Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(179)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/cronet/ios/Cronet.mm

Issue 2928653002: [Cronet-iOS] Public-Key-Pinning Tests (Closed)
Patch Set: Fixed DEPS Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/cronet/ios/Cronet.h ('k') | components/cronet/ios/cronet_environment.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/cronet/ios/Cronet.mm
diff --git a/components/cronet/ios/Cronet.mm b/components/cronet/ios/Cronet.mm
index 567d4085b0bb5b78e7ca38c57d0715181fbf10ec..2b40989d9fb7249dc6a8d01d634cd1d768964be9 100644
--- a/components/cronet/ios/Cronet.mm
+++ b/components/cronet/ios/Cronet.mm
@@ -41,11 +41,13 @@ NSString* gExperimentalOptions = @"{}";
NSString* gUserAgent = nil;
BOOL gUserAgentPartial = NO;
NSString* gSslKeyLogFileName = nil;
+ScopedVector<cronet::URLRequestContextConfig::Pkp> gPkpList = {};
RequestFilterBlock gRequestFilterBlock = nil;
base::LazyInstance<std::unique_ptr<CronetHttpProtocolHandlerDelegate>>::Leaky
gHttpProtocolHandlerDelegate = LAZY_INSTANCE_INITIALIZER;
NSURLCache* gPreservedSharedURLCache = nil;
BOOL gEnableTestCertVerifierForTesting = FALSE;
+std::unique_ptr<net::CertVerifier> gMockCertVerifier;
NSString* gAcceptLanguages = nil;
// CertVerifier, which allows any certificates for testing.
@@ -117,6 +119,9 @@ class CronetHttpProtocolHandlerDelegate
base::MakeUnique<TestCertVerifier>();
cronetEnvironment->set_mock_cert_verifier(std::move(test_cert_verifier));
}
+ if (gMockCertVerifier) {
+ gChromeNet.Get()->set_mock_cert_verifier(std::move(gMockCertVerifier));
+ }
}
+ (NSString*)getAcceptLanguagesFromPreferredLanguages:
@@ -210,6 +215,38 @@ class CronetHttpProtocolHandlerDelegate
gRequestFilterBlock = block;
}
++ (BOOL)addPublicKeyPinsForHost:(NSString*)host
+ pinHashes:(NSSet<NSData*>*)pinHashes
+ includeSubdomains:(BOOL)includeSubdomains
+ expirationDate:(NSDate*)expirationDate
+ error:(NSError**)outError {
+ [self checkNotStarted];
+
+ auto pkp = base::MakeUnique<cronet::URLRequestContextConfig::Pkp>(
+ base::SysNSStringToUTF8(host), includeSubdomains,
+ base::Time::FromCFAbsoluteTime(
+ [expirationDate timeIntervalSinceReferenceDate]));
+
+ for (NSData* hash in pinHashes) {
+ net::SHA256HashValue hashValue = net::SHA256HashValue();
+ if (sizeof(hashValue.data) != hash.length) {
+ *outError =
+ [self createIllegalArgumentErrorWithArgument:@"pinHashes"
+ reason:
+ @"The length of PKP SHA256 "
+ @"hash should be 256 bits"];
+ return NO;
+ }
+ memcpy((void*)(hashValue.data), [hash bytes], sizeof(hashValue.data));
+ pkp->pin_hashes.push_back(net::HashValue(hashValue));
+ }
+ gPkpList.push_back(std::move(pkp));
+ if (outError) {
+ *outError = nil;
+ }
+ return YES;
+}
+
+ (void)startInternal {
std::string user_agent = base::SysNSStringToUTF8(gUserAgent);
@@ -226,6 +263,7 @@ class CronetHttpProtocolHandlerDelegate
gChromeNet.Get()->set_http_cache(gHttpCache);
gChromeNet.Get()->set_ssl_key_log_file_name(
base::SysNSStringToUTF8(gSslKeyLogFileName));
+ gChromeNet.Get()->set_pkp_list(std::move(gPkpList));
for (const auto* quicHint : gQuicHints) {
gChromeNet.Get()->AddQuicHint(quicHint->host, quicHint->port,
quicHint->alternate_port);
@@ -339,6 +377,11 @@ class CronetHttpProtocolHandlerDelegate
gEnableTestCertVerifierForTesting = YES;
}
++ (void)setMockCertVerifierForTesting:
+ (std::unique_ptr<net::CertVerifier>)certVerifier {
+ gMockCertVerifier = std::move(certVerifier);
+}
+
+ (void)setHostResolverRulesForTesting:(NSString*)hostResolverRulesForTesting {
DCHECK(gChromeNet.Get().get());
gChromeNet.Get()->SetHostResolverRules(
@@ -351,4 +394,26 @@ class CronetHttpProtocolHandlerDelegate
bidirectional_stream_create(NULL, 0, 0);
}
++ (NSError*)createIllegalArgumentErrorWithArgument:(NSString*)argumentName
+ reason:(NSString*)reason {
+ NSMutableDictionary* errorDictionary =
+ [[NSMutableDictionary alloc] initWithDictionary:@{
+ NSLocalizedDescriptionKey :
+ [NSString stringWithFormat:@"Invalid argument: %@", argumentName],
+ CRNInvalidArgumentKey : argumentName
+ }];
+ if (reason) {
+ errorDictionary[NSLocalizedFailureReasonErrorKey] = reason;
+ }
+ return [self createCronetErrorWith:CRNErrorInvalidArgument
+ userInfo:errorDictionary];
+}
+
++ (NSError*)createCronetErrorWith:(int)errorCode
+ userInfo:(NSDictionary*)userInfo {
+ return [NSError errorWithDomain:CRNCronetErrorDomain
+ code:errorCode
+ userInfo:userInfo];
+}
+
@end
« no previous file with comments | « components/cronet/ios/Cronet.h ('k') | components/cronet/ios/cronet_environment.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698