Chromium Code Reviews Chromium Code Reviews
Issue 27832002:
Sign self-signed certs with SHA256. (Closed)
Base URL: https://src.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
| 10 #include "chrome/browser/chromeos/attestation/attestation_key_payload.pb.h" | 10 #include "chrome/browser/chromeos/attestation/attestation_key_payload.pb.h" |
| (...skipping 14 matching lines...) Expand all Loading... | |
| 25 using testing::_; | 25 using testing::_; |
| 26 using testing::Invoke; | 26 using testing::Invoke; |
| 27 using testing::StrictMock; | 27 using testing::StrictMock; |
| 28 using testing::WithArgs; | 28 using testing::WithArgs; |
| 29 | 29 |
| 30 namespace chromeos { | 30 namespace chromeos { |
| 31 namespace attestation { | 31 namespace attestation { |
| 32 | 32 |
| 33 namespace { | 33 namespace { |
| 34 | 34 |
| 35 // A test key encoded as ASN.1 PrivateKeyInfo from PKCS #8. | |
| 36 const uint8 kTestKeyData[] = { | |
| 37 0x30, 0x82, 0x01, 0x55, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, | |
| 38 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, | |
| 39 0x01, 0x3f, 0x30, 0x82, 0x01, 0x3b, 0x02, 0x01, 0x00, 0x02, 0x41, 0x00, | |
| 40 0xd9, 0xcd, 0xca, 0xcd, 0xc3, 0xea, 0xbe, 0x72, 0x79, 0x1c, 0x29, 0x37, | |
| 41 0x39, 0x99, 0x1f, 0xd4, 0xb3, 0x0e, 0xf0, 0x7b, 0x78, 0x77, 0x0e, 0x05, | |
| 42 0x3b, 0x65, 0x34, 0x12, 0x62, 0xaf, 0xa6, 0x8d, 0x33, 0xce, 0x78, 0xf8, | |
| 43 0x47, 0x05, 0x1d, 0x98, 0xaa, 0x1b, 0x1f, 0x50, 0x05, 0x5b, 0x3c, 0x19, | |
| 44 0x3f, 0x80, 0x83, 0x63, 0x63, 0x3a, 0xec, 0xcb, 0x2e, 0x90, 0x4f, 0xf5, | |
| 45 0x26, 0x76, 0xf1, 0xd5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x40, 0x64, | |
| 46 0x29, 0xc2, 0xd9, 0x6b, 0xfe, 0xf9, 0x84, 0x75, 0x73, 0xe0, 0xf4, 0x77, | |
| 47 0xb5, 0x96, 0xb0, 0xdf, 0x83, 0xc0, 0x4e, 0x57, 0xf1, 0x10, 0x6e, 0x91, | |
| 48 0x89, 0x12, 0x30, 0x5e, 0x57, 0xff, 0x14, 0x59, 0x5f, 0x18, 0x86, 0x4e, | |
| 49 0x4b, 0x17, 0x56, 0xfc, 0x8d, 0x40, 0xdd, 0x74, 0x65, 0xd3, 0xff, 0x67, | |
| 50 0x64, 0xcb, 0x9c, 0xb4, 0x14, 0x8a, 0x06, 0xb7, 0x13, 0x45, 0x94, 0x16, | |
| 51 0x7d, 0x3f, 0xe1, 0x02, 0x21, 0x00, 0xf6, 0x0f, 0x31, 0x6d, 0x06, 0xcc, | |
| 52 0x3b, 0xa0, 0x44, 0x1f, 0xf5, 0xc2, 0x45, 0x2b, 0x10, 0x6c, 0xf9, 0x6f, | |
| 53 0x8f, 0x87, 0x3d, 0xc0, 0x3b, 0x55, 0x13, 0x37, 0x80, 0xcd, 0x9f, 0xe1, | |
| 54 0xb7, 0xd9, 0x02, 0x21, 0x00, 0xe2, 0x9a, 0x5f, 0xbf, 0x95, 0x74, 0xb5, | |
| 55 0x7a, 0x6a, 0xa6, 0x97, 0xbd, 0x75, 0x8c, 0x97, 0x18, 0x24, 0xd6, 0x09, | |
| 56 0xcd, 0xdc, 0xb5, 0x94, 0xbf, 0xe2, 0x78, 0xaa, 0x20, 0x47, 0x9f, 0x68, | |
| 57 0x5d, 0x02, 0x21, 0x00, 0xaf, 0x8f, 0x97, 0x8c, 0x5a, 0xd5, 0x4d, 0x95, | |
| 58 0xc4, 0x05, 0xa9, 0xab, 0xba, 0xfe, 0x46, 0xf1, 0xf9, 0xe7, 0x07, 0x59, | |
| 59 0x4f, 0x4d, 0xe1, 0x07, 0x8a, 0x76, 0x87, 0x88, 0x2f, 0x13, 0x35, 0xc1, | |
| 60 0x02, 0x20, 0x24, 0xc3, 0xd9, 0x2f, 0x13, 0x47, 0x99, 0x3e, 0x20, 0x59, | |
| 61 0xa1, 0x1a, 0xeb, 0x1c, 0x81, 0x53, 0x38, 0x7e, 0xc5, 0x9e, 0x71, 0xe5, | |
| 62 0xc0, 0x19, 0x95, 0xdb, 0xef, 0xf6, 0x46, 0xc8, 0x95, 0x3d, 0x02, 0x21, | |
| 63 0x00, 0xaa, 0xb1, 0xff, 0x8a, 0xa2, 0xb2, 0x2b, 0xef, 0x9a, 0x83, 0x3f, | |
| 64 0xc5, 0xbc, 0xd4, 0x6a, 0x07, 0xe8, 0xc7, 0x0b, 0x2e, 0xd4, 0x0f, 0xf8, | |
| 65 0x98, 0x68, 0xe1, 0x04, 0xa8, 0x92, 0xd0, 0x10, 0xaa, | |
| 66 }; | |
| 67 | |
| 68 void DBusCallbackFalse(const BoolDBusMethodCallback& callback) { | 35 void DBusCallbackFalse(const BoolDBusMethodCallback& callback) { |
| 69 base::MessageLoop::current()->PostTask( | 36 base::MessageLoop::current()->PostTask( |
| 70 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false)); | 37 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false)); |
| 71 } | 38 } |
| 72 | 39 |
| 73 void DBusCallbackTrue(const BoolDBusMethodCallback& callback) { | 40 void DBusCallbackTrue(const BoolDBusMethodCallback& callback) { |
| 74 base::MessageLoop::current()->PostTask( | 41 base::MessageLoop::current()->PostTask( |
| 75 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true)); | 42 FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, true)); |
| 76 } | 43 } |
| 77 | 44 |
| (...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 213 break; | 180 break; |
| 214 case CERT_EXPIRING_SOON: | 181 case CERT_EXPIRING_SOON: |
| 215 valid_expiry = base::Time::Now() + base::TimeDelta::FromDays(20); | 182 valid_expiry = base::Time::Now() + base::TimeDelta::FromDays(20); |
| 216 break; | 183 break; |
| 217 case CERT_EXPIRED: | 184 case CERT_EXPIRED: |
| 218 valid_expiry = base::Time::Now() - base::TimeDelta::FromDays(20); | 185 valid_expiry = base::Time::Now() - base::TimeDelta::FromDays(20); |
| 219 break; | 186 break; |
| 220 default: | 187 default: |
| 221 NOTREACHED(); | 188 NOTREACHED(); |
| 222 } | 189 } |
| 223 scoped_ptr<crypto::RSAPrivateKey> test_key( | 190 crypto::RSAPrivateKey* raw_key; |
| 224 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo( | 191 bool success = net::x509_util::CreateKeyAndSelfSignedCert("CN=subject", |
| 225 std::vector<uint8>(&kTestKeyData[0], | 192 12345, |
| 226 &kTestKeyData[arraysize(kTestKeyData)]))); | 193 valid_start, |
| 227 if (!test_key.get()) | 194 valid_expiry, |
| 228 return false; | 195 &raw_key, |
| 229 return net::x509_util::CreateSelfSignedCert(test_key.get(), | 196 certificate); |
| 230 "CN=subject", | 197 scoped_ptr<crypto::RSAPrivateKey> key(raw_key); // Just deletes the key. |
|
Darren Krahn
2013/10/18 21:01:32
optional nit: I would say just call 'delete' at th
bemasc
2013/10/18 22:03:34
Done.
| |
| 231 12345, | 198 return success; |
| 232 valid_start, | |
| 233 valid_expiry, | |
| 234 certificate); | |
| 235 } | 199 } |
| 236 | 200 |
| 237 base::MessageLoop message_loop_; | 201 base::MessageLoop message_loop_; |
| 238 content::TestBrowserThread ui_thread_; | 202 content::TestBrowserThread ui_thread_; |
| 239 ScopedTestDeviceSettingsService test_device_settings_service_; | 203 ScopedTestDeviceSettingsService test_device_settings_service_; |
| 240 ScopedTestCrosSettings test_cros_settings_; | 204 ScopedTestCrosSettings test_cros_settings_; |
| 241 CrosSettingsProvider* device_settings_provider_; | 205 CrosSettingsProvider* device_settings_provider_; |
| 242 StubCrosSettingsProvider stub_settings_provider_; | 206 StubCrosSettingsProvider stub_settings_provider_; |
| 243 StrictMock<MockCryptohomeClient> cryptohome_client_; | 207 StrictMock<MockCryptohomeClient> cryptohome_client_; |
| 244 StrictMock<MockAttestationFlow> attestation_flow_; | 208 StrictMock<MockAttestationFlow> attestation_flow_; |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 298 SetupMocks(MOCK_NEW_KEY, ""); | 262 SetupMocks(MOCK_NEW_KEY, ""); |
| 299 // Simulate a DBus failure. | 263 // Simulate a DBus failure. |
| 300 EXPECT_CALL(cryptohome_client_, TpmAttestationDoesKeyExist(_, _, _)) | 264 EXPECT_CALL(cryptohome_client_, TpmAttestationDoesKeyExist(_, _, _)) |
| 301 .WillOnce(WithArgs<2>(Invoke(DBusCallbackError))) | 265 .WillOnce(WithArgs<2>(Invoke(DBusCallbackError))) |
| 302 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackFalse))); | 266 .WillRepeatedly(WithArgs<2>(Invoke(DBusCallbackFalse))); |
| 303 Run(); | 267 Run(); |
| 304 } | 268 } |
| 305 | 269 |
| 306 } // namespace attestation | 270 } // namespace attestation |
| 307 } // namespace chromeos | 271 } // namespace chromeos |
| OLD | NEW |
