 138 |
| 139 bool called = false; |
| 140 bool first_called = false; |
| 141 bool ok, first_ok; |
| 139 QuicReferenceCountedPointer<ProofSource::Chain> chain; | 142 QuicReferenceCountedPointer<ProofSource::Chain> chain; |
| 140 QuicReferenceCountedPointer<ProofSource::Chain> first_chain; | 143 QuicReferenceCountedPointer<ProofSource::Chain> first_chain; |
| 141 string error_details; | 144 string error_details; |
| 142 QuicCryptoProof proof, first_proof; | 145 QuicCryptoProof proof, first_proof; |
| 143 QuicSocketAddress server_addr; | 146 QuicSocketAddress server_addr; |
| 144 | 147 |
| 145 ASSERT_TRUE(source->GetProof(server_addr, hostname, server_config, | 148 std::unique_ptr<ProofSource::Callback> cb( |
| 146 quic_version, first_chlo_hash, QuicTagVector(), | 149 new TestCallback(&called, &ok, &chain, &proof)); |
| 147 &first_chain, &first_proof)); | 150 std::unique_ptr<ProofSource::Callback> first_cb( |
| 148 ASSERT_TRUE(source->GetProof(server_addr, hostname, server_config, | 151 new TestCallback(&first_called, &first_ok, &first_chain, &first_proof)); |
| 149 quic_version, second_chlo_hash, QuicTagVector(), | 152 |
| 150 &chain, &proof)); | 153 // GetProof here expects the async method to invoke the callback |
| 154 // synchronously. |
| 155 source->GetProof(server_addr, hostname, server_config, quic_version, |
| 156 first_chlo_hash, QuicTagVector(), std::move(first_cb)); |
| 157 source->GetProof(server_addr, hostname, server_config, quic_version, |
| 158 second_chlo_hash, QuicTagVector(), std::move(cb)); |
| 159 ASSERT_TRUE(called); |
| 160 ASSERT_TRUE(first_called); |
| 161 ASSERT_TRUE(ok); |
| 162 ASSERT_TRUE(first_ok); |
| 151 | 163 |
| 152 // Check that the proof source is caching correctly: | 164 // Check that the proof source is caching correctly: |
| 153 ASSERT_EQ(first_chain->certs, chain->certs); | 165 ASSERT_EQ(first_chain->certs, chain->certs); |
| 154 ASSERT_NE(proof.signature, first_proof.signature); | 166 ASSERT_NE(proof.signature, first_proof.signature); |
| 155 ASSERT_EQ(first_proof.leaf_cert_scts, proof.leaf_cert_scts); | 167 ASSERT_EQ(first_proof.leaf_cert_scts, proof.leaf_cert_scts); |
| 156 | 168 |
| 157 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 169 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
| 158 first_chlo_hash, chain->certs, proof.signature, true); | 170 first_chlo_hash, chain->certs, proof.signature, true); |
| 159 | 171 |
| 160 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, | 172 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, |
| 161 first_chlo_hash, chain->certs, proof.signature, false); | 173 first_chlo_hash, chain->certs, proof.signature, false); |
| 162 | 174 |
| 163 RunVerification(verifier.get(), server_config.substr(1, string::npos), port, | 175 RunVerification(verifier.get(), server_config.substr(1, string::npos), port, |
| 164 server_config, quic_version, first_chlo_hash, chain->certs, | 176 server_config, quic_version, first_chlo_hash, chain->certs, |
| 165 proof.signature, false); | 177 proof.signature, false); |
| 166 | 178 |
| 167 const string corrupt_signature = "1" + proof.signature; | 179 const string corrupt_signature = "1" + proof.signature; |
| 168 RunVerification(verifier.get(), hostname, port, server_config, quic_version, | 180 RunVerification(verifier.get(), hostname, port, server_config, quic_version, |
| 169 first_chlo_hash, chain->certs, corrupt_signature, false); | 181 first_chlo_hash, chain->certs, corrupt_signature, false); |
| 170 | 182 |
| 171 std::vector<string> wrong_certs; | 183 std::vector<string> wrong_certs; |
| 172 for (size_t i = 1; i < chain->certs.size(); i++) { | 184 for (size_t i = 1; i < chain->certs.size(); i++) { |
| 173 wrong_certs.push_back(chain->certs[i]); | 185 wrong_certs.push_back(chain->certs[i]); |
| 174 } | 186 } |
| 175 | 187 |
| 176 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, | 188 RunVerification(verifier.get(), "foo.com", port, server_config, quic_version, |
| 177 first_chlo_hash, wrong_certs, corrupt_signature, false); | 189 first_chlo_hash, wrong_certs, corrupt_signature, false); |
| 178 } | 190 } |
| 179 | 191 |
| 180 TEST_P(ProofTest, VerifySourceAsync) { | |
| 181 std::unique_ptr<ProofSource> source( | |
| 182 crypto_test_utils::ProofSourceForTesting()); | |
| 183 | |
| 184 const string server_config = "server config bytes"; | |
| 185 const string hostname = "test.example.com"; | |
| 186 const string first_chlo_hash = "first chlo hash bytes"; | |
| 187 const string second_chlo_hash = "first chlo hash bytes"; | |
| 188 const QuicVersion quic_version = GetParam(); | |
| 189 QuicSocketAddress server_addr; | |
| 190 | |
| 191 // Call synchronous version | |
| 192 QuicReferenceCountedPointer<ProofSource::Chain> expected_chain; | |
| 193 QuicCryptoProof expected_proof; | |
| 194 ASSERT_TRUE(source->GetProof(server_addr, hostname, server_config, | |
| 195 quic_version, first_chlo_hash, QuicTagVector(), | |
| 196 &expected_chain, &expected_proof)); | |
| 197 | |
| 198 // Call asynchronous version and compare results | |
| 199 bool called = false; | |
| 200 bool ok; | |
| 201 QuicReferenceCountedPointer<ProofSource::Chain> chain; | |
| 202 QuicCryptoProof proof; | |
| 203 std::unique_ptr<ProofSource::Callback> cb( | |
| 204 new TestCallback(&called, &ok, &chain, &proof)); | |
| 205 source->GetProof(server_addr, hostname, server_config, quic_version, | |
| 206 first_chlo_hash, QuicTagVector(), std::move(cb)); | |
| 207 // TODO(gredner): whan GetProof really invokes the callback asynchronously, | |
| 208 // figure out what to do here. | |
| 209 ASSERT_TRUE(called); | |
| 210 ASSERT_TRUE(ok); | |
| 211 EXPECT_THAT(chain->certs, ::testing::ContainerEq(expected_chain->certs)); | |
| 212 EXPECT_EQ(proof.leaf_cert_scts, expected_proof.leaf_cert_scts); | |
| 213 } | |
| 214 | |
| 215 TEST_P(ProofTest, UseAfterFree) { | 192 TEST_P(ProofTest, UseAfterFree) { |
| 216 std::unique_ptr<ProofSource> source( | 193 std::unique_ptr<ProofSource> source( |
| 217 crypto_test_utils::ProofSourceForTesting()); | 194 crypto_test_utils::ProofSourceForTesting()); |
| 218 | 195 |
| 219 const string server_config = "server config bytes"; | 196 const string server_config = "server config bytes"; |
| 220 const string hostname = "test.example.com"; | 197 const string hostname = "test.example.com"; |
| 221 const string chlo_hash = "proof nonce bytes"; | 198 const string chlo_hash = "proof nonce bytes"; |
| 199 bool called = false; |
| 200 bool ok; |
| 222 QuicReferenceCountedPointer<ProofSource::Chain> chain; | 201 QuicReferenceCountedPointer<ProofSource::Chain> chain; |
| 223 string error_details; | 202 string error_details; |
| 224 QuicCryptoProof proof; | 203 QuicCryptoProof proof; |
| 225 QuicSocketAddress server_addr; | 204 QuicSocketAddress server_addr; |
| 205 std::unique_ptr<ProofSource::Callback> cb( |
| 206 new TestCallback(&called, &ok, &chain, &proof)); |
| 226 | 207 |
| 227 ASSERT_TRUE(source->GetProof(server_addr, hostname, server_config, GetParam(), | 208 // GetProof here expects the async method to invoke the callback |
| 228 chlo_hash, QuicTagVector(), &chain, &proof)); | 209 // synchronously. |
| 210 source->GetProof(server_addr, hostname, server_config, GetParam(), chlo_hash, |
| 211 QuicTagVector(), std::move(cb)); |
| 212 ASSERT_TRUE(called); |
| 213 ASSERT_TRUE(ok); |
| 229 | 214 |
| 230 // Make sure we can safely access results after deleting where they came from. | 215 // Make sure we can safely access results after deleting where they came from. |
| 231 EXPECT_FALSE(chain->HasOneRef()); | 216 EXPECT_FALSE(chain->HasOneRef()); |
| 232 source = nullptr; | 217 source = nullptr; |
| 233 EXPECT_TRUE(chain->HasOneRef()); | 218 EXPECT_TRUE(chain->HasOneRef()); |
| 234 | 219 |
| 235 EXPECT_FALSE(chain->certs.empty()); | 220 EXPECT_FALSE(chain->certs.empty()); |
| 236 for (const string& cert : chain->certs) { | 221 for (const string& cert : chain->certs) { |
| 237 EXPECT_FALSE(cert.empty()); | 222 EXPECT_FALSE(cert.empty()); |
| 238 } | 223 } |
| 239 } | 224 } |
| 240 | 225 |
| 241 } // namespace test | 226 } // namespace test |
| 242 } // namespace net | 227 } // namespace net |
| OLD | NEW |