OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
66 not_allowed_cert_ = cert; | 66 not_allowed_cert_ = cert; |
67 } | 67 } |
68 | 68 |
69 private: | 69 private: |
70 bool init_finished_; | 70 bool init_finished_; |
71 bool init_called_ = false; | 71 bool init_called_ = false; |
72 base::Closure pending_callback_; | 72 base::Closure pending_callback_; |
73 scoped_refptr<net::X509Certificate> not_allowed_cert_; | 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; |
74 }; | 74 }; |
75 | 75 |
| 76 void SaveCertsAndQuitCallback(net::CertificateList* out_certs, |
| 77 base::Closure quit_closure, |
| 78 net::CertificateList in_certs) { |
| 79 *out_certs = std::move(in_certs); |
| 80 quit_closure.Run(); |
| 81 } |
| 82 |
76 } // namespace | 83 } // namespace |
77 | 84 |
78 class ClientCertStoreChromeOSTest : public ::testing::Test { | 85 class ClientCertStoreChromeOSTest : public ::testing::Test { |
79 public: | 86 public: |
80 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} | 87 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} |
81 | 88 |
82 scoped_refptr<net::X509Certificate> ImportCertToSlot( | 89 scoped_refptr<net::X509Certificate> ImportCertToSlot( |
83 const std::string& cert_filename, | 90 const std::string& cert_filename, |
84 const std::string& key_filename, | 91 const std::string& key_filename, |
85 PK11SlotInfo* slot) { | 92 PK11SlotInfo* slot) { |
(...skipping 18 matching lines...) Expand all Loading... |
104 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 111 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
105 | 112 |
106 scoped_refptr<net::X509Certificate> cert_1( | 113 scoped_refptr<net::X509Certificate> cert_1( |
107 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 114 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
108 ASSERT_TRUE(cert_1.get()); | 115 ASSERT_TRUE(cert_1.get()); |
109 | 116 |
110 // Request any client certificate, which is expected to match client_1. | 117 // Request any client certificate, which is expected to match client_1. |
111 scoped_refptr<net::SSLCertRequestInfo> request_all( | 118 scoped_refptr<net::SSLCertRequestInfo> request_all( |
112 new net::SSLCertRequestInfo()); | 119 new net::SSLCertRequestInfo()); |
113 | 120 |
| 121 net::CertificateList selected_certs; |
114 base::RunLoop run_loop; | 122 base::RunLoop run_loop; |
115 store.GetClientCerts(*request_all, &request_all->client_certs, | 123 store.GetClientCerts(*request_all, |
116 run_loop.QuitClosure()); | 124 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 125 run_loop.QuitClosure())); |
117 | 126 |
118 { | 127 { |
119 base::RunLoop run_loop_inner; | 128 base::RunLoop run_loop_inner; |
120 run_loop_inner.RunUntilIdle(); | 129 run_loop_inner.RunUntilIdle(); |
121 // GetClientCerts should wait for the initialization of the filter to | 130 // GetClientCerts should wait for the initialization of the filter to |
122 // finish. | 131 // finish. |
123 ASSERT_EQ(0u, request_all->client_certs.size()); | 132 ASSERT_EQ(0u, selected_certs.size()); |
124 EXPECT_TRUE(cert_filter->init_called()); | 133 EXPECT_TRUE(cert_filter->init_called()); |
125 } | 134 } |
126 cert_filter->FinishInit(); | 135 cert_filter->FinishInit(); |
127 run_loop.Run(); | 136 run_loop.Run(); |
128 | 137 |
129 ASSERT_EQ(1u, request_all->client_certs.size()); | 138 ASSERT_EQ(1u, selected_certs.size()); |
130 } | 139 } |
131 | 140 |
132 // Ensure that cert requests, that are started after the filter was initialized, | 141 // Ensure that cert requests, that are started after the filter was initialized, |
133 // will succeed. | 142 // will succeed. |
134 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 143 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
135 crypto::ScopedTestNSSDB test_db; | 144 crypto::ScopedTestNSSDB test_db; |
136 ASSERT_TRUE(test_db.is_open()); | 145 ASSERT_TRUE(test_db.is_open()); |
137 | 146 |
138 ClientCertStoreChromeOS store( | 147 ClientCertStoreChromeOS store( |
139 nullptr, // no additional provider | 148 nullptr, // no additional provider |
140 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), | 149 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), |
141 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 150 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
142 | 151 |
143 scoped_refptr<net::X509Certificate> cert_1( | 152 scoped_refptr<net::X509Certificate> cert_1( |
144 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 153 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
145 ASSERT_TRUE(cert_1.get()); | 154 ASSERT_TRUE(cert_1.get()); |
146 | 155 |
147 scoped_refptr<net::SSLCertRequestInfo> request_all( | 156 scoped_refptr<net::SSLCertRequestInfo> request_all( |
148 new net::SSLCertRequestInfo()); | 157 new net::SSLCertRequestInfo()); |
149 | 158 |
150 base::RunLoop run_loop; | 159 base::RunLoop run_loop; |
151 store.GetClientCerts(*request_all, &request_all->client_certs, | 160 net::CertificateList selected_certs; |
152 run_loop.QuitClosure()); | 161 store.GetClientCerts(*request_all, |
| 162 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 163 run_loop.QuitClosure())); |
153 run_loop.Run(); | 164 run_loop.Run(); |
154 | 165 |
155 ASSERT_EQ(1u, request_all->client_certs.size()); | 166 ASSERT_EQ(1u, selected_certs.size()); |
156 } | 167 } |
157 | 168 |
158 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 169 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
159 crypto::ScopedTestNSSDB test_db; | 170 crypto::ScopedTestNSSDB test_db; |
160 ASSERT_TRUE(test_db.is_open()); | 171 ASSERT_TRUE(test_db.is_open()); |
161 | 172 |
162 TestCertFilter* cert_filter = | 173 TestCertFilter* cert_filter = |
163 new TestCertFilter(true /* init synchronously */); | 174 new TestCertFilter(true /* init synchronously */); |
164 ClientCertStoreChromeOS store( | 175 ClientCertStoreChromeOS store( |
165 nullptr /* no additional provider */, base::WrapUnique(cert_filter), | 176 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
166 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 177 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
167 | 178 |
168 scoped_refptr<net::X509Certificate> cert_1( | 179 scoped_refptr<net::X509Certificate> cert_1( |
169 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 180 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
170 ASSERT_TRUE(cert_1.get()); | 181 ASSERT_TRUE(cert_1.get()); |
171 scoped_refptr<net::X509Certificate> cert_2( | 182 scoped_refptr<net::X509Certificate> cert_2( |
172 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 183 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
173 ASSERT_TRUE(cert_2.get()); | 184 ASSERT_TRUE(cert_2.get()); |
174 | 185 |
175 scoped_refptr<net::SSLCertRequestInfo> request_all( | 186 scoped_refptr<net::SSLCertRequestInfo> request_all( |
176 new net::SSLCertRequestInfo()); | 187 new net::SSLCertRequestInfo()); |
177 | 188 |
178 { | 189 { |
179 base::RunLoop run_loop; | 190 base::RunLoop run_loop; |
180 cert_filter->SetNotAllowedCert(cert_2); | 191 cert_filter->SetNotAllowedCert(cert_2); |
181 net::CertificateList selected_certs; | 192 net::CertificateList selected_certs; |
182 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); | 193 store.GetClientCerts(*request_all, |
| 194 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 195 run_loop.QuitClosure())); |
183 run_loop.Run(); | 196 run_loop.Run(); |
184 | 197 |
185 ASSERT_EQ(1u, selected_certs.size()); | 198 ASSERT_EQ(1u, selected_certs.size()); |
186 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 199 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
187 } | 200 } |
188 | 201 |
189 { | 202 { |
190 base::RunLoop run_loop; | 203 base::RunLoop run_loop; |
191 cert_filter->SetNotAllowedCert(cert_1); | 204 cert_filter->SetNotAllowedCert(cert_1); |
192 net::CertificateList selected_certs; | 205 net::CertificateList selected_certs; |
193 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); | 206 store.GetClientCerts(*request_all, |
| 207 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 208 run_loop.QuitClosure())); |
194 run_loop.Run(); | 209 run_loop.Run(); |
195 | 210 |
196 ASSERT_EQ(1u, selected_certs.size()); | 211 ASSERT_EQ(1u, selected_certs.size()); |
197 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); | 212 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); |
198 } | 213 } |
199 } | 214 } |
200 | 215 |
201 // Ensure that the delegation of the request matching to the base class is | 216 // Ensure that the delegation of the request matching to the base class is |
202 // functional. | 217 // functional. |
203 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 218 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
(...skipping 15 matching lines...) Expand all Loading... |
219 ASSERT_TRUE(cert_2.get()); | 234 ASSERT_TRUE(cert_2.get()); |
220 | 235 |
221 std::vector<std::string> authority_1( | 236 std::vector<std::string> authority_1( |
222 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 237 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
223 sizeof(kAuthority1DN))); | 238 sizeof(kAuthority1DN))); |
224 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 239 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
225 request->cert_authorities = authority_1; | 240 request->cert_authorities = authority_1; |
226 | 241 |
227 base::RunLoop run_loop; | 242 base::RunLoop run_loop; |
228 net::CertificateList selected_certs; | 243 net::CertificateList selected_certs; |
229 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); | 244 store.GetClientCerts(*request, |
| 245 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 246 run_loop.QuitClosure())); |
230 run_loop.Run(); | 247 run_loop.Run(); |
231 | 248 |
232 ASSERT_EQ(1u, selected_certs.size()); | 249 ASSERT_EQ(1u, selected_certs.size()); |
233 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 250 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
234 } | 251 } |
235 | 252 |
236 } // namespace chromeos | 253 } // namespace chromeos |
OLD | NEW |