| Index: chrome/browser/net/sqlite_channel_id_store_unittest.cc
|
| diff --git a/chrome/browser/net/sqlite_channel_id_store_unittest.cc b/chrome/browser/net/sqlite_channel_id_store_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..7d2a2caab8af5b4a32c762e5853138cd5b2a201d
|
| --- /dev/null
|
| +++ b/chrome/browser/net/sqlite_channel_id_store_unittest.cc
|
| @@ -0,0 +1,473 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "base/bind.h"
|
| +#include "base/file_util.h"
|
| +#include "base/files/scoped_temp_dir.h"
|
| +#include "base/memory/ref_counted.h"
|
| +#include "base/memory/scoped_vector.h"
|
| +#include "base/message_loop/message_loop.h"
|
| +#include "base/run_loop.h"
|
| +#include "base/stl_util.h"
|
| +#include "chrome/browser/net/sqlite_channel_id_store.h"
|
| +#include "chrome/common/chrome_constants.h"
|
| +#include "content/public/test/mock_special_storage_policy.h"
|
| +#include "content/public/test/test_browser_thread_bundle.h"
|
| +#include "net/base/test_data_directory.h"
|
| +#include "net/ssl/ssl_client_cert_type.h"
|
| +#include "net/test/cert_test_util.h"
|
| +#include "sql/statement.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +
|
| +class SQLiteChannelIDStoreTest : public testing::Test {
|
| + public:
|
| + void Load(
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID>* channel_ids) {
|
| + base::RunLoop run_loop;
|
| + store_->Load(base::Bind(&SQLiteChannelIDStoreTest::OnLoaded,
|
| + base::Unretained(this),
|
| + &run_loop));
|
| + run_loop.Run();
|
| + channel_ids->swap(channel_ids_);
|
| + channel_ids_.clear();
|
| + }
|
| +
|
| + void OnLoaded(
|
| + base::RunLoop* run_loop,
|
| + scoped_ptr<ScopedVector<
|
| + net::DefaultChannelIDStore::ChannelID> > channel_ids) {
|
| + channel_ids_.swap(*channel_ids);
|
| + run_loop->Quit();
|
| + }
|
| +
|
| + protected:
|
| + static void ReadTestKeyAndCert(std::string* key, std::string* cert) {
|
| + base::FilePath key_path = net::GetTestCertsDirectory().AppendASCII(
|
| + "unittest.originbound.key.der");
|
| + base::FilePath cert_path = net::GetTestCertsDirectory().AppendASCII(
|
| + "unittest.originbound.der");
|
| + ASSERT_TRUE(base::ReadFileToString(key_path, key));
|
| + ASSERT_TRUE(base::ReadFileToString(cert_path, cert));
|
| + }
|
| +
|
| + static base::Time GetTestCertExpirationTime() {
|
| + // Cert expiration time from 'dumpasn1 unittest.originbound.der':
|
| + // GeneralizedTime 19/11/2111 02:23:45 GMT
|
| + // base::Time::FromUTCExploded can't generate values past 2038 on 32-bit
|
| + // linux, so we use the raw value here.
|
| + return base::Time::FromInternalValue(GG_INT64_C(16121816625000000));
|
| + }
|
| +
|
| + static base::Time GetTestCertCreationTime() {
|
| + // UTCTime 13/12/2011 02:23:45 GMT
|
| + base::Time::Exploded exploded_time;
|
| + exploded_time.year = 2011;
|
| + exploded_time.month = 12;
|
| + exploded_time.day_of_week = 0; // Unused.
|
| + exploded_time.day_of_month = 13;
|
| + exploded_time.hour = 2;
|
| + exploded_time.minute = 23;
|
| + exploded_time.second = 45;
|
| + exploded_time.millisecond = 0;
|
| + return base::Time::FromUTCExploded(exploded_time);
|
| + }
|
| +
|
| + virtual void SetUp() {
|
| + ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
|
| + store_ = new SQLiteChannelIDStore(
|
| + temp_dir_.path().Append(chrome::kChannelIDFilename),
|
| + base::MessageLoopProxy::current(),
|
| + NULL);
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(0u, channel_ids.size());
|
| + // Make sure the store gets written at least once.
|
| + store_->AddChannelID(
|
| + net::DefaultChannelIDStore::ChannelID(
|
| + "google.com",
|
| + base::Time::FromInternalValue(1),
|
| + base::Time::FromInternalValue(2),
|
| + "a", "b"));
|
| + }
|
| +
|
| + content::TestBrowserThreadBundle thread_bundle_;
|
| + base::ScopedTempDir temp_dir_;
|
| + scoped_refptr<SQLiteChannelIDStore> store_;
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids_;
|
| +};
|
| +
|
| +// Test if data is stored as expected in the SQLite database.
|
| +TEST_F(SQLiteChannelIDStoreTest, TestPersistence) {
|
| + store_->AddChannelID(
|
| + net::DefaultChannelIDStore::ChannelID(
|
| + "foo.com",
|
| + base::Time::FromInternalValue(3),
|
| + base::Time::FromInternalValue(4),
|
| + "c", "d"));
|
| +
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + // Replace the store effectively destroying the current one and forcing it
|
| + // to write its data to disk. Then we can see if after loading it again it
|
| + // is still there.
|
| + store_ = NULL;
|
| + // Make sure we wait until the destructor has run.
|
| + base::RunLoop().RunUntilIdle();
|
| + store_ = new SQLiteChannelIDStore(
|
| + temp_dir_.path().Append(chrome::kChannelIDFilename),
|
| + base::MessageLoopProxy::current(),
|
| + NULL);
|
| +
|
| + // Reload and test for persistence
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(2U, channel_ids.size());
|
| + net::DefaultChannelIDStore::ChannelID* goog_channel_id;
|
| + net::DefaultChannelIDStore::ChannelID* foo_channel_id;
|
| + if (channel_ids[0]->server_identifier() == "google.com") {
|
| + goog_channel_id = channel_ids[0];
|
| + foo_channel_id = channel_ids[1];
|
| + } else {
|
| + goog_channel_id = channel_ids[1];
|
| + foo_channel_id = channel_ids[0];
|
| + }
|
| + ASSERT_EQ("google.com", goog_channel_id->server_identifier());
|
| + ASSERT_STREQ("a", goog_channel_id->private_key().c_str());
|
| + ASSERT_STREQ("b", goog_channel_id->cert().c_str());
|
| + ASSERT_EQ(1, goog_channel_id->creation_time().ToInternalValue());
|
| + ASSERT_EQ(2, goog_channel_id->expiration_time().ToInternalValue());
|
| + ASSERT_EQ("foo.com", foo_channel_id->server_identifier());
|
| + ASSERT_STREQ("c", foo_channel_id->private_key().c_str());
|
| + ASSERT_STREQ("d", foo_channel_id->cert().c_str());
|
| + ASSERT_EQ(3, foo_channel_id->creation_time().ToInternalValue());
|
| + ASSERT_EQ(4, foo_channel_id->expiration_time().ToInternalValue());
|
| +
|
| + // Now delete the cert and check persistence again.
|
| + store_->DeleteChannelID(*channel_ids[0]);
|
| + store_->DeleteChannelID(*channel_ids[1]);
|
| + store_ = NULL;
|
| + // Make sure we wait until the destructor has run.
|
| + base::RunLoop().RunUntilIdle();
|
| + channel_ids.clear();
|
| + store_ = new SQLiteChannelIDStore(
|
| + temp_dir_.path().Append(chrome::kChannelIDFilename),
|
| + base::MessageLoopProxy::current(),
|
| + NULL);
|
| +
|
| + // Reload and check if the cert has been removed.
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(0U, channel_ids.size());
|
| +}
|
| +
|
| +TEST_F(SQLiteChannelIDStoreTest, TestUpgradeV1) {
|
| + // Reset the store. We'll be using a different database for this test.
|
| + store_ = NULL;
|
| +
|
| + base::FilePath v1_db_path(temp_dir_.path().AppendASCII("v1db"));
|
| +
|
| + std::string key_data;
|
| + std::string cert_data;
|
| + ReadTestKeyAndCert(&key_data, &cert_data);
|
| +
|
| + // Create a version 1 database.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v1_db_path));
|
| + ASSERT_TRUE(db.Execute(
|
| + "CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,"
|
| + "value LONGVARCHAR);"
|
| + "INSERT INTO \"meta\" VALUES('version','1');"
|
| + "INSERT INTO \"meta\" VALUES('last_compatible_version','1');"
|
| + "CREATE TABLE origin_bound_certs ("
|
| + "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| + "private_key BLOB NOT NULL,cert BLOB NOT NULL);"));
|
| +
|
| + sql::Statement add_smt(db.GetUniqueStatement(
|
| + "INSERT INTO origin_bound_certs (origin, private_key, cert) "
|
| + "VALUES (?,?,?)"));
|
| + add_smt.BindString(0, "google.com");
|
| + add_smt.BindBlob(1, key_data.data(), key_data.size());
|
| + add_smt.BindBlob(2, cert_data.data(), cert_data.size());
|
| + ASSERT_TRUE(add_smt.Run());
|
| +
|
| + ASSERT_TRUE(db.Execute(
|
| + "INSERT INTO \"origin_bound_certs\" VALUES("
|
| + "'foo.com',X'AA',X'BB');"
|
| + ));
|
| + }
|
| +
|
| + // Load and test the DB contents twice. First time ensures that we can use
|
| + // the updated values immediately. Second time ensures that the updated
|
| + // values are stored and read correctly on next load.
|
| + for (int i = 0; i < 2; ++i) {
|
| + SCOPED_TRACE(i);
|
| +
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + store_ = new SQLiteChannelIDStore(
|
| + v1_db_path, base::MessageLoopProxy::current(), NULL);
|
| +
|
| + // Load the database. Because the existing v1 certs are implicitly of type
|
| + // RSA, which is unsupported, they're discarded.
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(0U, channel_ids.size());
|
| +
|
| + store_ = NULL;
|
| + base::RunLoop().RunUntilIdle();
|
| +
|
| + // Verify the database version is updated.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v1_db_path));
|
| + sql::Statement smt(db.GetUniqueStatement(
|
| + "SELECT value FROM meta WHERE key = \"version\""));
|
| + ASSERT_TRUE(smt.Step());
|
| + EXPECT_EQ(4, smt.ColumnInt(0));
|
| + EXPECT_FALSE(smt.Step());
|
| + }
|
| + }
|
| +}
|
| +
|
| +TEST_F(SQLiteChannelIDStoreTest, TestUpgradeV2) {
|
| + // Reset the store. We'll be using a different database for this test.
|
| + store_ = NULL;
|
| +
|
| + base::FilePath v2_db_path(temp_dir_.path().AppendASCII("v2db"));
|
| +
|
| + std::string key_data;
|
| + std::string cert_data;
|
| + ReadTestKeyAndCert(&key_data, &cert_data);
|
| +
|
| + // Create a version 2 database.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v2_db_path));
|
| + ASSERT_TRUE(db.Execute(
|
| + "CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,"
|
| + "value LONGVARCHAR);"
|
| + "INSERT INTO \"meta\" VALUES('version','2');"
|
| + "INSERT INTO \"meta\" VALUES('last_compatible_version','1');"
|
| + "CREATE TABLE origin_bound_certs ("
|
| + "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| + "private_key BLOB NOT NULL,"
|
| + "cert BLOB NOT NULL,"
|
| + "cert_type INTEGER);"
|
| + ));
|
| +
|
| + sql::Statement add_smt(db.GetUniqueStatement(
|
| + "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type) "
|
| + "VALUES (?,?,?,?)"));
|
| + add_smt.BindString(0, "google.com");
|
| + add_smt.BindBlob(1, key_data.data(), key_data.size());
|
| + add_smt.BindBlob(2, cert_data.data(), cert_data.size());
|
| + add_smt.BindInt64(3, 64);
|
| + ASSERT_TRUE(add_smt.Run());
|
| +
|
| + ASSERT_TRUE(db.Execute(
|
| + "INSERT INTO \"origin_bound_certs\" VALUES("
|
| + "'foo.com',X'AA',X'BB',64);"
|
| + ));
|
| + }
|
| +
|
| + // Load and test the DB contents twice. First time ensures that we can use
|
| + // the updated values immediately. Second time ensures that the updated
|
| + // values are saved and read correctly on next load.
|
| + for (int i = 0; i < 2; ++i) {
|
| + SCOPED_TRACE(i);
|
| +
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + store_ = new SQLiteChannelIDStore(
|
| + v2_db_path, base::MessageLoopProxy::current(), NULL);
|
| +
|
| + // Load the database and ensure the certs can be read.
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(2U, channel_ids.size());
|
| +
|
| + ASSERT_EQ("google.com", channel_ids[0]->server_identifier());
|
| + ASSERT_EQ(GetTestCertExpirationTime(),
|
| + channel_ids[0]->expiration_time());
|
| + ASSERT_EQ(key_data, channel_ids[0]->private_key());
|
| + ASSERT_EQ(cert_data, channel_ids[0]->cert());
|
| +
|
| + ASSERT_EQ("foo.com", channel_ids[1]->server_identifier());
|
| + // Undecodable cert, expiration time will be uninitialized.
|
| + ASSERT_EQ(base::Time(), channel_ids[1]->expiration_time());
|
| + ASSERT_STREQ("\xaa", channel_ids[1]->private_key().c_str());
|
| + ASSERT_STREQ("\xbb", channel_ids[1]->cert().c_str());
|
| +
|
| + store_ = NULL;
|
| + // Make sure we wait until the destructor has run.
|
| + base::RunLoop().RunUntilIdle();
|
| +
|
| + // Verify the database version is updated.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v2_db_path));
|
| + sql::Statement smt(db.GetUniqueStatement(
|
| + "SELECT value FROM meta WHERE key = \"version\""));
|
| + ASSERT_TRUE(smt.Step());
|
| + EXPECT_EQ(4, smt.ColumnInt(0));
|
| + EXPECT_FALSE(smt.Step());
|
| + }
|
| + }
|
| +}
|
| +
|
| +TEST_F(SQLiteChannelIDStoreTest, TestUpgradeV3) {
|
| + // Reset the store. We'll be using a different database for this test.
|
| + store_ = NULL;
|
| +
|
| + base::FilePath v3_db_path(temp_dir_.path().AppendASCII("v3db"));
|
| +
|
| + std::string key_data;
|
| + std::string cert_data;
|
| + ReadTestKeyAndCert(&key_data, &cert_data);
|
| +
|
| + // Create a version 3 database.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v3_db_path));
|
| + ASSERT_TRUE(db.Execute(
|
| + "CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,"
|
| + "value LONGVARCHAR);"
|
| + "INSERT INTO \"meta\" VALUES('version','3');"
|
| + "INSERT INTO \"meta\" VALUES('last_compatible_version','1');"
|
| + "CREATE TABLE origin_bound_certs ("
|
| + "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| + "private_key BLOB NOT NULL,"
|
| + "cert BLOB NOT NULL,"
|
| + "cert_type INTEGER,"
|
| + "expiration_time INTEGER);"
|
| + ));
|
| +
|
| + sql::Statement add_smt(db.GetUniqueStatement(
|
| + "INSERT INTO origin_bound_certs (origin, private_key, cert, cert_type, "
|
| + "expiration_time) VALUES (?,?,?,?,?)"));
|
| + add_smt.BindString(0, "google.com");
|
| + add_smt.BindBlob(1, key_data.data(), key_data.size());
|
| + add_smt.BindBlob(2, cert_data.data(), cert_data.size());
|
| + add_smt.BindInt64(3, 64);
|
| + add_smt.BindInt64(4, 1000);
|
| + ASSERT_TRUE(add_smt.Run());
|
| +
|
| + ASSERT_TRUE(db.Execute(
|
| + "INSERT INTO \"origin_bound_certs\" VALUES("
|
| + "'foo.com',X'AA',X'BB',64,2000);"
|
| + ));
|
| + }
|
| +
|
| + // Load and test the DB contents twice. First time ensures that we can use
|
| + // the updated values immediately. Second time ensures that the updated
|
| + // values are saved and read correctly on next load.
|
| + for (int i = 0; i < 2; ++i) {
|
| + SCOPED_TRACE(i);
|
| +
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + store_ = new SQLiteChannelIDStore(
|
| + v3_db_path, base::MessageLoopProxy::current(), NULL);
|
| +
|
| + // Load the database and ensure the certs can be read.
|
| + Load(&channel_ids);
|
| + ASSERT_EQ(2U, channel_ids.size());
|
| +
|
| + ASSERT_EQ("google.com", channel_ids[0]->server_identifier());
|
| + ASSERT_EQ(1000, channel_ids[0]->expiration_time().ToInternalValue());
|
| + ASSERT_EQ(GetTestCertCreationTime(),
|
| + channel_ids[0]->creation_time());
|
| + ASSERT_EQ(key_data, channel_ids[0]->private_key());
|
| + ASSERT_EQ(cert_data, channel_ids[0]->cert());
|
| +
|
| + ASSERT_EQ("foo.com", channel_ids[1]->server_identifier());
|
| + ASSERT_EQ(2000, channel_ids[1]->expiration_time().ToInternalValue());
|
| + // Undecodable cert, creation time will be uninitialized.
|
| + ASSERT_EQ(base::Time(), channel_ids[1]->creation_time());
|
| + ASSERT_STREQ("\xaa", channel_ids[1]->private_key().c_str());
|
| + ASSERT_STREQ("\xbb", channel_ids[1]->cert().c_str());
|
| +
|
| + store_ = NULL;
|
| + // Make sure we wait until the destructor has run.
|
| + base::RunLoop().RunUntilIdle();
|
| +
|
| + // Verify the database version is updated.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v3_db_path));
|
| + sql::Statement smt(db.GetUniqueStatement(
|
| + "SELECT value FROM meta WHERE key = \"version\""));
|
| + ASSERT_TRUE(smt.Step());
|
| + EXPECT_EQ(4, smt.ColumnInt(0));
|
| + EXPECT_FALSE(smt.Step());
|
| + }
|
| + }
|
| +}
|
| +
|
| +TEST_F(SQLiteChannelIDStoreTest, TestRSADiscarded) {
|
| + // Reset the store. We'll be using a different database for this test.
|
| + store_ = NULL;
|
| +
|
| + base::FilePath v4_db_path(temp_dir_.path().AppendASCII("v4dbrsa"));
|
| +
|
| + std::string key_data;
|
| + std::string cert_data;
|
| + ReadTestKeyAndCert(&key_data, &cert_data);
|
| +
|
| + // Create a version 4 database with a mix of RSA and ECDSA certs.
|
| + {
|
| + sql::Connection db;
|
| + ASSERT_TRUE(db.Open(v4_db_path));
|
| + ASSERT_TRUE(db.Execute(
|
| + "CREATE TABLE meta(key LONGVARCHAR NOT NULL UNIQUE PRIMARY KEY,"
|
| + "value LONGVARCHAR);"
|
| + "INSERT INTO \"meta\" VALUES('version','4');"
|
| + "INSERT INTO \"meta\" VALUES('last_compatible_version','1');"
|
| + "CREATE TABLE origin_bound_certs ("
|
| + "origin TEXT NOT NULL UNIQUE PRIMARY KEY,"
|
| + "private_key BLOB NOT NULL,"
|
| + "cert BLOB NOT NULL,"
|
| + "cert_type INTEGER,"
|
| + "expiration_time INTEGER,"
|
| + "creation_time INTEGER);"
|
| + ));
|
| +
|
| + sql::Statement add_smt(db.GetUniqueStatement(
|
| + "INSERT INTO origin_bound_certs "
|
| + "(origin, private_key, cert, cert_type, expiration_time, creation_time)"
|
| + " VALUES (?,?,?,?,?,?)"));
|
| + add_smt.BindString(0, "google.com");
|
| + add_smt.BindBlob(1, key_data.data(), key_data.size());
|
| + add_smt.BindBlob(2, cert_data.data(), cert_data.size());
|
| + add_smt.BindInt64(3, 64);
|
| + add_smt.BindInt64(4, GetTestCertExpirationTime().ToInternalValue());
|
| + add_smt.BindInt64(5, base::Time::Now().ToInternalValue());
|
| + ASSERT_TRUE(add_smt.Run());
|
| +
|
| + add_smt.Clear();
|
| + add_smt.Assign(db.GetUniqueStatement(
|
| + "INSERT INTO origin_bound_certs "
|
| + "(origin, private_key, cert, cert_type, expiration_time, creation_time)"
|
| + " VALUES (?,?,?,?,?,?)"));
|
| + add_smt.BindString(0, "foo.com");
|
| + add_smt.BindBlob(1, key_data.data(), key_data.size());
|
| + add_smt.BindBlob(2, cert_data.data(), cert_data.size());
|
| + add_smt.BindInt64(3, 1);
|
| + add_smt.BindInt64(4, GetTestCertExpirationTime().ToInternalValue());
|
| + add_smt.BindInt64(5, base::Time::Now().ToInternalValue());
|
| + ASSERT_TRUE(add_smt.Run());
|
| + }
|
| +
|
| + ScopedVector<net::DefaultChannelIDStore::ChannelID> channel_ids;
|
| + store_ = new SQLiteChannelIDStore(
|
| + v4_db_path, base::MessageLoopProxy::current(), NULL);
|
| +
|
| + // Load the database and ensure the certs can be read.
|
| + Load(&channel_ids);
|
| + // Only the ECDSA cert (for google.com) is read, the RSA one is discarded.
|
| + ASSERT_EQ(1U, channel_ids.size());
|
| +
|
| + ASSERT_EQ("google.com", channel_ids[0]->server_identifier());
|
| + ASSERT_EQ(GetTestCertExpirationTime(),
|
| + channel_ids[0]->expiration_time());
|
| + ASSERT_EQ(key_data, channel_ids[0]->private_key());
|
| + ASSERT_EQ(cert_data, channel_ids[0]->cert());
|
| +
|
| + store_ = NULL;
|
| + // Make sure we wait until the destructor has run.
|
| + base::RunLoop().RunUntilIdle();
|
| +}
|
|
|
Chromium Code Reviews
Issue 477253002:
Revert of Move sqlite_channel_id_store from chrome/browser/net to net/extras. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master