| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/file_util.h" | 6 #include "base/file_util.h" |
| 7 #include "base/files/scoped_temp_dir.h" | 7 #include "base/files/scoped_temp_dir.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/memory/scoped_vector.h" | 9 #include "base/memory/scoped_vector.h" |
| 10 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| 11 #include "base/run_loop.h" |
| 11 #include "base/stl_util.h" | 12 #include "base/stl_util.h" |
| 12 #include "base/test/thread_test_helper.h" | 13 #include "base/test/thread_test_helper.h" |
| 13 #include "chrome/browser/net/clear_on_exit_policy.h" | 14 #include "chrome/browser/net/clear_on_exit_policy.h" |
| 14 #include "chrome/browser/net/sqlite_server_bound_cert_store.h" | 15 #include "chrome/browser/net/sqlite_server_bound_cert_store.h" |
| 15 #include "chrome/common/chrome_constants.h" | 16 #include "chrome/common/chrome_constants.h" |
| 16 #include "content/public/test/test_browser_thread.h" | 17 #include "content/public/test/test_browser_thread.h" |
| 17 #include "net/base/cert_test_util.h" | 18 #include "net/base/cert_test_util.h" |
| 18 #include "net/base/test_data_directory.h" | 19 #include "net/base/test_data_directory.h" |
| 19 #include "sql/statement.h" | 20 #include "sql/statement.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
| 21 #include "webkit/quota/mock_special_storage_policy.h" | 22 #include "webkit/quota/mock_special_storage_policy.h" |
| 22 | 23 |
| 23 using content::BrowserThread; | 24 using content::BrowserThread; |
| 24 | 25 |
| 25 class SQLiteServerBoundCertStoreTest : public testing::Test { | 26 class SQLiteServerBoundCertStoreTest : public testing::Test { |
| 26 public: | 27 public: |
| 27 SQLiteServerBoundCertStoreTest() | 28 SQLiteServerBoundCertStoreTest() |
| 28 : db_thread_(BrowserThread::DB) { | 29 : db_thread_(BrowserThread::DB), |
| 30 io_thread_(BrowserThread::IO, &message_loop_) {} |
| 31 |
| 32 void Load( |
| 33 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert>* certs) { |
| 34 base::RunLoop run_loop; |
| 35 store_->Load(base::Bind(&SQLiteServerBoundCertStoreTest::OnLoaded, |
| 36 base::Unretained(this), |
| 37 &run_loop)); |
| 38 run_loop.Run(); |
| 39 certs->swap(certs_); |
| 40 certs_.clear(); |
| 41 } |
| 42 |
| 43 void OnLoaded( |
| 44 base::RunLoop* run_loop, |
| 45 scoped_ptr<ScopedVector< |
| 46 net::DefaultServerBoundCertStore::ServerBoundCert> > certs) { |
| 47 certs_.swap(*certs); |
| 48 run_loop->Quit(); |
| 29 } | 49 } |
| 30 | 50 |
| 31 protected: | 51 protected: |
| 32 static void ReadTestKeyAndCert(std::string* key, std::string* cert) { | 52 static void ReadTestKeyAndCert(std::string* key, std::string* cert) { |
| 33 FilePath key_path = net::GetTestCertsDirectory().AppendASCII( | 53 FilePath key_path = net::GetTestCertsDirectory().AppendASCII( |
| 34 "unittest.originbound.key.der"); | 54 "unittest.originbound.key.der"); |
| 35 FilePath cert_path = net::GetTestCertsDirectory().AppendASCII( | 55 FilePath cert_path = net::GetTestCertsDirectory().AppendASCII( |
| 36 "unittest.originbound.der"); | 56 "unittest.originbound.der"); |
| 37 ASSERT_TRUE(file_util::ReadFileToString(key_path, key)); | 57 ASSERT_TRUE(file_util::ReadFileToString(key_path, key)); |
| 38 ASSERT_TRUE(file_util::ReadFileToString(cert_path, cert)); | 58 ASSERT_TRUE(file_util::ReadFileToString(cert_path, cert)); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 59 exploded_time.millisecond = 0; | 79 exploded_time.millisecond = 0; |
| 60 return base::Time::FromUTCExploded(exploded_time); | 80 return base::Time::FromUTCExploded(exploded_time); |
| 61 } | 81 } |
| 62 | 82 |
| 63 virtual void SetUp() { | 83 virtual void SetUp() { |
| 64 db_thread_.Start(); | 84 db_thread_.Start(); |
| 65 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); | 85 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
| 66 store_ = new SQLiteServerBoundCertStore( | 86 store_ = new SQLiteServerBoundCertStore( |
| 67 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 87 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
| 68 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 88 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 69 ASSERT_TRUE(store_->Load(&certs.get())); | 89 Load(&certs); |
| 70 ASSERT_EQ(0u, certs.size()); | 90 ASSERT_EQ(0u, certs.size()); |
| 71 // Make sure the store gets written at least once. | 91 // Make sure the store gets written at least once. |
| 72 store_->AddServerBoundCert( | 92 store_->AddServerBoundCert( |
| 73 net::DefaultServerBoundCertStore::ServerBoundCert( | 93 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 74 "google.com", | 94 "google.com", |
| 75 net::CLIENT_CERT_RSA_SIGN, | 95 net::CLIENT_CERT_RSA_SIGN, |
| 76 base::Time::FromInternalValue(1), | 96 base::Time::FromInternalValue(1), |
| 77 base::Time::FromInternalValue(2), | 97 base::Time::FromInternalValue(2), |
| 78 "a", "b")); | 98 "a", "b")); |
| 79 } | 99 } |
| 80 | 100 |
| 101 MessageLoopForIO message_loop_; |
| 81 content::TestBrowserThread db_thread_; | 102 content::TestBrowserThread db_thread_; |
| 103 content::TestBrowserThread io_thread_; |
| 82 base::ScopedTempDir temp_dir_; | 104 base::ScopedTempDir temp_dir_; |
| 83 scoped_refptr<SQLiteServerBoundCertStore> store_; | 105 scoped_refptr<SQLiteServerBoundCertStore> store_; |
| 106 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs_; |
| 84 }; | 107 }; |
| 85 | 108 |
| 86 // Test if data is stored as expected in the SQLite database. | 109 // Test if data is stored as expected in the SQLite database. |
| 87 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { | 110 TEST_F(SQLiteServerBoundCertStoreTest, TestPersistence) { |
| 88 store_->AddServerBoundCert( | 111 store_->AddServerBoundCert( |
| 89 net::DefaultServerBoundCertStore::ServerBoundCert( | 112 net::DefaultServerBoundCertStore::ServerBoundCert( |
| 90 "foo.com", | 113 "foo.com", |
| 91 net::CLIENT_CERT_ECDSA_SIGN, | 114 net::CLIENT_CERT_ECDSA_SIGN, |
| 92 base::Time::FromInternalValue(3), | 115 base::Time::FromInternalValue(3), |
| 93 base::Time::FromInternalValue(4), | 116 base::Time::FromInternalValue(4), |
| 94 "c", "d")); | 117 "c", "d")); |
| 95 | 118 |
| 96 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 119 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 97 // Replace the store effectively destroying the current one and forcing it | 120 // Replace the store effectively destroying the current one and forcing it |
| 98 // to write its data to disk. Then we can see if after loading it again it | 121 // to write its data to disk. Then we can see if after loading it again it |
| 99 // is still there. | 122 // is still there. |
| 100 store_ = NULL; | 123 store_ = NULL; |
| 101 scoped_refptr<base::ThreadTestHelper> helper( | 124 scoped_refptr<base::ThreadTestHelper> helper( |
| 102 new base::ThreadTestHelper( | 125 new base::ThreadTestHelper( |
| 103 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | 126 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); |
| 104 // Make sure we wait until the destructor has run. | 127 // Make sure we wait until the destructor has run. |
| 105 ASSERT_TRUE(helper->Run()); | 128 ASSERT_TRUE(helper->Run()); |
| 106 store_ = new SQLiteServerBoundCertStore( | 129 store_ = new SQLiteServerBoundCertStore( |
| 107 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 130 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
| 108 | 131 |
| 109 // Reload and test for persistence | 132 // Reload and test for persistence |
| 110 ASSERT_TRUE(store_->Load(&certs.get())); | 133 Load(&certs); |
| 111 ASSERT_EQ(2U, certs.size()); | 134 ASSERT_EQ(2U, certs.size()); |
| 112 net::DefaultServerBoundCertStore::ServerBoundCert* ec_cert; | 135 net::DefaultServerBoundCertStore::ServerBoundCert* ec_cert; |
| 113 net::DefaultServerBoundCertStore::ServerBoundCert* rsa_cert; | 136 net::DefaultServerBoundCertStore::ServerBoundCert* rsa_cert; |
| 114 if (net::CLIENT_CERT_RSA_SIGN == certs[0]->type()) { | 137 if (net::CLIENT_CERT_RSA_SIGN == certs[0]->type()) { |
| 115 rsa_cert = certs[0]; | 138 rsa_cert = certs[0]; |
| 116 ec_cert = certs[1]; | 139 ec_cert = certs[1]; |
| 117 } else { | 140 } else { |
| 118 rsa_cert = certs[1]; | 141 rsa_cert = certs[1]; |
| 119 ec_cert = certs[0]; | 142 ec_cert = certs[0]; |
| 120 } | 143 } |
| (...skipping 14 matching lines...) Expand all Loading... |
| 135 store_->DeleteServerBoundCert(*certs[0]); | 158 store_->DeleteServerBoundCert(*certs[0]); |
| 136 store_->DeleteServerBoundCert(*certs[1]); | 159 store_->DeleteServerBoundCert(*certs[1]); |
| 137 store_ = NULL; | 160 store_ = NULL; |
| 138 // Make sure we wait until the destructor has run. | 161 // Make sure we wait until the destructor has run. |
| 139 ASSERT_TRUE(helper->Run()); | 162 ASSERT_TRUE(helper->Run()); |
| 140 certs.clear(); | 163 certs.clear(); |
| 141 store_ = new SQLiteServerBoundCertStore( | 164 store_ = new SQLiteServerBoundCertStore( |
| 142 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); | 165 temp_dir_.path().Append(chrome::kOBCertFilename), NULL); |
| 143 | 166 |
| 144 // Reload and check if the cert has been removed. | 167 // Reload and check if the cert has been removed. |
| 145 ASSERT_TRUE(store_->Load(&certs.get())); | 168 Load(&certs); |
| 146 ASSERT_EQ(0U, certs.size()); | 169 ASSERT_EQ(0U, certs.size()); |
| 147 } | 170 } |
| 148 | 171 |
| 149 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { | 172 TEST_F(SQLiteServerBoundCertStoreTest, TestUpgradeV1) { |
| 150 // Reset the store. We'll be using a different database for this test. | 173 // Reset the store. We'll be using a different database for this test. |
| 151 store_ = NULL; | 174 store_ = NULL; |
| 152 | 175 |
| 153 FilePath v1_db_path(temp_dir_.path().AppendASCII("v1db")); | 176 FilePath v1_db_path(temp_dir_.path().AppendASCII("v1db")); |
| 154 | 177 |
| 155 std::string key_data; | 178 std::string key_data; |
| (...skipping 30 matching lines...) Expand all Loading... |
| 186 // Load and test the DB contents twice. First time ensures that we can use | 209 // Load and test the DB contents twice. First time ensures that we can use |
| 187 // the updated values immediately. Second time ensures that the updated | 210 // the updated values immediately. Second time ensures that the updated |
| 188 // values are stored and read correctly on next load. | 211 // values are stored and read correctly on next load. |
| 189 for (int i = 0; i < 2; ++i) { | 212 for (int i = 0; i < 2; ++i) { |
| 190 SCOPED_TRACE(i); | 213 SCOPED_TRACE(i); |
| 191 | 214 |
| 192 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 215 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 193 store_ = new SQLiteServerBoundCertStore(v1_db_path, NULL); | 216 store_ = new SQLiteServerBoundCertStore(v1_db_path, NULL); |
| 194 | 217 |
| 195 // Load the database and ensure the certs can be read and are marked as RSA. | 218 // Load the database and ensure the certs can be read and are marked as RSA. |
| 196 ASSERT_TRUE(store_->Load(&certs.get())); | 219 Load(&certs); |
| 197 ASSERT_EQ(2U, certs.size()); | 220 ASSERT_EQ(2U, certs.size()); |
| 198 | 221 |
| 199 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 222 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
| 200 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 223 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
| 201 ASSERT_EQ(GetTestCertExpirationTime(), | 224 ASSERT_EQ(GetTestCertExpirationTime(), |
| 202 certs[0]->expiration_time()); | 225 certs[0]->expiration_time()); |
| 203 ASSERT_EQ(key_data, certs[0]->private_key()); | 226 ASSERT_EQ(key_data, certs[0]->private_key()); |
| 204 ASSERT_EQ(cert_data, certs[0]->cert()); | 227 ASSERT_EQ(cert_data, certs[0]->cert()); |
| 205 | 228 |
| 206 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); | 229 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 // Load and test the DB contents twice. First time ensures that we can use | 297 // Load and test the DB contents twice. First time ensures that we can use |
| 275 // the updated values immediately. Second time ensures that the updated | 298 // the updated values immediately. Second time ensures that the updated |
| 276 // values are saved and read correctly on next load. | 299 // values are saved and read correctly on next load. |
| 277 for (int i = 0; i < 2; ++i) { | 300 for (int i = 0; i < 2; ++i) { |
| 278 SCOPED_TRACE(i); | 301 SCOPED_TRACE(i); |
| 279 | 302 |
| 280 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 303 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 281 store_ = new SQLiteServerBoundCertStore(v2_db_path, NULL); | 304 store_ = new SQLiteServerBoundCertStore(v2_db_path, NULL); |
| 282 | 305 |
| 283 // Load the database and ensure the certs can be read and are marked as RSA. | 306 // Load the database and ensure the certs can be read and are marked as RSA. |
| 284 ASSERT_TRUE(store_->Load(&certs.get())); | 307 Load(&certs); |
| 285 ASSERT_EQ(2U, certs.size()); | 308 ASSERT_EQ(2U, certs.size()); |
| 286 | 309 |
| 287 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 310 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
| 288 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 311 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
| 289 ASSERT_EQ(GetTestCertExpirationTime(), | 312 ASSERT_EQ(GetTestCertExpirationTime(), |
| 290 certs[0]->expiration_time()); | 313 certs[0]->expiration_time()); |
| 291 ASSERT_EQ(key_data, certs[0]->private_key()); | 314 ASSERT_EQ(key_data, certs[0]->private_key()); |
| 292 ASSERT_EQ(cert_data, certs[0]->cert()); | 315 ASSERT_EQ(cert_data, certs[0]->cert()); |
| 293 | 316 |
| 294 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); | 317 ASSERT_STREQ("foo.com", certs[1]->server_identifier().c_str()); |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 364 // Load and test the DB contents twice. First time ensures that we can use | 387 // Load and test the DB contents twice. First time ensures that we can use |
| 365 // the updated values immediately. Second time ensures that the updated | 388 // the updated values immediately. Second time ensures that the updated |
| 366 // values are saved and read correctly on next load. | 389 // values are saved and read correctly on next load. |
| 367 for (int i = 0; i < 2; ++i) { | 390 for (int i = 0; i < 2; ++i) { |
| 368 SCOPED_TRACE(i); | 391 SCOPED_TRACE(i); |
| 369 | 392 |
| 370 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; | 393 ScopedVector<net::DefaultServerBoundCertStore::ServerBoundCert> certs; |
| 371 store_ = new SQLiteServerBoundCertStore(v3_db_path, NULL); | 394 store_ = new SQLiteServerBoundCertStore(v3_db_path, NULL); |
| 372 | 395 |
| 373 // Load the database and ensure the certs can be read and are marked as RSA. | 396 // Load the database and ensure the certs can be read and are marked as RSA. |
| 374 ASSERT_TRUE(store_->Load(&certs.get())); | 397 Load(&certs); |
| 375 ASSERT_EQ(2U, certs.size()); | 398 ASSERT_EQ(2U, certs.size()); |
| 376 | 399 |
| 377 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); | 400 ASSERT_STREQ("google.com", certs[0]->server_identifier().c_str()); |
| 378 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); | 401 ASSERT_EQ(net::CLIENT_CERT_RSA_SIGN, certs[0]->type()); |
| 379 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); | 402 ASSERT_EQ(1000, certs[0]->expiration_time().ToInternalValue()); |
| 380 ASSERT_EQ(GetTestCertCreationTime(), | 403 ASSERT_EQ(GetTestCertCreationTime(), |
| 381 certs[0]->creation_time()); | 404 certs[0]->creation_time()); |
| 382 ASSERT_EQ(key_data, certs[0]->private_key()); | 405 ASSERT_EQ(key_data, certs[0]->private_key()); |
| 383 ASSERT_EQ(cert_data, certs[0]->cert()); | 406 ASSERT_EQ(cert_data, certs[0]->cert()); |
| 384 | 407 |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 475 | 498 |
| 476 store_->Flush(base::Bind(&CallbackCounter::Callback, counter.get())); | 499 store_->Flush(base::Bind(&CallbackCounter::Callback, counter.get())); |
| 477 | 500 |
| 478 scoped_refptr<base::ThreadTestHelper> helper( | 501 scoped_refptr<base::ThreadTestHelper> helper( |
| 479 new base::ThreadTestHelper( | 502 new base::ThreadTestHelper( |
| 480 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); | 503 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::DB))); |
| 481 ASSERT_TRUE(helper->Run()); | 504 ASSERT_TRUE(helper->Run()); |
| 482 | 505 |
| 483 ASSERT_EQ(1, counter->callback_count()); | 506 ASSERT_EQ(1, counter->callback_count()); |
| 484 } | 507 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11742037:
Make ServerBoundCertStore interface async, move SQLiteServerBoundCertStore load onto DB thread. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src