| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 not_allowed_cert_ = cert; | 66 not_allowed_cert_ = cert; |
| 67 } | 67 } |
| 68 | 68 |
| 69 private: | 69 private: |
| 70 bool init_finished_; | 70 bool init_finished_; |
| 71 bool init_called_ = false; | 71 bool init_called_ = false; |
| 72 base::Closure pending_callback_; | 72 base::Closure pending_callback_; |
| 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; | 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; |
| 74 }; | 74 }; |
| 75 | 75 |
| 76 void SaveCertsAndQuitCallback(net::CertificateList* out_certs, | |
| 77 base::Closure quit_closure, | |
| 78 net::CertificateList in_certs) { | |
| 79 *out_certs = std::move(in_certs); | |
| 80 quit_closure.Run(); | |
| 81 } | |
| 82 | |
| 83 } // namespace | 76 } // namespace |
| 84 | 77 |
| 85 class ClientCertStoreChromeOSTest : public ::testing::Test { | 78 class ClientCertStoreChromeOSTest : public ::testing::Test { |
| 86 public: | 79 public: |
| 87 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} | 80 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} |
| 88 | 81 |
| 89 scoped_refptr<net::X509Certificate> ImportCertToSlot( | 82 scoped_refptr<net::X509Certificate> ImportCertToSlot( |
| 90 const std::string& cert_filename, | 83 const std::string& cert_filename, |
| 91 const std::string& key_filename, | 84 const std::string& key_filename, |
| 92 PK11SlotInfo* slot) { | 85 PK11SlotInfo* slot) { |
| (...skipping 18 matching lines...) Expand all Loading... |
| 111 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 104 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 112 | 105 |
| 113 scoped_refptr<net::X509Certificate> cert_1( | 106 scoped_refptr<net::X509Certificate> cert_1( |
| 114 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 107 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 115 ASSERT_TRUE(cert_1.get()); | 108 ASSERT_TRUE(cert_1.get()); |
| 116 | 109 |
| 117 // Request any client certificate, which is expected to match client_1. | 110 // Request any client certificate, which is expected to match client_1. |
| 118 scoped_refptr<net::SSLCertRequestInfo> request_all( | 111 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 119 new net::SSLCertRequestInfo()); | 112 new net::SSLCertRequestInfo()); |
| 120 | 113 |
| 121 net::CertificateList selected_certs; | |
| 122 base::RunLoop run_loop; | 114 base::RunLoop run_loop; |
| 123 store.GetClientCerts(*request_all, | 115 store.GetClientCerts(*request_all, &request_all->client_certs, |
| 124 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | 116 run_loop.QuitClosure()); |
| 125 run_loop.QuitClosure())); | |
| 126 | 117 |
| 127 { | 118 { |
| 128 base::RunLoop run_loop_inner; | 119 base::RunLoop run_loop_inner; |
| 129 run_loop_inner.RunUntilIdle(); | 120 run_loop_inner.RunUntilIdle(); |
| 130 // GetClientCerts should wait for the initialization of the filter to | 121 // GetClientCerts should wait for the initialization of the filter to |
| 131 // finish. | 122 // finish. |
| 132 ASSERT_EQ(0u, selected_certs.size()); | 123 ASSERT_EQ(0u, request_all->client_certs.size()); |
| 133 EXPECT_TRUE(cert_filter->init_called()); | 124 EXPECT_TRUE(cert_filter->init_called()); |
| 134 } | 125 } |
| 135 cert_filter->FinishInit(); | 126 cert_filter->FinishInit(); |
| 136 run_loop.Run(); | 127 run_loop.Run(); |
| 137 | 128 |
| 138 ASSERT_EQ(1u, selected_certs.size()); | 129 ASSERT_EQ(1u, request_all->client_certs.size()); |
| 139 } | 130 } |
| 140 | 131 |
| 141 // Ensure that cert requests, that are started after the filter was initialized, | 132 // Ensure that cert requests, that are started after the filter was initialized, |
| 142 // will succeed. | 133 // will succeed. |
| 143 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 134 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
| 144 crypto::ScopedTestNSSDB test_db; | 135 crypto::ScopedTestNSSDB test_db; |
| 145 ASSERT_TRUE(test_db.is_open()); | 136 ASSERT_TRUE(test_db.is_open()); |
| 146 | 137 |
| 147 ClientCertStoreChromeOS store( | 138 ClientCertStoreChromeOS store( |
| 148 nullptr, // no additional provider | 139 nullptr, // no additional provider |
| 149 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), | 140 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), |
| 150 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 141 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 151 | 142 |
| 152 scoped_refptr<net::X509Certificate> cert_1( | 143 scoped_refptr<net::X509Certificate> cert_1( |
| 153 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 144 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 154 ASSERT_TRUE(cert_1.get()); | 145 ASSERT_TRUE(cert_1.get()); |
| 155 | 146 |
| 156 scoped_refptr<net::SSLCertRequestInfo> request_all( | 147 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 157 new net::SSLCertRequestInfo()); | 148 new net::SSLCertRequestInfo()); |
| 158 | 149 |
| 159 base::RunLoop run_loop; | 150 base::RunLoop run_loop; |
| 160 net::CertificateList selected_certs; | 151 store.GetClientCerts(*request_all, &request_all->client_certs, |
| 161 store.GetClientCerts(*request_all, | 152 run_loop.QuitClosure()); |
| 162 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
| 163 run_loop.QuitClosure())); | |
| 164 run_loop.Run(); | 153 run_loop.Run(); |
| 165 | 154 |
| 166 ASSERT_EQ(1u, selected_certs.size()); | 155 ASSERT_EQ(1u, request_all->client_certs.size()); |
| 167 } | 156 } |
| 168 | 157 |
| 169 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 158 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
| 170 crypto::ScopedTestNSSDB test_db; | 159 crypto::ScopedTestNSSDB test_db; |
| 171 ASSERT_TRUE(test_db.is_open()); | 160 ASSERT_TRUE(test_db.is_open()); |
| 172 | 161 |
| 173 TestCertFilter* cert_filter = | 162 TestCertFilter* cert_filter = |
| 174 new TestCertFilter(true /* init synchronously */); | 163 new TestCertFilter(true /* init synchronously */); |
| 175 ClientCertStoreChromeOS store( | 164 ClientCertStoreChromeOS store( |
| 176 nullptr /* no additional provider */, base::WrapUnique(cert_filter), | 165 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
| 177 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 166 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
| 178 | 167 |
| 179 scoped_refptr<net::X509Certificate> cert_1( | 168 scoped_refptr<net::X509Certificate> cert_1( |
| 180 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 169 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
| 181 ASSERT_TRUE(cert_1.get()); | 170 ASSERT_TRUE(cert_1.get()); |
| 182 scoped_refptr<net::X509Certificate> cert_2( | 171 scoped_refptr<net::X509Certificate> cert_2( |
| 183 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 172 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
| 184 ASSERT_TRUE(cert_2.get()); | 173 ASSERT_TRUE(cert_2.get()); |
| 185 | 174 |
| 186 scoped_refptr<net::SSLCertRequestInfo> request_all( | 175 scoped_refptr<net::SSLCertRequestInfo> request_all( |
| 187 new net::SSLCertRequestInfo()); | 176 new net::SSLCertRequestInfo()); |
| 188 | 177 |
| 189 { | 178 { |
| 190 base::RunLoop run_loop; | 179 base::RunLoop run_loop; |
| 191 cert_filter->SetNotAllowedCert(cert_2); | 180 cert_filter->SetNotAllowedCert(cert_2); |
| 192 net::CertificateList selected_certs; | 181 net::CertificateList selected_certs; |
| 193 store.GetClientCerts(*request_all, | 182 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); |
| 194 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
| 195 run_loop.QuitClosure())); | |
| 196 run_loop.Run(); | 183 run_loop.Run(); |
| 197 | 184 |
| 198 ASSERT_EQ(1u, selected_certs.size()); | 185 ASSERT_EQ(1u, selected_certs.size()); |
| 199 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 186 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
| 200 } | 187 } |
| 201 | 188 |
| 202 { | 189 { |
| 203 base::RunLoop run_loop; | 190 base::RunLoop run_loop; |
| 204 cert_filter->SetNotAllowedCert(cert_1); | 191 cert_filter->SetNotAllowedCert(cert_1); |
| 205 net::CertificateList selected_certs; | 192 net::CertificateList selected_certs; |
| 206 store.GetClientCerts(*request_all, | 193 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); |
| 207 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
| 208 run_loop.QuitClosure())); | |
| 209 run_loop.Run(); | 194 run_loop.Run(); |
| 210 | 195 |
| 211 ASSERT_EQ(1u, selected_certs.size()); | 196 ASSERT_EQ(1u, selected_certs.size()); |
| 212 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); | 197 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); |
| 213 } | 198 } |
| 214 } | 199 } |
| 215 | 200 |
| 216 // Ensure that the delegation of the request matching to the base class is | 201 // Ensure that the delegation of the request matching to the base class is |
| 217 // functional. | 202 // functional. |
| 218 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 203 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
| (...skipping 15 matching lines...) Expand all Loading... |
| 234 ASSERT_TRUE(cert_2.get()); | 219 ASSERT_TRUE(cert_2.get()); |
| 235 | 220 |
| 236 std::vector<std::string> authority_1( | 221 std::vector<std::string> authority_1( |
| 237 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 222 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
| 238 sizeof(kAuthority1DN))); | 223 sizeof(kAuthority1DN))); |
| 239 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 224 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
| 240 request->cert_authorities = authority_1; | 225 request->cert_authorities = authority_1; |
| 241 | 226 |
| 242 base::RunLoop run_loop; | 227 base::RunLoop run_loop; |
| 243 net::CertificateList selected_certs; | 228 net::CertificateList selected_certs; |
| 244 store.GetClientCerts(*request, | 229 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); |
| 245 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
| 246 run_loop.QuitClosure())); | |
| 247 run_loop.Run(); | 230 run_loop.Run(); |
| 248 | 231 |
| 249 ASSERT_EQ(1u, selected_certs.size()); | 232 ASSERT_EQ(1u, selected_certs.size()); |
| 250 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 233 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
| 251 } | 234 } |
| 252 | 235 |
| 253 } // namespace chromeos | 236 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2848313003:
Revert of Remove client_certs from SSLCertRequestInfo. (Closed)
