| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 not_allowed_cert_ = cert; | 66 not_allowed_cert_ = cert; |
| 67 } | 67 } |
| 68 | 68 |
| 69 private: | 69 private: |
| 70 bool init_finished_; | 70 bool init_finished_; |
| 71 bool init_called_ = false; | 71 bool init_called_ = false; |
| 72 base::Closure pending_callback_; | 72 base::Closure pending_callback_; |
| 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; | 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; |
| 74 }; | 74 }; |
| 75 | 75 |
| 76 void SaveCertsAndQuitCallback(net::CertificateList* out_certs, |
| 77 base::Closure quit_closure, |
| 78 net::CertificateList in_certs) { |
| 79 *out_certs = std::move(in_certs); |
| 80 quit_closure.Run(); |
| 81 } |
| 82 |
| 76 } // namespace | 83 } // namespace |
| 77 | 84 |
| 78 class ClientCertStoreChromeOSTest : public ::testing::Test { | 85 class ClientCertStoreChromeOSTest : public ::testing::Test { |
| 79 public: | 86 public: |
| 80 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} | 87 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} |
| 81 | 88 |
| 82 scoped_refptr<net::X509Certificate> ImportCertToSlot( | 89 scoped_refptr<net::X509Certificate> ImportCertToSlot( |
| 83 const std::string& cert_filename, | 90 const std::string& cert_filename, |
| 84 const std::string& key_filename, | 91 const std::string& key_filename, |
| 85 PK11SlotInfo* slot) { | 92 PK11SlotInfo* slot) { |
| (...skipping 18 matching lines...) Expand all Loading... |
| 104 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 111 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 105 | 112 |
| 106 scoped_refptr<net::X509Certificate> cert_1( | 113 scoped_refptr<net::X509Certificate> cert_1( |
| 107 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 114 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 108 ASSERT_TRUE(cert_1.get()); | 115 ASSERT_TRUE(cert_1.get()); |
| 109 | 116 |
| 110 // Request any client certificate, which is expected to match client_1. | 117 // Request any client certificate, which is expected to match client_1. |
| 111 scoped_refptr<net::SSLCertRequestInfo> request_all( | 118 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 112 new net::SSLCertRequestInfo()); | 119 new net::SSLCertRequestInfo()); |
| 113 | 120 |
| 121 net::CertificateList selected_certs; |
| 114 base::RunLoop run_loop; | 122 base::RunLoop run_loop; |
| 115 store.GetClientCerts(*request_all, &request_all->client_certs, | 123 store.GetClientCerts(*request_all, |
| 116 run_loop.QuitClosure()); | 124 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 125 run_loop.QuitClosure())); |
| 117 | 126 |
| 118 { | 127 { |
| 119 base::RunLoop run_loop_inner; | 128 base::RunLoop run_loop_inner; |
| 120 run_loop_inner.RunUntilIdle(); | 129 run_loop_inner.RunUntilIdle(); |
| 121 // GetClientCerts should wait for the initialization of the filter to | 130 // GetClientCerts should wait for the initialization of the filter to |
| 122 // finish. | 131 // finish. |
| 123 ASSERT_EQ(0u, request_all->client_certs.size()); | 132 ASSERT_EQ(0u, selected_certs.size()); |
| 124 EXPECT_TRUE(cert_filter->init_called()); | 133 EXPECT_TRUE(cert_filter->init_called()); |
| 125 } | 134 } |
| 126 cert_filter->FinishInit(); | 135 cert_filter->FinishInit(); |
| 127 run_loop.Run(); | 136 run_loop.Run(); |
| 128 | 137 |
| 129 ASSERT_EQ(1u, request_all->client_certs.size()); | 138 ASSERT_EQ(1u, selected_certs.size()); |
| 130 } | 139 } |
| 131 | 140 |
| 132 // Ensure that cert requests, that are started after the filter was initialized, | 141 // Ensure that cert requests, that are started after the filter was initialized, |
| 133 // will succeed. | 142 // will succeed. |
| 134 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 143 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
| 135 crypto::ScopedTestNSSDB test_db; | 144 crypto::ScopedTestNSSDB test_db; |
| 136 ASSERT_TRUE(test_db.is_open()); | 145 ASSERT_TRUE(test_db.is_open()); |
| 137 | 146 |
| 138 ClientCertStoreChromeOS store( | 147 ClientCertStoreChromeOS store( |
| 139 nullptr, // no additional provider | 148 nullptr, // no additional provider |
| 140 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), | 149 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), |
| 141 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 150 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 142 | 151 |
| 143 scoped_refptr<net::X509Certificate> cert_1( | 152 scoped_refptr<net::X509Certificate> cert_1( |
| 144 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 153 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 145 ASSERT_TRUE(cert_1.get()); | 154 ASSERT_TRUE(cert_1.get()); |
| 146 | 155 |
| 147 scoped_refptr<net::SSLCertRequestInfo> request_all( | 156 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 148 new net::SSLCertRequestInfo()); | 157 new net::SSLCertRequestInfo()); |
| 149 | 158 |
| 150 base::RunLoop run_loop; | 159 base::RunLoop run_loop; |
| 151 store.GetClientCerts(*request_all, &request_all->client_certs, | 160 net::CertificateList selected_certs; |
| 152 run_loop.QuitClosure()); | 161 store.GetClientCerts(*request_all, |
| 162 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 163 run_loop.QuitClosure())); |
| 153 run_loop.Run(); | 164 run_loop.Run(); |
| 154 | 165 |
| 155 ASSERT_EQ(1u, request_all->client_certs.size()); | 166 ASSERT_EQ(1u, selected_certs.size()); |
| 156 } | 167 } |
| 157 | 168 |
| 158 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 169 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
| 159 crypto::ScopedTestNSSDB test_db; | 170 crypto::ScopedTestNSSDB test_db; |
| 160 ASSERT_TRUE(test_db.is_open()); | 171 ASSERT_TRUE(test_db.is_open()); |
| 161 | 172 |
| 162 TestCertFilter* cert_filter = | 173 TestCertFilter* cert_filter = |
| 163 new TestCertFilter(true /* init synchronously */); | 174 new TestCertFilter(true /* init synchronously */); |
| 164 ClientCertStoreChromeOS store( | 175 ClientCertStoreChromeOS store( |
| 165 nullptr /* no additional provider */, base::WrapUnique(cert_filter), | 176 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
| 166 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 177 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 167 | 178 |
| 168 scoped_refptr<net::X509Certificate> cert_1( | 179 scoped_refptr<net::X509Certificate> cert_1( |
| 169 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 180 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 170 ASSERT_TRUE(cert_1.get()); | 181 ASSERT_TRUE(cert_1.get()); |
| 171 scoped_refptr<net::X509Certificate> cert_2( | 182 scoped_refptr<net::X509Certificate> cert_2( |
| 172 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 183 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
| 173 ASSERT_TRUE(cert_2.get()); | 184 ASSERT_TRUE(cert_2.get()); |
| 174 | 185 |
| 175 scoped_refptr<net::SSLCertRequestInfo> request_all( | 186 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 176 new net::SSLCertRequestInfo()); | 187 new net::SSLCertRequestInfo()); |
| 177 | 188 |
| 178 { | 189 { |
| 179 base::RunLoop run_loop; | 190 base::RunLoop run_loop; |
| 180 cert_filter->SetNotAllowedCert(cert_2); | 191 cert_filter->SetNotAllowedCert(cert_2); |
| 181 net::CertificateList selected_certs; | 192 net::CertificateList selected_certs; |
| 182 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); | 193 store.GetClientCerts(*request_all, |
| 194 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 195 run_loop.QuitClosure())); |
| 183 run_loop.Run(); | 196 run_loop.Run(); |
| 184 | 197 |
| 185 ASSERT_EQ(1u, selected_certs.size()); | 198 ASSERT_EQ(1u, selected_certs.size()); |
| 186 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 199 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
| 187 } | 200 } |
| 188 | 201 |
| 189 { | 202 { |
| 190 base::RunLoop run_loop; | 203 base::RunLoop run_loop; |
| 191 cert_filter->SetNotAllowedCert(cert_1); | 204 cert_filter->SetNotAllowedCert(cert_1); |
| 192 net::CertificateList selected_certs; | 205 net::CertificateList selected_certs; |
| 193 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); | 206 store.GetClientCerts(*request_all, |
| 207 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 208 run_loop.QuitClosure())); |
| 194 run_loop.Run(); | 209 run_loop.Run(); |
| 195 | 210 |
| 196 ASSERT_EQ(1u, selected_certs.size()); | 211 ASSERT_EQ(1u, selected_certs.size()); |
| 197 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); | 212 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); |
| 198 } | 213 } |
| 199 } | 214 } |
| 200 | 215 |
| 201 // Ensure that the delegation of the request matching to the base class is | 216 // Ensure that the delegation of the request matching to the base class is |
| 202 // functional. | 217 // functional. |
| 203 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 218 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 219 ASSERT_TRUE(cert_2.get()); | 234 ASSERT_TRUE(cert_2.get()); |
| 220 | 235 |
| 221 std::vector<std::string> authority_1( | 236 std::vector<std::string> authority_1( |
| 222 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 237 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
| 223 sizeof(kAuthority1DN))); | 238 sizeof(kAuthority1DN))); |
| 224 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 239 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
| 225 request->cert_authorities = authority_1; | 240 request->cert_authorities = authority_1; |
| 226 | 241 |
| 227 base::RunLoop run_loop; | 242 base::RunLoop run_loop; |
| 228 net::CertificateList selected_certs; | 243 net::CertificateList selected_certs; |
| 229 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); | 244 store.GetClientCerts(*request, |
| 245 base::Bind(SaveCertsAndQuitCallback, &selected_certs, |
| 246 run_loop.QuitClosure())); |
| 230 run_loop.Run(); | 247 run_loop.Run(); |
| 231 | 248 |
| 232 ASSERT_EQ(1u, selected_certs.size()); | 249 ASSERT_EQ(1u, selected_certs.size()); |
| 233 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 250 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
| 234 } | 251 } |
| 235 | 252 |
| 236 } // namespace chromeos | 253 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2838243002:
Remove client_certs from SSLCertRequestInfo. (Closed)
