| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/cert_loader.h" | 5 #include "chromeos/cert_loader.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/files/file_util.h" | 8 #include "base/files/file_util.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 ASSERT_TRUE(imported_certs); | 142 ASSERT_TRUE(imported_certs); |
| 143 | 143 |
| 144 std::string pkcs12_data; | 144 std::string pkcs12_data; |
| 145 base::FilePath pkcs12_file_path = | 145 base::FilePath pkcs12_file_path = |
| 146 net::GetTestCertsDirectory().Append(pkcs12_file); | 146 net::GetTestCertsDirectory().Append(pkcs12_file); |
| 147 ASSERT_TRUE(base::ReadFileToString(pkcs12_file_path, &pkcs12_data)); | 147 ASSERT_TRUE(base::ReadFileToString(pkcs12_file_path, &pkcs12_data)); |
| 148 | 148 |
| 149 net::CertificateList client_cert_list; | 149 net::CertificateList client_cert_list; |
| 150 scoped_refptr<net::CryptoModule> module(net::CryptoModule::CreateFromHandle( | 150 scoped_refptr<net::CryptoModule> module(net::CryptoModule::CreateFromHandle( |
| 151 database->GetPrivateSlot().get())); | 151 database->GetPrivateSlot().get())); |
| 152 ASSERT_EQ( | 152 ASSERT_EQ(net::OK, |
| 153 net::OK, | 153 database->ImportFromPKCS12(module.get(), |
| 154 database->ImportFromPKCS12(module, pkcs12_data, base::string16(), false, | 154 pkcs12_data, |
| 155 imported_certs)); | 155 base::string16(), |
| 156 false, |
| 157 imported_certs)); |
| 156 ASSERT_EQ(1U, imported_certs->size()); | 158 ASSERT_EQ(1U, imported_certs->size()); |
| 157 } | 159 } |
| 158 | 160 |
| 159 CertLoader* cert_loader_; | 161 CertLoader* cert_loader_; |
| 160 | 162 |
| 161 // The user is primary as the one whose certificates CertLoader handles, it | 163 // The user is primary as the one whose certificates CertLoader handles, it |
| 162 // has nothing to do with crypto::InitializeNSSForChromeOSUser is_primary_user | 164 // has nothing to do with crypto::InitializeNSSForChromeOSUser is_primary_user |
| 163 // parameter (which is irrelevant for these tests). | 165 // parameter (which is irrelevant for these tests). |
| 164 crypto::ScopedTestNSSChromeOSUser primary_user_; | 166 crypto::ScopedTestNSSChromeOSUser primary_user_; |
| 165 scoped_ptr<net::NSSCertDatabaseChromeOS> primary_db_; | 167 scoped_ptr<net::NSSCertDatabaseChromeOS> primary_db_; |
| (...skipping 29 matching lines...) Expand all Loading... |
| 195 } | 197 } |
| 196 | 198 |
| 197 TEST_F(CertLoaderTest, CertLoaderUpdatesCertListOnNewCert) { | 199 TEST_F(CertLoaderTest, CertLoaderUpdatesCertListOnNewCert) { |
| 198 StartCertLoaderWithPrimaryUser(); | 200 StartCertLoaderWithPrimaryUser(); |
| 199 | 201 |
| 200 net::CertificateList certs; | 202 net::CertificateList certs; |
| 201 ImportCACert("root_ca_cert.pem", primary_db_.get(), &certs); | 203 ImportCACert("root_ca_cert.pem", primary_db_.get(), &certs); |
| 202 | 204 |
| 203 // Certs are loaded asynchronously, so the new cert should not yet be in the | 205 // Certs are loaded asynchronously, so the new cert should not yet be in the |
| 204 // cert list. | 206 // cert list. |
| 205 EXPECT_FALSE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 207 EXPECT_FALSE( |
| 208 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 206 | 209 |
| 207 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); | 210 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); |
| 208 base::RunLoop().RunUntilIdle(); | 211 base::RunLoop().RunUntilIdle(); |
| 209 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 212 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 210 | 213 |
| 211 // The certificate list should be updated now, as the message loop's been run. | 214 // The certificate list should be updated now, as the message loop's been run. |
| 212 EXPECT_TRUE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 215 EXPECT_TRUE( |
| 216 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 213 } | 217 } |
| 214 | 218 |
| 215 TEST_F(CertLoaderTest, CertLoaderNoUpdateOnSecondaryDbChanges) { | 219 TEST_F(CertLoaderTest, CertLoaderNoUpdateOnSecondaryDbChanges) { |
| 216 crypto::ScopedTestNSSChromeOSUser secondary_user("secondary"); | 220 crypto::ScopedTestNSSChromeOSUser secondary_user("secondary"); |
| 217 scoped_ptr<net::NSSCertDatabaseChromeOS> secondary_db; | 221 scoped_ptr<net::NSSCertDatabaseChromeOS> secondary_db; |
| 218 | 222 |
| 219 StartCertLoaderWithPrimaryUser(); | 223 StartCertLoaderWithPrimaryUser(); |
| 220 FinishUserInitAndGetDatabase(&secondary_user, &secondary_db); | 224 FinishUserInitAndGetDatabase(&secondary_user, &secondary_db); |
| 221 | 225 |
| 222 net::CertificateList certs; | 226 net::CertificateList certs; |
| 223 ImportCACert("root_ca_cert.pem", secondary_db.get(), &certs); | 227 ImportCACert("root_ca_cert.pem", secondary_db.get(), &certs); |
| 224 | 228 |
| 225 base::RunLoop().RunUntilIdle(); | 229 base::RunLoop().RunUntilIdle(); |
| 226 | 230 |
| 227 EXPECT_FALSE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 231 EXPECT_FALSE( |
| 232 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 228 } | 233 } |
| 229 | 234 |
| 230 TEST_F(CertLoaderTest, ClientLoaderUpdateOnNewClientCert) { | 235 TEST_F(CertLoaderTest, ClientLoaderUpdateOnNewClientCert) { |
| 231 StartCertLoaderWithPrimaryUser(); | 236 StartCertLoaderWithPrimaryUser(); |
| 232 | 237 |
| 233 net::CertificateList certs; | 238 net::CertificateList certs; |
| 234 ImportClientCertAndKey("websocket_client_cert.p12", | 239 ImportClientCertAndKey("websocket_client_cert.p12", |
| 235 primary_db_.get(), | 240 primary_db_.get(), |
| 236 &certs); | 241 &certs); |
| 237 | 242 |
| 238 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); | 243 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); |
| 239 base::RunLoop().RunUntilIdle(); | 244 base::RunLoop().RunUntilIdle(); |
| 240 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 245 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 241 | 246 |
| 242 EXPECT_TRUE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 247 EXPECT_TRUE( |
| 248 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 243 } | 249 } |
| 244 | 250 |
| 245 TEST_F(CertLoaderTest, CertLoaderNoUpdateOnNewClientCertInSecondaryDb) { | 251 TEST_F(CertLoaderTest, CertLoaderNoUpdateOnNewClientCertInSecondaryDb) { |
| 246 crypto::ScopedTestNSSChromeOSUser secondary_user("secondary"); | 252 crypto::ScopedTestNSSChromeOSUser secondary_user("secondary"); |
| 247 scoped_ptr<net::NSSCertDatabaseChromeOS> secondary_db; | 253 scoped_ptr<net::NSSCertDatabaseChromeOS> secondary_db; |
| 248 | 254 |
| 249 StartCertLoaderWithPrimaryUser(); | 255 StartCertLoaderWithPrimaryUser(); |
| 250 FinishUserInitAndGetDatabase(&secondary_user, &secondary_db); | 256 FinishUserInitAndGetDatabase(&secondary_user, &secondary_db); |
| 251 | 257 |
| 252 net::CertificateList certs; | 258 net::CertificateList certs; |
| 253 ImportClientCertAndKey("websocket_client_cert.p12", | 259 ImportClientCertAndKey("websocket_client_cert.p12", |
| 254 secondary_db.get(), | 260 secondary_db.get(), |
| 255 &certs); | 261 &certs); |
| 256 | 262 |
| 257 base::RunLoop().RunUntilIdle(); | 263 base::RunLoop().RunUntilIdle(); |
| 258 | 264 |
| 259 EXPECT_FALSE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 265 EXPECT_FALSE( |
| 266 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 260 } | 267 } |
| 261 | 268 |
| 262 TEST_F(CertLoaderTest, UpdatedOnCertRemoval) { | 269 TEST_F(CertLoaderTest, UpdatedOnCertRemoval) { |
| 263 StartCertLoaderWithPrimaryUser(); | 270 StartCertLoaderWithPrimaryUser(); |
| 264 | 271 |
| 265 net::CertificateList certs; | 272 net::CertificateList certs; |
| 266 ImportClientCertAndKey("websocket_client_cert.p12", | 273 ImportClientCertAndKey("websocket_client_cert.p12", |
| 267 primary_db_.get(), | 274 primary_db_.get(), |
| 268 &certs); | 275 &certs); |
| 269 | 276 |
| 270 base::RunLoop().RunUntilIdle(); | 277 base::RunLoop().RunUntilIdle(); |
| 271 | 278 |
| 272 ASSERT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 279 ASSERT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 273 ASSERT_TRUE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 280 ASSERT_TRUE( |
| 281 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 274 | 282 |
| 275 primary_db_->DeleteCertAndKey(certs[0]); | 283 primary_db_->DeleteCertAndKey(certs[0].get()); |
| 276 | 284 |
| 277 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); | 285 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); |
| 278 base::RunLoop().RunUntilIdle(); | 286 base::RunLoop().RunUntilIdle(); |
| 279 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 287 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 280 | 288 |
| 281 ASSERT_FALSE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 289 ASSERT_FALSE( |
| 290 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 282 } | 291 } |
| 283 | 292 |
| 284 TEST_F(CertLoaderTest, UpdatedOnCACertTrustChange) { | 293 TEST_F(CertLoaderTest, UpdatedOnCACertTrustChange) { |
| 285 StartCertLoaderWithPrimaryUser(); | 294 StartCertLoaderWithPrimaryUser(); |
| 286 | 295 |
| 287 net::CertificateList certs; | 296 net::CertificateList certs; |
| 288 ImportCACert("root_ca_cert.pem", primary_db_.get(), &certs); | 297 ImportCACert("root_ca_cert.pem", primary_db_.get(), &certs); |
| 289 | 298 |
| 290 base::RunLoop().RunUntilIdle(); | 299 base::RunLoop().RunUntilIdle(); |
| 291 ASSERT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 300 ASSERT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 292 ASSERT_TRUE(IsCertInCertificateList(certs[0], cert_loader_->cert_list())); | 301 ASSERT_TRUE( |
| 302 IsCertInCertificateList(certs[0].get(), cert_loader_->cert_list())); |
| 293 | 303 |
| 294 // The value that should have been set by |ImportCACert|. | 304 // The value that should have been set by |ImportCACert|. |
| 295 ASSERT_EQ(net::NSSCertDatabase::TRUST_DEFAULT, | 305 ASSERT_EQ(net::NSSCertDatabase::TRUST_DEFAULT, |
| 296 primary_db_->GetCertTrust(certs[0], net::CA_CERT)); | 306 primary_db_->GetCertTrust(certs[0].get(), net::CA_CERT)); |
| 297 ASSERT_TRUE(primary_db_->SetCertTrust( | 307 ASSERT_TRUE(primary_db_->SetCertTrust( |
| 298 certs[0], net::CA_CERT, net::NSSCertDatabase::TRUSTED_SSL)); | 308 certs[0].get(), net::CA_CERT, net::NSSCertDatabase::TRUSTED_SSL)); |
| 299 | 309 |
| 300 // Cert trust change should trigger certificate reload in cert_loader_. | 310 // Cert trust change should trigger certificate reload in cert_loader_. |
| 301 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); | 311 ASSERT_EQ(0U, GetAndResetCertificatesLoadedEventsCount()); |
| 302 base::RunLoop().RunUntilIdle(); | 312 base::RunLoop().RunUntilIdle(); |
| 303 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); | 313 EXPECT_EQ(1U, GetAndResetCertificatesLoadedEventsCount()); |
| 304 } | 314 } |
| 305 | 315 |
| 306 } // namespace | 316 } // namespace |
| 307 } // namespace chromeos | 317 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 560903003:
Remove implicit conversions from scoped_refptr to T* in chromeos/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master