| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/files/scoped_temp_dir.h" | 7 #include "base/files/scoped_temp_dir.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/memory/scoped_vector.h" | 9 #include "base/memory/scoped_vector.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 11 #include "base/run_loop.h" | 11 #include "base/run_loop.h" |
| 12 #include "base/stl_util.h" | 12 #include "base/stl_util.h" |
| 13 #include "chrome/browser/net/sqlite_server_bound_cert_store.h" | |
| 14 #include "chrome/common/chrome_constants.h" | |
| 15 #include "content/public/test/mock_special_storage_policy.h" | |
| 16 #include "content/public/test/test_browser_thread_bundle.h" | |
| 17 #include "net/base/test_data_directory.h" | 13 #include "net/base/test_data_directory.h" |
| 14 #include "net/sqlite/special_storage_policy_delegate.h" |
| 15 #include "net/sqlite/sqlite_server_bound_cert_store.h" |
| 18 #include "net/ssl/ssl_client_cert_type.h" | 16 #include "net/ssl/ssl_client_cert_type.h" |
| 19 #include "net/test/cert_test_util.h" | 17 #include "net/test/cert_test_util.h" |
| 20 #include "sql/statement.h" | 18 #include "sql/statement.h" |
| 21 #include "testing/gtest/include/gtest/gtest.h" | 19 #include "testing/gtest/include/gtest/gtest.h" |
| 22 | 20 |
| 21 namespace net { |
| 22 |
| 23 const base::FilePath::CharType kTestOBCertFilename[] = |
| 24 FILE_PATH_LITERAL("Origin Bound Certs"); |
| 25 |
| 23 class SQLiteServerBoundCertStoreTest : public testing::Test { | 26 class SQLiteServerBoundCertStoreTest : public testing::Test { |
| 24 public: | 27 public: |
| 25 void Load( | 28 void Load( |
| 26 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert>* certs) { | 29 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert>* certs) { |
| 27 base::RunLoop run_loop; | 30 base::RunLoop run_loop; |
| 28 store_->Load(base::Bind(&SQLiteServerBoundCertStoreTest::OnLoaded, | 31 store_->Load(base::Bind(&SQLiteServerBoundCertStoreTest::OnLoaded, |
| 29 base::Unretained(this), | 32 base::Unretained(this), |
| 30 &run_loop)); | 33 &run_loop)); |
| 31 run_loop.Run(); | 34 run_loop.Run(); |
| 32 certs->swap(certs_); | 35 certs->swap(certs_); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 69 exploded_time.hour = 2; | 72 exploded_time.hour = 2; |
| 70 exploded_time.minute = 23; | 73 exploded_time.minute = 23; |
| 71 exploded_time.second = 45; | 74 exploded_time.second = 45; |
| 72 exploded_time.millisecond = 0; | 75 exploded_time.millisecond = 0; |
| 73 return base::Time::FromUTCExploded(exploded_time); | 76 return base::Time::FromUTCExploded(exploded_time); |
| 74 } | 77 } |
| 75 | 78 |
| 76 virtual void SetUp() { | 79 virtual void SetUp() { |
| 77 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); | 80 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
| 78 store_ = new SQLiteServerBoundCertStore( | 81 store_ = new SQLiteServerBoundCertStore( |
| 79 temp_dir_.path().Append(chrome::kOBCertFilename), | 82 temp_dir_.path().Append(kTestOBCertFilename), |
| 80 base::MessageLoopProxy::current(), | 83 base::MessageLoopProxy::current(), |
| 81 NULL); | 84 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 82 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 85 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 83 Load(&certs); | 86 Load(&certs); |
| 84 ASSERT_EQ(0u, certs.size()); | 87 ASSERT_EQ(0u, certs.size()); |
| 85 // Make sure the store gets written at least once. | 88 // Make sure the store gets written at least once. |
| 86 store_->AddServerBoundCert( | 89 store_->AddServerBoundCert( |
| 87 net::DefaultServerBoundCertStore::ServerBoundCert( | 90 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 88 "google.com", | 91 "google.com", |
| 89 base::Time::FromInternalValue(1), | 92 base::Time::FromInternalValue(1), |
| 90 base::Time::FromInternalValue(2), | 93 base::Time::FromInternalValue(2), |
| 91 "a", "b")); | 94 "a", "b")); |
| 92 } | 95 } |
| 93 | 96 |
| 94 content::TestBrowserThreadBundle thread_bundle_; | |
| 95 base::ScopedTempDir temp_dir_; | 97 base::ScopedTempDir temp_dir_; |
| 96 scoped_refptr<SQLiteServerBoundCertStore> store_; | 98 scoped_refptr<SQLiteServerBoundCertStore> store_; |
| 97 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs_; | 99 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs_; |
| 98 }; | 100 }; |
| 99 | 101 |
| 100 // Test if data is stored as expected in the SQLite database. | 102 // Test if data is stored as expected in the SQLite database. |
| 101 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { | 103 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { |
| 102 store_->AddServerBoundCert( | 104 store_->AddServerBoundCert( |
| 103 net::DefaultServerBoundCertStore::ServerBoundCert( | 105 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 104 "foo.com", | 106 "foo.com", |
| 105 base::Time::FromInternalValue(3), | 107 base::Time::FromInternalValue(3), |
| 106 base::Time::FromInternalValue(4), | 108 base::Time::FromInternalValue(4), |
| 107 "c", "d")); | 109 "c", "d")); |
| 108 | 110 |
| 109 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 111 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 110 // Replace the store effectively destroying the current one and forcing it | 112 // Replace the store effectively destroying the current one and forcing it |
| 111 // to write its data to disk. Then we can see if after loading it again it | 113 // to write its data to disk. Then we can see if after loading it again it |
| 112 // is still there. | 114 // is still there. |
| 113 store_ = NULL; | 115 store_ = NULL; |
| 114 // Make sure we wait until the destructor has run. | 116 // Make sure we wait until the destructor has run. |
| 115 base::RunLoop().RunUntilIdle(); | 117 base::RunLoop().RunUntilIdle(); |
| 116 store_ = new SQLiteServerBoundCertStore( | 118 store_ = new SQLiteServerBoundCertStore( |
| 117 temp_dir_.path().Append(chrome::kOBCertFilename), | 119 temp_dir_.path().Append(kTestOBCertFilename), |
| 118 base::MessageLoopProxy::current(), | 120 base::MessageLoopProxy::current(), |
| 119 NULL); | 121 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 120 | 122 |
| 121 // Reload and test for persistence | 123 // Reload and test for persistence |
| 122 Load(&certs); | 124 Load(&certs); |
| 123 ASSERT_EQ(2U, certs.size()); | 125 ASSERT_EQ(2U, certs.size()); |
| 124 net::DefaultServerBoundCertStore::ServerBoundCert* goog_cert; | 126 net::DefaultServerBoundCertStore::ServerBoundCert* goog_cert; |
| 125 net::DefaultServerBoundCertStore::ServerBoundCert* foo_cert; | 127 net::DefaultServerBoundCertStore::ServerBoundCert* foo_cert; |
| 126 if (certs[0]->server_identifier() == "google.com") { | 128 if (certs[0]->server_identifier() == "google.com") { |
| 127 goog_cert = certs[0]; | 129 goog_cert = certs[0]; |
| 128 foo_cert = certs[1]; | 130 foo_cert = certs[1]; |
| 129 } else { | 131 } else { |
| (...skipping 12 matching lines...) Expand all Loading... |
| 142 ASSERT_EQ(4, foo_cert->expiration_time().ToInternalValue()); | 144 ASSERT_EQ(4, foo_cert->expiration_time().ToInternalValue()); |
| 143 | 145 |
| 144 // Now delete the cert and check persistence again. | 146 // Now delete the cert and check persistence again. |
| 145 store_->DeleteServerBoundCert(*certs[0]); | 147 store_->DeleteServerBoundCert(*certs[0]); |
| 146 store_->DeleteServerBoundCert(*certs[1]); | 148 store_->DeleteServerBoundCert(*certs[1]); |
| 147 store_ = NULL; | 149 store_ = NULL; |
| 148 // Make sure we wait until the destructor has run. | 150 // Make sure we wait until the destructor has run. |
| 149 base::RunLoop().RunUntilIdle(); | 151 base::RunLoop().RunUntilIdle(); |
| 150 certs.clear(); | 152 certs.clear(); |
| 151 store_ = new SQLiteServerBoundCertStore( | 153 store_ = new SQLiteServerBoundCertStore( |
| 152 temp_dir_.path().Append(chrome::kOBCertFilename), | 154 temp_dir_.path().Append(kTestOBCertFilename), |
| 153 base::MessageLoopProxy::current(), | 155 base::MessageLoopProxy::current(), |
| 154 NULL); | 156 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 155 | 157 |
| 156 // Reload and check if the cert has been removed. | 158 // Reload and check if the cert has been removed. |
| 157 Load(&certs); | 159 Load(&certs); |
| 158 ASSERT_EQ(0U, certs.size()); | 160 ASSERT_EQ(0U, certs.size()); |
| 159 } | 161 } |
| 160 | 162 |
| 161 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { | 163 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { |
| 162 // Reset the store. We'll be using a different database for this test. | 164 // Reset the store. We'll be using a different database for this test. |
| 163 store_ = NULL; | 165 store_ = NULL; |
| 164 | 166 |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 196 } | 198 } |
| 197 | 199 |
| 198 // Load and test the DB contents twice. First time ensures that we can use | 200 // Load and test the DB contents twice. First time ensures that we can use |
| 199 // the updated values immediately. Second time ensures that the updated | 201 // the updated values immediately. Second time ensures that the updated |
| 200 // values are stored and read correctly on next load. | 202 // values are stored and read correctly on next load. |
| 201 for (int i = 0; i < 2; ++i) { | 203 for (int i = 0; i < 2; ++i) { |
| 202 SCOPED_TRACE(i); | 204 SCOPED_TRACE(i); |
| 203 | 205 |
| 204 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 206 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 205 store_ = new SQLiteServerBoundCertStore( | 207 store_ = new SQLiteServerBoundCertStore( |
| 206 v1_db_path, base::MessageLoopProxy::current(), NULL); | 208 v1_db_path, base::MessageLoopProxy::current(), |
| 209 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 207 | 210 |
| 208 // Load the database. Because the existing v1 certs are implicitly of type | 211 // Load the database. Because the existing v1 certs are implicitly of type |
| 209 // RSA, which is unsupported, they're discarded. | 212 // RSA, which is unsupported, they're discarded. |
| 210 Load(&certs); | 213 Load(&certs); |
| 211 ASSERT_EQ(0U, certs.size()); | 214 ASSERT_EQ(0U, certs.size()); |
| 212 | 215 |
| 213 store_ = NULL; | 216 store_ = NULL; |
| 214 base::RunLoop().RunUntilIdle(); | 217 base::RunLoop().RunUntilIdle(); |
| 215 | 218 |
| 216 // Verify the database version is updated. | 219 // Verify the database version is updated. |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 268 } | 271 } |
| 269 | 272 |
| 270 // Load and test the DB contents twice. First time ensures that we can use | 273 // Load and test the DB contents twice. First time ensures that we can use |
| 271 // the updated values immediately. Second time ensures that the updated | 274 // the updated values immediately. Second time ensures that the updated |
| 272 // values are saved and read correctly on next load. | 275 // values are saved and read correctly on next load. |
| 273 for (int i = 0; i < 2; ++i) { | 276 for (int i = 0; i < 2; ++i) { |
| 274 SCOPED_TRACE(i); | 277 SCOPED_TRACE(i); |
| 275 | 278 |
| 276 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 279 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 277 store_ = new SQLiteServerBoundCertStore( | 280 store_ = new SQLiteServerBoundCertStore( |
| 278 v2_db_path, base::MessageLoopProxy::current(), NULL); | 281 v2_db_path, base::MessageLoopProxy::current(), |
| 282 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 279 | 283 |
| 280 // Load the database and ensure the certs can be read. | 284 // Load the database and ensure the certs can be read. |
| 281 Load(&certs); | 285 Load(&certs); |
| 282 ASSERT_EQ(2U, certs.size()); | 286 ASSERT_EQ(2U, certs.size()); |
| 283 | 287 |
| 284 ASSERT_EQ("google.com", certs[0]->server_identifier()); | 288 ASSERT_EQ("google.com", certs[0]->server_identifier()); |
| 285 ASSERT_EQ(GetTestCertExpirationTime(), | 289 ASSERT_EQ(GetTestCertExpirationTime(), |
| 286 certs[0]->expiration_time()); | 290 certs[0]->expiration_time()); |
| 287 ASSERT_EQ(key_data, certs[0]->private_key()); | 291 ASSERT_EQ(key_data, certs[0]->private_key()); |
| 288 ASSERT_EQ(cert_data, certs[0]->cert()); | 292 ASSERT_EQ(cert_data, certs[0]->cert()); |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 354 } | 358 } |
| 355 | 359 |
| 356 // Load and test the DB contents twice. First time ensures that we can use | 360 // Load and test the DB contents twice. First time ensures that we can use |
| 357 // the updated values immediately. Second time ensures that the updated | 361 // the updated values immediately. Second time ensures that the updated |
| 358 // values are saved and read correctly on next load. | 362 // values are saved and read correctly on next load. |
| 359 for (int i = 0; i < 2; ++i) { | 363 for (int i = 0; i < 2; ++i) { |
| 360 SCOPED_TRACE(i); | 364 SCOPED_TRACE(i); |
| 361 | 365 |
| 362 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 366 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 363 store_ = new SQLiteServerBoundCertStore( | 367 store_ = new SQLiteServerBoundCertStore( |
| 364 v3_db_path, base::MessageLoopProxy::current(), NULL); | 368 v3_db_path, base::MessageLoopProxy::current(), |
| 369 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 365 | 370 |
| 366 // Load the database and ensure the certs can be read. | 371 // Load the database and ensure the certs can be read. |
| 367 Load(&certs); | 372 Load(&certs); |
| 368 ASSERT_EQ(2U, certs.size()); | 373 ASSERT_EQ(2U, certs.size()); |
| 369 | 374 |
| 370 ASSERT_EQ("google.com", certs[0]->server_identifier()); | 375 ASSERT_EQ("google.com", certs[0]->server_identifier()); |
| 371 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); | 376 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); |
| 372 ASSERT_EQ(GetTestCertCreationTime(), | 377 ASSERT_EQ(GetTestCertCreationTime(), |
| 373 certs[0]->creation_time()); | 378 certs[0]->creation_time()); |
| 374 ASSERT_EQ(key_data, certs[0]->private_key()); | 379 ASSERT_EQ(key_data, certs[0]->private_key()); |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 447 add_smt.BindBlob(1, key_data.data(), key_data.size()); | 452 add_smt.BindBlob(1, key_data.data(), key_data.size()); |
| 448 add_smt.BindBlob(2, cert_data.data(), cert_data.size()); | 453 add_smt.BindBlob(2, cert_data.data(), cert_data.size()); |
| 449 add_smt.BindInt64(3, 1); | 454 add_smt.BindInt64(3, 1); |
| 450 add_smt.BindInt64(4, GetTestCertExpirationTime().ToInternalValue()); | 455 add_smt.BindInt64(4, GetTestCertExpirationTime().ToInternalValue()); |
| 451 add_smt.BindInt64(5, base::Time::Now().ToInternalValue()); | 456 add_smt.BindInt64(5, base::Time::Now().ToInternalValue()); |
| 452 ASSERT_TRUE(add_smt.Run()); | 457 ASSERT_TRUE(add_smt.Run()); |
| 453 } | 458 } |
| 454 | 459 |
| 455 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 460 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 456 store_ = new SQLiteServerBoundCertStore( | 461 store_ = new SQLiteServerBoundCertStore( |
| 457 v4_db_path, base::MessageLoopProxy::current(), NULL); | 462 v4_db_path, base::MessageLoopProxy::current(), |
| 463 scoped_ptr<SpecialStoragePolicyDelegate>()); |
| 458 | 464 |
| 459 // Load the database and ensure the certs can be read. | 465 // Load the database and ensure the certs can be read. |
| 460 Load(&certs); | 466 Load(&certs); |
| 461 // Only the ECDSA cert (for google.com) is read, the RSA one is discarded. | 467 // Only the ECDSA cert (for google.com) is read, the RSA one is discarded. |
| 462 ASSERT_EQ(1U, certs.size()); | 468 ASSERT_EQ(1U, certs.size()); |
| 463 | 469 |
| 464 ASSERT_EQ("google.com", certs[0]->server_identifier()); | 470 ASSERT_EQ("google.com", certs[0]->server_identifier()); |
| 465 ASSERT_EQ(GetTestCertExpirationTime(), | 471 ASSERT_EQ(GetTestCertExpirationTime(), |
| 466 certs[0]->expiration_time()); | 472 certs[0]->expiration_time()); |
| 467 ASSERT_EQ(key_data, certs[0]->private_key()); | 473 ASSERT_EQ(key_data, certs[0]->private_key()); |
| 468 ASSERT_EQ(cert_data, certs[0]->cert()); | 474 ASSERT_EQ(cert_data, certs[0]->cert()); |
| 469 | 475 |
| 470 store_ = NULL; | 476 store_ = NULL; |
| 471 // Make sure we wait until the destructor has run. | 477 // Make sure we wait until the destructor has run. |
| 472 base::RunLoop().RunUntilIdle(); | 478 base::RunLoop().RunUntilIdle(); |
| 473 } | 479 } |
| 480 |
| 481 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 381073002:
Move sqlite_channel_id_store from chrome/browser/net to net/extras. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master