OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" | 5 #include "chrome/browser/chromeos/net/client_cert_store_chromeos.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
66 not_allowed_cert_ = cert; | 66 not_allowed_cert_ = cert; |
67 } | 67 } |
68 | 68 |
69 private: | 69 private: |
70 bool init_finished_; | 70 bool init_finished_; |
71 bool init_called_ = false; | 71 bool init_called_ = false; |
72 base::Closure pending_callback_; | 72 base::Closure pending_callback_; |
73 scoped_refptr<net::X509Certificate> not_allowed_cert_; | 73 scoped_refptr<net::X509Certificate> not_allowed_cert_; |
74 }; | 74 }; |
75 | 75 |
76 void SaveCertsAndQuitCallback(net::CertificateList* out_certs, | |
77 base::Closure quit_closure, | |
78 net::CertificateList in_certs) { | |
79 *out_certs = std::move(in_certs); | |
80 quit_closure.Run(); | |
81 } | |
82 | |
83 } // namespace | 76 } // namespace |
84 | 77 |
85 class ClientCertStoreChromeOSTest : public ::testing::Test { | 78 class ClientCertStoreChromeOSTest : public ::testing::Test { |
86 public: | 79 public: |
87 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} | 80 ClientCertStoreChromeOSTest() : message_loop_(new base::MessageLoopForIO()) {} |
88 | 81 |
89 scoped_refptr<net::X509Certificate> ImportCertToSlot( | 82 scoped_refptr<net::X509Certificate> ImportCertToSlot( |
90 const std::string& cert_filename, | 83 const std::string& cert_filename, |
91 const std::string& key_filename, | 84 const std::string& key_filename, |
92 PK11SlotInfo* slot) { | 85 PK11SlotInfo* slot) { |
(...skipping 18 matching lines...) Expand all Loading... |
111 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 104 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
112 | 105 |
113 scoped_refptr<net::X509Certificate> cert_1( | 106 scoped_refptr<net::X509Certificate> cert_1( |
114 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 107 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
115 ASSERT_TRUE(cert_1.get()); | 108 ASSERT_TRUE(cert_1.get()); |
116 | 109 |
117 // Request any client certificate, which is expected to match client_1. | 110 // Request any client certificate, which is expected to match client_1. |
118 scoped_refptr<net::SSLCertRequestInfo> request_all( | 111 scoped_refptr<net::SSLCertRequestInfo> request_all( |
119 new net::SSLCertRequestInfo()); | 112 new net::SSLCertRequestInfo()); |
120 | 113 |
121 net::CertificateList selected_certs; | |
122 base::RunLoop run_loop; | 114 base::RunLoop run_loop; |
123 store.GetClientCerts(*request_all, | 115 store.GetClientCerts(*request_all, &request_all->client_certs, |
124 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | 116 run_loop.QuitClosure()); |
125 run_loop.QuitClosure())); | |
126 | 117 |
127 { | 118 { |
128 base::RunLoop run_loop_inner; | 119 base::RunLoop run_loop_inner; |
129 run_loop_inner.RunUntilIdle(); | 120 run_loop_inner.RunUntilIdle(); |
130 // GetClientCerts should wait for the initialization of the filter to | 121 // GetClientCerts should wait for the initialization of the filter to |
131 // finish. | 122 // finish. |
132 ASSERT_EQ(0u, selected_certs.size()); | 123 ASSERT_EQ(0u, request_all->client_certs.size()); |
133 EXPECT_TRUE(cert_filter->init_called()); | 124 EXPECT_TRUE(cert_filter->init_called()); |
134 } | 125 } |
135 cert_filter->FinishInit(); | 126 cert_filter->FinishInit(); |
136 run_loop.Run(); | 127 run_loop.Run(); |
137 | 128 |
138 ASSERT_EQ(1u, selected_certs.size()); | 129 ASSERT_EQ(1u, request_all->client_certs.size()); |
139 } | 130 } |
140 | 131 |
141 // Ensure that cert requests, that are started after the filter was initialized, | 132 // Ensure that cert requests, that are started after the filter was initialized, |
142 // will succeed. | 133 // will succeed. |
143 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { | 134 TEST_F(ClientCertStoreChromeOSTest, RequestsAfterNSSInitSucceed) { |
144 crypto::ScopedTestNSSDB test_db; | 135 crypto::ScopedTestNSSDB test_db; |
145 ASSERT_TRUE(test_db.is_open()); | 136 ASSERT_TRUE(test_db.is_open()); |
146 | 137 |
147 ClientCertStoreChromeOS store( | 138 ClientCertStoreChromeOS store( |
148 nullptr, // no additional provider | 139 nullptr, // no additional provider |
149 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), | 140 base::WrapUnique(new TestCertFilter(true /* init synchronously */)), |
150 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 141 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
151 | 142 |
152 scoped_refptr<net::X509Certificate> cert_1( | 143 scoped_refptr<net::X509Certificate> cert_1( |
153 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 144 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
154 ASSERT_TRUE(cert_1.get()); | 145 ASSERT_TRUE(cert_1.get()); |
155 | 146 |
156 scoped_refptr<net::SSLCertRequestInfo> request_all( | 147 scoped_refptr<net::SSLCertRequestInfo> request_all( |
157 new net::SSLCertRequestInfo()); | 148 new net::SSLCertRequestInfo()); |
158 | 149 |
159 base::RunLoop run_loop; | 150 base::RunLoop run_loop; |
160 net::CertificateList selected_certs; | 151 store.GetClientCerts(*request_all, &request_all->client_certs, |
161 store.GetClientCerts(*request_all, | 152 run_loop.QuitClosure()); |
162 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
163 run_loop.QuitClosure())); | |
164 run_loop.Run(); | 153 run_loop.Run(); |
165 | 154 |
166 ASSERT_EQ(1u, selected_certs.size()); | 155 ASSERT_EQ(1u, request_all->client_certs.size()); |
167 } | 156 } |
168 | 157 |
169 TEST_F(ClientCertStoreChromeOSTest, Filter) { | 158 TEST_F(ClientCertStoreChromeOSTest, Filter) { |
170 crypto::ScopedTestNSSDB test_db; | 159 crypto::ScopedTestNSSDB test_db; |
171 ASSERT_TRUE(test_db.is_open()); | 160 ASSERT_TRUE(test_db.is_open()); |
172 | 161 |
173 TestCertFilter* cert_filter = | 162 TestCertFilter* cert_filter = |
174 new TestCertFilter(true /* init synchronously */); | 163 new TestCertFilter(true /* init synchronously */); |
175 ClientCertStoreChromeOS store( | 164 ClientCertStoreChromeOS store( |
176 nullptr /* no additional provider */, base::WrapUnique(cert_filter), | 165 nullptr /* no additional provider */, base::WrapUnique(cert_filter), |
177 ClientCertStoreChromeOS::PasswordDelegateFactory()); | 166 ClientCertStoreChromeOS::PasswordDelegateFactory()); |
178 | 167 |
179 scoped_refptr<net::X509Certificate> cert_1( | 168 scoped_refptr<net::X509Certificate> cert_1( |
180 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); | 169 ImportCertToSlot("client_1.pem", "client_1.pk8", test_db.slot())); |
181 ASSERT_TRUE(cert_1.get()); | 170 ASSERT_TRUE(cert_1.get()); |
182 scoped_refptr<net::X509Certificate> cert_2( | 171 scoped_refptr<net::X509Certificate> cert_2( |
183 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); | 172 ImportCertToSlot("client_2.pem", "client_2.pk8", test_db.slot())); |
184 ASSERT_TRUE(cert_2.get()); | 173 ASSERT_TRUE(cert_2.get()); |
185 | 174 |
186 scoped_refptr<net::SSLCertRequestInfo> request_all( | 175 scoped_refptr<net::SSLCertRequestInfo> request_all( |
187 new net::SSLCertRequestInfo()); | 176 new net::SSLCertRequestInfo()); |
188 | 177 |
189 { | 178 { |
190 base::RunLoop run_loop; | 179 base::RunLoop run_loop; |
191 cert_filter->SetNotAllowedCert(cert_2); | 180 cert_filter->SetNotAllowedCert(cert_2); |
192 net::CertificateList selected_certs; | 181 net::CertificateList selected_certs; |
193 store.GetClientCerts(*request_all, | 182 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); |
194 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
195 run_loop.QuitClosure())); | |
196 run_loop.Run(); | 183 run_loop.Run(); |
197 | 184 |
198 ASSERT_EQ(1u, selected_certs.size()); | 185 ASSERT_EQ(1u, selected_certs.size()); |
199 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 186 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
200 } | 187 } |
201 | 188 |
202 { | 189 { |
203 base::RunLoop run_loop; | 190 base::RunLoop run_loop; |
204 cert_filter->SetNotAllowedCert(cert_1); | 191 cert_filter->SetNotAllowedCert(cert_1); |
205 net::CertificateList selected_certs; | 192 net::CertificateList selected_certs; |
206 store.GetClientCerts(*request_all, | 193 store.GetClientCerts(*request_all, &selected_certs, run_loop.QuitClosure()); |
207 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
208 run_loop.QuitClosure())); | |
209 run_loop.Run(); | 194 run_loop.Run(); |
210 | 195 |
211 ASSERT_EQ(1u, selected_certs.size()); | 196 ASSERT_EQ(1u, selected_certs.size()); |
212 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); | 197 EXPECT_TRUE(cert_2->Equals(selected_certs[0].get())); |
213 } | 198 } |
214 } | 199 } |
215 | 200 |
216 // Ensure that the delegation of the request matching to the base class is | 201 // Ensure that the delegation of the request matching to the base class is |
217 // functional. | 202 // functional. |
218 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { | 203 TEST_F(ClientCertStoreChromeOSTest, CertRequestMatching) { |
(...skipping 15 matching lines...) Expand all Loading... |
234 ASSERT_TRUE(cert_2.get()); | 219 ASSERT_TRUE(cert_2.get()); |
235 | 220 |
236 std::vector<std::string> authority_1( | 221 std::vector<std::string> authority_1( |
237 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 222 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
238 sizeof(kAuthority1DN))); | 223 sizeof(kAuthority1DN))); |
239 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); | 224 scoped_refptr<net::SSLCertRequestInfo> request(new net::SSLCertRequestInfo()); |
240 request->cert_authorities = authority_1; | 225 request->cert_authorities = authority_1; |
241 | 226 |
242 base::RunLoop run_loop; | 227 base::RunLoop run_loop; |
243 net::CertificateList selected_certs; | 228 net::CertificateList selected_certs; |
244 store.GetClientCerts(*request, | 229 store.GetClientCerts(*request, &selected_certs, run_loop.QuitClosure()); |
245 base::Bind(SaveCertsAndQuitCallback, &selected_certs, | |
246 run_loop.QuitClosure())); | |
247 run_loop.Run(); | 230 run_loop.Run(); |
248 | 231 |
249 ASSERT_EQ(1u, selected_certs.size()); | 232 ASSERT_EQ(1u, selected_certs.size()); |
250 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); | 233 EXPECT_TRUE(cert_1->Equals(selected_certs[0].get())); |
251 } | 234 } |
252 | 235 |
253 } // namespace chromeos | 236 } // namespace chromeos |
OLD | NEW |