| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/keygen_handler.h" | 5 #include "net/base/keygen_handler.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/location.h" | 11 #include "base/location.h" |
| 12 #include "base/logging.h" | 12 #include "base/logging.h" |
| 13 #include "base/threading/worker_pool.h" | 13 #include "base/threading/worker_pool.h" |
| 14 #include "base/threading/thread_restrictions.h" | 14 #include "base/threading/thread_restrictions.h" |
| 15 #include "base/synchronization/waitable_event.h" | 15 #include "base/synchronization/waitable_event.h" |
| 16 #include "build/build_config.h" | 16 #include "build/build_config.h" |
| 17 #include "crypto/nss_util.h" | |
| 18 #include "testing/gtest/include/gtest/gtest.h" | 17 #include "testing/gtest/include/gtest/gtest.h" |
| 19 | 18 |
| 20 #if defined(USE_NSS) | 19 #if defined(USE_NSS) |
| 21 #include <private/pprthred.h> // PR_DetachThread | 20 #include <private/pprthred.h> // PR_DetachThread |
| 21 #include "crypto/nss_crypto_module_delegate.h" |
| 22 #include "crypto/nss_util.h" |
| 23 #include "crypto/nss_util_internal.h" |
| 22 #endif | 24 #endif |
| 23 | 25 |
| 24 namespace net { | 26 namespace net { |
| 25 | 27 |
| 26 namespace { | 28 namespace { |
| 27 | 29 |
| 30 #if defined(USE_NSS) |
| 31 class StubCryptoModuleDelegate : public crypto::NSSCryptoModuleDelegate { |
| 32 public: |
| 33 explicit StubCryptoModuleDelegate(crypto::ScopedPK11Slot slot) |
| 34 : slot_(slot.Pass()) {} |
| 35 |
| 36 virtual std::string RequestPassword(const std::string& slot_name, |
| 37 bool retry, |
| 38 bool* cancelled) OVERRIDE{ |
| 39 return std::string(); |
| 40 } |
| 41 |
| 42 virtual crypto::ScopedPK11Slot RequestSlot() OVERRIDE { |
| 43 return crypto::ScopedPK11Slot(PK11_ReferenceSlot(slot_.get())); |
| 44 } |
| 45 |
| 46 private: |
| 47 crypto::ScopedPK11Slot slot_; |
| 48 }; |
| 49 #endif |
| 50 |
| 28 class KeygenHandlerTest : public ::testing::Test { | 51 class KeygenHandlerTest : public ::testing::Test { |
| 29 public: | 52 public: |
| 30 KeygenHandlerTest() {} | 53 KeygenHandlerTest() {} |
| 31 virtual ~KeygenHandlerTest() {} | 54 virtual ~KeygenHandlerTest() {} |
| 32 | 55 |
| 56 scoped_ptr<KeygenHandler> CreateKeygenHandler() { |
| 57 scoped_ptr<KeygenHandler> handler(new KeygenHandler( |
| 58 768, "some challenge", GURL("http://www.example.com"))); |
| 59 #if defined(USE_NSS) |
| 60 handler->set_crypto_module_delegate( |
| 61 scoped_ptr<crypto::NSSCryptoModuleDelegate>( |
| 62 new StubCryptoModuleDelegate( |
| 63 crypto::ScopedPK11Slot(crypto::GetPersistentNSSKeySlot())))); |
| 64 #endif |
| 65 return handler.Pass(); |
| 66 } |
| 67 |
| 33 private: | 68 private: |
| 34 #if defined(OS_CHROMEOS) && defined(USE_NSS) | 69 #if defined(USE_NSS) |
| 35 crypto::ScopedTestNSSDB test_nss_db_; | 70 crypto::ScopedTestNSSDB test_nss_db_; |
| 36 #endif | 71 #endif |
| 37 }; | 72 }; |
| 38 | 73 |
| 39 // Assert that |result| is a valid output for KeygenHandler given challenge | 74 // Assert that |result| is a valid output for KeygenHandler given challenge |
| 40 // string of |challenge|. | 75 // string of |challenge|. |
| 41 void AssertValidSignedPublicKeyAndChallenge(const std::string& result, | 76 void AssertValidSignedPublicKeyAndChallenge(const std::string& result, |
| 42 const std::string& challenge) { | 77 const std::string& challenge) { |
| 43 ASSERT_GT(result.length(), 0U); | 78 ASSERT_GT(result.length(), 0U); |
| 44 | 79 |
| (...skipping 21 matching lines...) Expand all Loading... |
| 66 // Challenge String: some challenge | 101 // Challenge String: some challenge |
| 67 // Signature Algorithm: md5WithRSAEncryption | 102 // Signature Algorithm: md5WithRSAEncryption |
| 68 // 92:f3:cc:ff:0b:d3:d0:4a:3a:4c:ba:ff:d6:38:7f:a5:4b:b5: ..... | 103 // 92:f3:cc:ff:0b:d3:d0:4a:3a:4c:ba:ff:d6:38:7f:a5:4b:b5: ..... |
| 69 // Signature OK | 104 // Signature OK |
| 70 // | 105 // |
| 71 // The value of |spkac| can be ASN.1-parsed with: | 106 // The value of |spkac| can be ASN.1-parsed with: |
| 72 // openssl asn1parse -inform DER | 107 // openssl asn1parse -inform DER |
| 73 } | 108 } |
| 74 | 109 |
| 75 TEST_F(KeygenHandlerTest, SmokeTest) { | 110 TEST_F(KeygenHandlerTest, SmokeTest) { |
| 76 KeygenHandler handler(768, "some challenge", GURL("http://www.example.com")); | 111 scoped_ptr<KeygenHandler> handler(CreateKeygenHandler()); |
| 77 handler.set_stores_key(false); // Don't leave the key-pair behind | 112 handler->set_stores_key(false); // Don't leave the key-pair behind |
| 78 std::string result = handler.GenKeyAndSignChallenge(); | 113 std::string result = handler->GenKeyAndSignChallenge(); |
| 79 VLOG(1) << "KeygenHandler produced: " << result; | 114 VLOG(1) << "KeygenHandler produced: " << result; |
| 80 AssertValidSignedPublicKeyAndChallenge(result, "some challenge"); | 115 AssertValidSignedPublicKeyAndChallenge(result, "some challenge"); |
| 81 } | 116 } |
| 82 | 117 |
| 83 void ConcurrencyTestCallback(base::WaitableEvent* event, | 118 void ConcurrencyTestCallback(const std::string& challenge, |
| 84 const std::string& challenge, | 119 base::WaitableEvent* event, |
| 120 scoped_ptr<KeygenHandler> handler, |
| 85 std::string* result) { | 121 std::string* result) { |
| 86 // We allow Singleton use on the worker thread here since we use a | 122 // We allow Singleton use on the worker thread here since we use a |
| 87 // WaitableEvent to synchronize, so it's safe. | 123 // WaitableEvent to synchronize, so it's safe. |
| 88 base::ThreadRestrictions::ScopedAllowSingleton scoped_allow_singleton; | 124 base::ThreadRestrictions::ScopedAllowSingleton scoped_allow_singleton; |
| 89 KeygenHandler handler(768, challenge, GURL("http://www.example.com")); | 125 handler->set_stores_key(false); // Don't leave the key-pair behind. |
| 90 handler.set_stores_key(false); // Don't leave the key-pair behind. | 126 *result = handler->GenKeyAndSignChallenge(); |
| 91 *result = handler.GenKeyAndSignChallenge(); | |
| 92 event->Signal(); | 127 event->Signal(); |
| 93 #if defined(USE_NSS) | 128 #if defined(USE_NSS) |
| 94 // Detach the thread from NSPR. | 129 // Detach the thread from NSPR. |
| 95 // Calling NSS functions attaches the thread to NSPR, which stores | 130 // Calling NSS functions attaches the thread to NSPR, which stores |
| 96 // the NSPR thread ID in thread-specific data. | 131 // the NSPR thread ID in thread-specific data. |
| 97 // The threads in our thread pool terminate after we have called | 132 // The threads in our thread pool terminate after we have called |
| 98 // PR_Cleanup. Unless we detach them from NSPR, net_unittests gets | 133 // PR_Cleanup. Unless we detach them from NSPR, net_unittests gets |
| 99 // segfaults on shutdown when the threads' thread-specific data | 134 // segfaults on shutdown when the threads' thread-specific data |
| 100 // destructors run. | 135 // destructors run. |
| 101 PR_DetachThread(); | 136 PR_DetachThread(); |
| 102 #endif | 137 #endif |
| 103 } | 138 } |
| 104 | 139 |
| 105 // We asynchronously generate the keys so as not to hang up the IO thread. This | 140 // We asynchronously generate the keys so as not to hang up the IO thread. This |
| 106 // test tries to catch concurrency problems in the keygen implementation. | 141 // test tries to catch concurrency problems in the keygen implementation. |
| 107 TEST_F(KeygenHandlerTest, ConcurrencyTest) { | 142 TEST_F(KeygenHandlerTest, ConcurrencyTest) { |
| 108 const int NUM_HANDLERS = 5; | 143 const int NUM_HANDLERS = 5; |
| 109 base::WaitableEvent* events[NUM_HANDLERS] = { NULL }; | 144 base::WaitableEvent* events[NUM_HANDLERS] = { NULL }; |
| 110 std::string results[NUM_HANDLERS]; | 145 std::string results[NUM_HANDLERS]; |
| 111 for (int i = 0; i < NUM_HANDLERS; i++) { | 146 for (int i = 0; i < NUM_HANDLERS; i++) { |
| 147 scoped_ptr<KeygenHandler> handler(CreateKeygenHandler()); |
| 112 events[i] = new base::WaitableEvent(false, false); | 148 events[i] = new base::WaitableEvent(false, false); |
| 113 base::WorkerPool::PostTask( | 149 base::WorkerPool::PostTask(FROM_HERE, |
| 114 FROM_HERE, | 150 base::Bind(ConcurrencyTestCallback, |
| 115 base::Bind(ConcurrencyTestCallback, events[i], "some challenge", | 151 "some challenge", |
| 116 &results[i]), | 152 events[i], |
| 117 true); | 153 base::Passed(&handler), |
| 154 &results[i]), |
| 155 true); |
| 118 } | 156 } |
| 119 | 157 |
| 120 for (int i = 0; i < NUM_HANDLERS; i++) { | 158 for (int i = 0; i < NUM_HANDLERS; i++) { |
| 121 // Make sure the job completed | 159 // Make sure the job completed |
| 122 events[i]->Wait(); | 160 events[i]->Wait(); |
| 123 delete events[i]; | 161 delete events[i]; |
| 124 events[i] = NULL; | 162 events[i] = NULL; |
| 125 | 163 |
| 126 VLOG(1) << "KeygenHandler " << i << " produced: " << results[i]; | 164 VLOG(1) << "KeygenHandler " << i << " produced: " << results[i]; |
| 127 AssertValidSignedPublicKeyAndChallenge(results[i], "some challenge"); | 165 AssertValidSignedPublicKeyAndChallenge(results[i], "some challenge"); |
| 128 } | 166 } |
| 129 } | 167 } |
| 130 | 168 |
| 131 } // namespace | 169 } // namespace |
| 132 | 170 |
| 133 } // namespace net | 171 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 384413004:
Remove default key slot from KeygenHandler. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src