OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/bind.h" | 5 #include "base/bind.h" |
6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
7 #include "base/files/scoped_temp_dir.h" | 7 #include "base/files/scoped_temp_dir.h" |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/memory/scoped_vector.h" | 9 #include "base/memory/scoped_vector.h" |
10 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| 11 #include "base/run_loop.h" |
11 #include "base/stl_util.h" | 12 #include "base/stl_util.h" |
12 #include "base/test/thread_test_helper.h" | 13 #include "base/test/thread_test_helper.h" |
13 #include "chrome/browser/net/clear_on_exit_policy.h" | 14 #include "chrome/browser/net/clear_on_exit_policy.h" |
14 #include "chrome/browser/net/sqlite_server_bound_cert_store.h" | 15 #include "chrome/browser/net/sqlite_server_bound_cert_store.h" |
15 #include "chrome/common/chrome_constants.h" | 16 #include "chrome/common/chrome_constants.h" |
16 #include "content/public/test/test_browser_thread.h" | 17 #include "content/public/test/test_browser_thread.h" |
17 #include "net/base/cert_test_util.h" | 18 #include "net/base/cert_test_util.h" |
18 #include "net/base/test_data_directory.h" | 19 #include "net/base/test_data_directory.h" |
19 #include "sql/statement.h" | 20 #include "sql/statement.h" |
20 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
21 #include "webkit/quota/mock_special_storage_policy.h" | 22 #include "webkit/quota/mock_special_storage_policy.h" |
22 | 23 |
23 using content::BrowserThread; | 24 using content::BrowserThread; |
24 | 25 |
25 class SQLiteServerBoundCertStoreTest : public testing::Test { | 26 class SQLiteServerBoundCertStoreTest : public testing::Test { |
26 public: | 27 public: |
27 SQLiteServerBoundCertStoreTest() | 28 SQLiteServerBoundCertStoreTest() |
28 : db_thread_(BrowserThread::DB) { | 29 : db_thread_(BrowserThread::DB), |
| 30 io_thread_(BrowserThread::IO, &message_loop_) {} |
| 31 |
| 32 void Load( |
| 33 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert>* certs) { |
| 34 base::RunLoop run_loop; |
| 35 store_->Load(base::Bind(&SQLiteServerBoundCertStoreTest::OnLoaded, |
| 36 base::Unretained(this), |
| 37 &run_loop)); |
| 38 run_loop.Run(); |
| 39 certs->swap(certs_); |
| 40 certs_.clear(); |
| 41 } |
| 42 |
| 43 void OnLoaded( |
| 44 base::RunLoop* run_loop, |
| 45 scoped_ptr<ScopedVector< |
| 46 net::DefaultServerBoundCertStore::ServerBoundCert> > certs) { |
| 47 certs_.swap(*certs); |
| 48 run_loop->Quit(); |
29 } | 49 } |
30 | 50 |
31 protected: | 51 protected: |
32 static void ReadTestKeyAndCert(std::string* key, std::string* cert) { | 52 static void ReadTestKeyAndCert(std::string* key, std::string* cert) { |
33 FilePath key_path = net::GetTestCertsDirectory().AppendASCII( | 53 FilePath key_path = net::GetTestCertsDirectory().AppendASCII( |
34 "unittest.originbound.key.der"); | 54 "unittest.originbound.key.der"); |
35 FilePath cert_path = net::GetTestCertsDirectory().AppendASCII( | 55 FilePath cert_path = net::GetTestCertsDirectory().AppendASCII( |
36 "unittest.originbound.der"); | 56 "unittest.originbound.der"); |
37 ASSERT_TRUE(file_util::ReadFileToString(key_path, key)); | 57 ASSERT_TRUE(file_util::ReadFileToString(key_path, key)); |
38 ASSERT_TRUE(file_util::ReadFileToString(cert_path, cert)); | 58 ASSERT_TRUE(file_util::ReadFileToString(cert_path, cert)); |
(...skipping 20 matching lines...) Expand all Loading... |
59 exploded_time.millisecond = 0; | 79 exploded_time.millisecond = 0; |
60 return base::Time::FromUTCExploded(exploded_time); | 80 return base::Time::FromUTCExploded(exploded_time); |
61 } | 81 } |
62 | 82 |
63 virtual void SetUp() { | 83 virtual void SetUp() { |
64 db_thread_.Start(); | 84 db_thread_.Start(); |
65 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); | 85 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
66 store_ = new SQLiteServerBoundCertStore( | 86 store_ = new SQLiteServerBoundCertStore( |
67 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 87 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
68 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 88 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
69 ASSERT_TRUE(store_->Load(&certs.get())); | 89 Load(&certs); |
70 ASSERT_EQ(0u, certs.size()); | 90 ASSERT_EQ(0u, certs.size()); |
71 // Make sure the store gets written at least once. | 91 // Make sure the store gets written at least once. |
72 store_->AddServerBoundCert( | 92 store_->AddServerBoundCert( |
73 net::DefaultServerBoundCertStore::ServerBoundCert( | 93 net::DefaultServerBoundCertStore::ServerBoundCert( |
74 "google.com", | 94 "google.com", |
75 net::CLIENT_CERT_RSA_SIGN, | 95 net::CLIENT_CERT_RSA_SIGN, |
76 base::Time::FromInternalValue(1), | 96 base::Time::FromInternalValue(1), |
77 base::Time::FromInternalValue(2), | 97 base::Time::FromInternalValue(2), |
78 "a", "b")); | 98 "a", "b")); |
79 } | 99 } |
80 | 100 |
| 101 MessageLoopForIO message_loop_; |
81 content::TestBrowserThread db_thread_; | 102 content::TestBrowserThread db_thread_; |
| 103 content::TestBrowserThread io_thread_; |
82 base::ScopedTempDir temp_dir_; | 104 base::ScopedTempDir temp_dir_; |
83 scoped_refptr<SQLiteServerBoundCertStore> store_; | 105 scoped_refptr<SQLiteServerBoundCertStore> store_; |
| 106 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs_; |
84 }; | 107 }; |
85 | 108 |
86 // Test if data is stored as expected in the SQLite database. | 109 // Test if data is stored as expected in the SQLite database. |
87 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { | 110 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { |
88 store_->AddServerBoundCert( | 111 store_->AddServerBoundCert( |
89 net::DefaultServerBoundCertStore::ServerBoundCert( | 112 net::DefaultServerBoundCertStore::ServerBoundCert( |
90 "foo.com", | 113 "foo.com", |
91 net::CLIENT_CERT_ECDSA_SIGN, | 114 net::CLIENT_CERT_ECDSA_SIGN, |
92 base::Time::FromInternalValue(3), | 115 base::Time::FromInternalValue(3), |
93 base::Time::FromInternalValue(4), | 116 base::Time::FromInternalValue(4), |
94 "c", "d")); | 117 "c", "d")); |
95 | 118 |
96 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 119 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
97 // Replace the store effectively destroying the current one and forcing it | 120 // Replace the store effectively destroying the current one and forcing it |
98 // to write its data to disk. Then we can see if after loading it again it | 121 // to write its data to disk. Then we can see if after loading it again it |
99 // is still there. | 122 // is still there. |
100 store_ = NULL; | 123 store_ = NULL; |
101 scoped_refptr<base::ThreadTestHelper> helper( | 124 scoped_refptr<base::ThreadTestHelper> helper( |
102 new base::ThreadTestHelper( | 125 new base::ThreadTestHelper( |
103 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | 126 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); |
104 // Make sure we wait until the destructor has run. | 127 // Make sure we wait until the destructor has run. |
105 ASSERT_TRUE(helper->Run()); | 128 ASSERT_TRUE(helper->Run()); |
106 store_ = new SQLiteServerBoundCertStore( | 129 store_ = new SQLiteServerBoundCertStore( |
107 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 130 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
108 | 131 |
109 // Reload and test for persistence | 132 // Reload and test for persistence |
110 ASSERT_TRUE(store_->Load(&certs.get())); | 133 Load(&certs); |
111 ASSERT_EQ(2U, certs.size()); | 134 ASSERT_EQ(2U, certs.size()); |
112 net::DefaultServerBoundCertStore::ServerBoundCert* ec_cert; | 135 net::DefaultServerBoundCertStore::ServerBoundCert* ec_cert; |
113 net::DefaultServerBoundCertStore::ServerBoundCert* rsa_cert; | 136 net::DefaultServerBoundCertStore::ServerBoundCert* rsa_cert; |
114 if (net::CLIENT_CERT_RSA_SIGN == certs[0]->type()) { | 137 if (net::CLIENT_CERT_RSA_SIGN == certs[0]->type()) { |
115 rsa_cert = certs[0]; | 138 rsa_cert = certs[0]; |
116 ec_cert = certs[1]; | 139 ec_cert = certs[1]; |
117 } else { | 140 } else { |
118 rsa_cert = certs[1]; | 141 rsa_cert = certs[1]; |
119 ec_cert = certs[0]; | 142 ec_cert = certs[0]; |
120 } | 143 } |
(...skipping 14 matching lines...) Expand all Loading... |
135 store_->DeleteServerBoundCert(*certs[0]); | 158 store_->DeleteServerBoundCert(*certs[0]); |
136 store_->DeleteServerBoundCert(*certs[1]); | 159 store_->DeleteServerBoundCert(*certs[1]); |
137 store_ = NULL; | 160 store_ = NULL; |
138 // Make sure we wait until the destructor has run. | 161 // Make sure we wait until the destructor has run. |
139 ASSERT_TRUE(helper->Run()); | 162 ASSERT_TRUE(helper->Run()); |
140 certs.clear(); | 163 certs.clear(); |
141 store_ = new SQLiteServerBoundCertStore( | 164 store_ = new SQLiteServerBoundCertStore( |
142 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 165 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
143 | 166 |
144 // Reload and check if the cert has been removed. | 167 // Reload and check if the cert has been removed. |
145 ASSERT_TRUE(store_->Load(&certs.get())); | 168 Load(&certs); |
146 ASSERT_EQ(0U, certs.size()); | 169 ASSERT_EQ(0U, certs.size()); |
147 } | 170 } |
148 | 171 |
149 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { | 172 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { |
150 // Reset the store. We'll be using a different database for this test. | 173 // Reset the store. We'll be using a different database for this test. |
151 store_ = NULL; | 174 store_ = NULL; |
152 | 175 |
153 FilePath v1_db_path(temp_dir_.path().AppendASCII("v1db")); | 176 FilePath v1_db_path(temp_dir_.path().AppendASCII("v1db")); |
154 | 177 |
155 std::string key_data; | 178 std::string key_data; |
(...skipping 30 matching lines...) Expand all Loading... |
186 // Load and test the DB contents twice. First time ensures that we can use | 209 // Load and test the DB contents twice. First time ensures that we can use |
187 // the updated values immediately. Second time ensures that the updated | 210 // the updated values immediately. Second time ensures that the updated |
188 // values are stored and read correctly on next load. | 211 // values are stored and read correctly on next load. |
189 for (int i = 0; i < 2; ++i) { | 212 for (int i = 0; i < 2; ++i) { |
190 SCOPED_TRACE(i); | 213 SCOPED_TRACE(i); |
191 | 214 |
192 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 215 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
193 store_ = new SQLiteServerBoundCertStore(v1_db_path, NULL); | 216 store_ = new SQLiteServerBoundCertStore(v1_db_path, NULL); |
194 | 217 |
195 // Load the database and ensure the certs can be read and are marked as RSA. | 218 // Load the database and ensure the certs can be read and are marked as RSA. |
196 ASSERT_TRUE(store_->Load(&certs.get())); | 219 Load(&certs); |
197 ASSERT_EQ(2U, certs.size()); | 220 ASSERT_EQ(2U, certs.size()); |
198 | 221 |
199 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 222 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
200 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 223 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
201 ASSERT_EQ(GetTestCertExpirationTime(), | 224 ASSERT_EQ(GetTestCertExpirationTime(), |
202 certs[0]->expiration_time()); | 225 certs[0]->expiration_time()); |
203 ASSERT_EQ(key_data, certs[0]->private_key()); | 226 ASSERT_EQ(key_data, certs[0]->private_key()); |
204 ASSERT_EQ(cert_data, certs[0]->cert()); | 227 ASSERT_EQ(cert_data, certs[0]->cert()); |
205 | 228 |
206 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); | 229 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
274 // Load and test the DB contents twice. First time ensures that we can use | 297 // Load and test the DB contents twice. First time ensures that we can use |
275 // the updated values immediately. Second time ensures that the updated | 298 // the updated values immediately. Second time ensures that the updated |
276 // values are saved and read correctly on next load. | 299 // values are saved and read correctly on next load. |
277 for (int i = 0; i < 2; ++i) { | 300 for (int i = 0; i < 2; ++i) { |
278 SCOPED_TRACE(i); | 301 SCOPED_TRACE(i); |
279 | 302 |
280 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 303 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
281 store_ = new SQLiteServerBoundCertStore(v2_db_path, NULL); | 304 store_ = new SQLiteServerBoundCertStore(v2_db_path, NULL); |
282 | 305 |
283 // Load the database and ensure the certs can be read and are marked as RSA. | 306 // Load the database and ensure the certs can be read and are marked as RSA. |
284 ASSERT_TRUE(store_->Load(&certs.get())); | 307 Load(&certs); |
285 ASSERT_EQ(2U, certs.size()); | 308 ASSERT_EQ(2U, certs.size()); |
286 | 309 |
287 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 310 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
288 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 311 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
289 ASSERT_EQ(GetTestCertExpirationTime(), | 312 ASSERT_EQ(GetTestCertExpirationTime(), |
290 certs[0]->expiration_time()); | 313 certs[0]->expiration_time()); |
291 ASSERT_EQ(key_data, certs[0]->private_key()); | 314 ASSERT_EQ(key_data, certs[0]->private_key()); |
292 ASSERT_EQ(cert_data, certs[0]->cert()); | 315 ASSERT_EQ(cert_data, certs[0]->cert()); |
293 | 316 |
294 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); | 317 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); |
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
364 // Load and test the DB contents twice. First time ensures that we can use | 387 // Load and test the DB contents twice. First time ensures that we can use |
365 // the updated values immediately. Second time ensures that the updated | 388 // the updated values immediately. Second time ensures that the updated |
366 // values are saved and read correctly on next load. | 389 // values are saved and read correctly on next load. |
367 for (int i = 0; i < 2; ++i) { | 390 for (int i = 0; i < 2; ++i) { |
368 SCOPED_TRACE(i); | 391 SCOPED_TRACE(i); |
369 | 392 |
370 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 393 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
371 store_ = new SQLiteServerBoundCertStore(v3_db_path, NULL); | 394 store_ = new SQLiteServerBoundCertStore(v3_db_path, NULL); |
372 | 395 |
373 // Load the database and ensure the certs can be read and are marked as RSA. | 396 // Load the database and ensure the certs can be read and are marked as RSA. |
374 ASSERT_TRUE(store_->Load(&certs.get())); | 397 Load(&certs); |
375 ASSERT_EQ(2U, certs.size()); | 398 ASSERT_EQ(2U, certs.size()); |
376 | 399 |
377 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 400 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
378 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 401 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
379 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); | 402 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); |
380 ASSERT_EQ(GetTestCertCreationTime(), | 403 ASSERT_EQ(GetTestCertCreationTime(), |
381 certs[0]->creation_time()); | 404 certs[0]->creation_time()); |
382 ASSERT_EQ(key_data, certs[0]->private_key()); | 405 ASSERT_EQ(key_data, certs[0]->private_key()); |
383 ASSERT_EQ(cert_data, certs[0]->cert()); | 406 ASSERT_EQ(cert_data, certs[0]->cert()); |
384 | 407 |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
475 | 498 |
476 store_->Flush(base::Bind(&CallbackCounter::Callback, counter.get())); | 499 store_->Flush(base::Bind(&CallbackCounter::Callback, counter.get())); |
477 | 500 |
478 scoped_refptr<base::ThreadTestHelper> helper( | 501 scoped_refptr<base::ThreadTestHelper> helper( |
479 new base::ThreadTestHelper( | 502 new base::ThreadTestHelper( |
480 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | 503 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); |
481 ASSERT_TRUE(helper->Run()); | 504 ASSERT_TRUE(helper->Run()); |
482 | 505 |
483 ASSERT_EQ(1, counter->callback_count()); | 506 ASSERT_EQ(1, counter->callback_count()); |
484 } | 507 } |
OLD | NEW |