OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/default_server_bound_cert_store.h" | 5 #include "net/base/default_server_bound_cert_store.h" |
6 | 6 |
7 #include <map> | 7 #include <map> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/bind.h" | 11 #include "base/bind.h" |
12 #include "base/compiler_specific.h" | 12 #include "base/compiler_specific.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/memory/scoped_ptr.h" | 14 #include "base/memory/scoped_ptr.h" |
| 15 #include "base/message_loop.h" |
15 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
16 | 17 |
17 namespace net { | 18 namespace net { |
18 | 19 |
| 20 namespace { |
| 21 |
| 22 void CallCounter(int* counter) { |
| 23 (*counter)++; |
| 24 } |
| 25 |
| 26 void NotCalled() { |
| 27 ADD_FAILURE() << "Unexpected callback execution."; |
| 28 } |
| 29 |
| 30 void GetCertCallbackNotCalled(const std::string& server_identifier, |
| 31 SSLClientCertType type, |
| 32 base::Time expiration_time, |
| 33 const std::string& private_key_result, |
| 34 const std::string& cert_result) { |
| 35 ADD_FAILURE() << "Unexpected callback execution."; |
| 36 } |
| 37 |
| 38 class AsyncGetCertHelper { |
| 39 public: |
| 40 AsyncGetCertHelper() : called_(false) {} |
| 41 |
| 42 void Callback(const std::string& server_identifier, |
| 43 SSLClientCertType type, |
| 44 base::Time expiration_time, |
| 45 const std::string& private_key_result, |
| 46 const std::string& cert_result) { |
| 47 server_identifier_ = server_identifier; |
| 48 type_ = type; |
| 49 expiration_time_ = expiration_time; |
| 50 private_key_ = private_key_result; |
| 51 cert_ = cert_result; |
| 52 called_ = true; |
| 53 } |
| 54 |
| 55 std::string server_identifier_; |
| 56 SSLClientCertType type_; |
| 57 base::Time expiration_time_; |
| 58 std::string private_key_; |
| 59 std::string cert_; |
| 60 bool called_; |
| 61 }; |
| 62 |
| 63 void GetAllCallback( |
| 64 ServerBoundCertStore::ServerBoundCertList* dest, |
| 65 const ServerBoundCertStore::ServerBoundCertList& result) { |
| 66 *dest = result; |
| 67 } |
| 68 |
19 class MockPersistentStore | 69 class MockPersistentStore |
20 : public DefaultServerBoundCertStore::PersistentStore { | 70 : public DefaultServerBoundCertStore::PersistentStore { |
21 public: | 71 public: |
22 MockPersistentStore(); | 72 MockPersistentStore(); |
23 | 73 |
24 // DefaultServerBoundCertStore::PersistentStore implementation. | 74 // DefaultServerBoundCertStore::PersistentStore implementation. |
25 virtual bool Load( | 75 virtual void Load(const LoadedCallback& loaded_callback) OVERRIDE; |
26 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) | |
27 OVERRIDE; | |
28 virtual void AddServerBoundCert( | 76 virtual void AddServerBoundCert( |
29 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 77 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
30 virtual void DeleteServerBoundCert( | 78 virtual void DeleteServerBoundCert( |
31 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; | 79 const DefaultServerBoundCertStore::ServerBoundCert& cert) OVERRIDE; |
32 virtual void SetForceKeepSessionState() OVERRIDE; | 80 virtual void SetForceKeepSessionState() OVERRIDE; |
33 virtual void Flush(const base::Closure& completion_task) OVERRIDE; | 81 virtual void Flush(const base::Closure& completion_task) OVERRIDE; |
34 | 82 |
35 protected: | 83 protected: |
36 virtual ~MockPersistentStore(); | 84 virtual ~MockPersistentStore(); |
37 | 85 |
38 private: | 86 private: |
39 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> | 87 typedef std::map<std::string, DefaultServerBoundCertStore::ServerBoundCert> |
40 ServerBoundCertMap; | 88 ServerBoundCertMap; |
41 | 89 |
42 ServerBoundCertMap origin_certs_; | 90 ServerBoundCertMap origin_certs_; |
43 }; | 91 }; |
44 | 92 |
45 MockPersistentStore::MockPersistentStore() {} | 93 MockPersistentStore::MockPersistentStore() {} |
46 | 94 |
47 bool MockPersistentStore::Load( | 95 void MockPersistentStore::Load(const LoadedCallback& loaded_callback) { |
48 std::vector<DefaultServerBoundCertStore::ServerBoundCert*>* certs) { | 96 scoped_ptr<ScopedVector<DefaultServerBoundCertStore::ServerBoundCert> > |
| 97 certs(new ScopedVector<DefaultServerBoundCertStore::ServerBoundCert>()); |
49 ServerBoundCertMap::iterator it; | 98 ServerBoundCertMap::iterator it; |
50 | 99 |
51 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { | 100 for (it = origin_certs_.begin(); it != origin_certs_.end(); ++it) { |
52 certs->push_back( | 101 certs->push_back( |
53 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); | 102 new DefaultServerBoundCertStore::ServerBoundCert(it->second)); |
54 } | 103 } |
55 | 104 |
56 return true; | 105 MessageLoop::current()->PostTask( |
| 106 FROM_HERE, base::Bind(loaded_callback, base::Passed(&certs))); |
57 } | 107 } |
58 | 108 |
59 void MockPersistentStore::AddServerBoundCert( | 109 void MockPersistentStore::AddServerBoundCert( |
60 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 110 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
61 origin_certs_[cert.server_identifier()] = cert; | 111 origin_certs_[cert.server_identifier()] = cert; |
62 } | 112 } |
63 | 113 |
64 void MockPersistentStore::DeleteServerBoundCert( | 114 void MockPersistentStore::DeleteServerBoundCert( |
65 const DefaultServerBoundCertStore::ServerBoundCert& cert) { | 115 const DefaultServerBoundCertStore::ServerBoundCert& cert) { |
66 origin_certs_.erase(cert.server_identifier()); | 116 origin_certs_.erase(cert.server_identifier()); |
67 } | 117 } |
68 | 118 |
69 void MockPersistentStore::SetForceKeepSessionState() {} | 119 void MockPersistentStore::SetForceKeepSessionState() {} |
70 | 120 |
71 void MockPersistentStore::Flush(const base::Closure& completion_task) { | 121 void MockPersistentStore::Flush(const base::Closure& completion_task) { |
72 NOTREACHED(); | 122 NOTREACHED(); |
73 } | 123 } |
74 | 124 |
75 MockPersistentStore::~MockPersistentStore() {} | 125 MockPersistentStore::~MockPersistentStore() {} |
76 | 126 |
| 127 } // namespace |
| 128 |
77 TEST(DefaultServerBoundCertStoreTest, TestLoading) { | 129 TEST(DefaultServerBoundCertStoreTest, TestLoading) { |
78 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 130 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
79 | 131 |
80 persistent_store->AddServerBoundCert( | 132 persistent_store->AddServerBoundCert( |
81 DefaultServerBoundCertStore::ServerBoundCert( | 133 DefaultServerBoundCertStore::ServerBoundCert( |
82 "google.com", | 134 "google.com", |
83 CLIENT_CERT_RSA_SIGN, | 135 CLIENT_CERT_RSA_SIGN, |
84 base::Time(), | 136 base::Time(), |
85 base::Time(), | 137 base::Time(), |
86 "a", "b")); | 138 "a", "b")); |
87 persistent_store->AddServerBoundCert( | 139 persistent_store->AddServerBoundCert( |
88 DefaultServerBoundCertStore::ServerBoundCert( | 140 DefaultServerBoundCertStore::ServerBoundCert( |
89 "verisign.com", | 141 "verisign.com", |
90 CLIENT_CERT_ECDSA_SIGN, | 142 CLIENT_CERT_ECDSA_SIGN, |
91 base::Time(), | 143 base::Time(), |
92 base::Time(), | 144 base::Time(), |
93 "c", "d")); | 145 "c", "d")); |
94 | 146 |
95 // Make sure certs load properly. | 147 // Make sure certs load properly. |
96 DefaultServerBoundCertStore store(persistent_store.get()); | 148 DefaultServerBoundCertStore store(persistent_store.get()); |
97 EXPECT_EQ(2, store.GetCertCount()); | 149 // Load has not occurred yet. |
| 150 EXPECT_EQ(0, store.GetCertCount()); |
98 store.SetServerBoundCert( | 151 store.SetServerBoundCert( |
99 "verisign.com", | 152 "verisign.com", |
100 CLIENT_CERT_RSA_SIGN, | 153 CLIENT_CERT_RSA_SIGN, |
101 base::Time(), | 154 base::Time(), |
102 base::Time(), | 155 base::Time(), |
103 "e", "f"); | 156 "e", "f"); |
| 157 // Wait for load & queued set task. |
| 158 MessageLoop::current()->RunUntilIdle(); |
104 EXPECT_EQ(2, store.GetCertCount()); | 159 EXPECT_EQ(2, store.GetCertCount()); |
105 store.SetServerBoundCert( | 160 store.SetServerBoundCert( |
106 "twitter.com", | 161 "twitter.com", |
107 CLIENT_CERT_RSA_SIGN, | 162 CLIENT_CERT_RSA_SIGN, |
108 base::Time(), | 163 base::Time(), |
109 base::Time(), | 164 base::Time(), |
110 "g", "h"); | 165 "g", "h"); |
| 166 // Set should be synchronous now that load is done. |
111 EXPECT_EQ(3, store.GetCertCount()); | 167 EXPECT_EQ(3, store.GetCertCount()); |
112 } | 168 } |
113 | 169 |
| 170 //TODO(mattm): add more tests of without a persistent store? |
114 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { | 171 TEST(DefaultServerBoundCertStoreTest, TestSettingAndGetting) { |
| 172 // No persistent store, all calls will be synchronous. |
115 DefaultServerBoundCertStore store(NULL); | 173 DefaultServerBoundCertStore store(NULL); |
116 SSLClientCertType type; | 174 SSLClientCertType type; |
117 base::Time creation_time; | |
118 base::Time expiration_time; | 175 base::Time expiration_time; |
119 std::string private_key, cert; | 176 std::string private_key, cert; |
120 EXPECT_EQ(0, store.GetCertCount()); | 177 EXPECT_EQ(0, store.GetCertCount()); |
121 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 178 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
122 &type, | 179 &type, |
123 &creation_time, | 180 &expiration_time, |
124 &expiration_time, | 181 &private_key, |
125 &private_key, | 182 &cert, |
126 &cert)); | 183 base::Bind(&GetCertCallbackNotCalled))); |
| 184 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); |
127 EXPECT_TRUE(private_key.empty()); | 185 EXPECT_TRUE(private_key.empty()); |
128 EXPECT_TRUE(cert.empty()); | 186 EXPECT_TRUE(cert.empty()); |
129 store.SetServerBoundCert( | 187 store.SetServerBoundCert( |
130 "verisign.com", | 188 "verisign.com", |
131 CLIENT_CERT_RSA_SIGN, | 189 CLIENT_CERT_RSA_SIGN, |
132 base::Time::FromInternalValue(123), | 190 base::Time::FromInternalValue(123), |
133 base::Time::FromInternalValue(456), | 191 base::Time::FromInternalValue(456), |
134 "i", "j"); | 192 "i", "j"); |
135 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 193 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
136 &type, | 194 &type, |
137 &creation_time, | |
138 &expiration_time, | 195 &expiration_time, |
139 &private_key, | 196 &private_key, |
140 &cert)); | 197 &cert, |
| 198 base::Bind(&GetCertCallbackNotCalled))); |
141 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); | 199 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, type); |
142 EXPECT_EQ(123, creation_time.ToInternalValue()); | |
143 EXPECT_EQ(456, expiration_time.ToInternalValue()); | 200 EXPECT_EQ(456, expiration_time.ToInternalValue()); |
144 EXPECT_EQ("i", private_key); | 201 EXPECT_EQ("i", private_key); |
145 EXPECT_EQ("j", cert); | 202 EXPECT_EQ("j", cert); |
146 } | 203 } |
147 | 204 |
148 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { | 205 TEST(DefaultServerBoundCertStoreTest, TestDuplicateCerts) { |
149 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 206 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
150 DefaultServerBoundCertStore store(persistent_store.get()); | 207 DefaultServerBoundCertStore store(persistent_store.get()); |
151 | 208 |
152 SSLClientCertType type; | 209 SSLClientCertType type; |
153 base::Time creation_time; | |
154 base::Time expiration_time; | 210 base::Time expiration_time; |
155 std::string private_key, cert; | 211 std::string private_key, cert; |
156 EXPECT_EQ(0, store.GetCertCount()); | 212 EXPECT_EQ(0, store.GetCertCount()); |
157 store.SetServerBoundCert( | 213 store.SetServerBoundCert( |
158 "verisign.com", | 214 "verisign.com", |
159 CLIENT_CERT_RSA_SIGN, | 215 CLIENT_CERT_RSA_SIGN, |
160 base::Time::FromInternalValue(123), | 216 base::Time::FromInternalValue(123), |
161 base::Time::FromInternalValue(1234), | 217 base::Time::FromInternalValue(1234), |
162 "a", "b"); | 218 "a", "b"); |
163 store.SetServerBoundCert( | 219 store.SetServerBoundCert( |
164 "verisign.com", | 220 "verisign.com", |
165 CLIENT_CERT_ECDSA_SIGN, | 221 CLIENT_CERT_ECDSA_SIGN, |
166 base::Time::FromInternalValue(456), | 222 base::Time::FromInternalValue(456), |
167 base::Time::FromInternalValue(4567), | 223 base::Time::FromInternalValue(4567), |
168 "c", "d"); | 224 "c", "d"); |
169 | 225 |
| 226 // Wait for load & queued set tasks. |
| 227 MessageLoop::current()->RunUntilIdle(); |
170 EXPECT_EQ(1, store.GetCertCount()); | 228 EXPECT_EQ(1, store.GetCertCount()); |
171 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", | 229 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
172 &type, | 230 &type, |
173 &creation_time, | |
174 &expiration_time, | 231 &expiration_time, |
175 &private_key, | 232 &private_key, |
176 &cert)); | 233 &cert, |
| 234 base::Bind(&GetCertCallbackNotCalled))); |
177 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); | 235 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); |
178 EXPECT_EQ(456, creation_time.ToInternalValue()); | |
179 EXPECT_EQ(4567, expiration_time.ToInternalValue()); | 236 EXPECT_EQ(4567, expiration_time.ToInternalValue()); |
180 EXPECT_EQ("c", private_key); | 237 EXPECT_EQ("c", private_key); |
181 EXPECT_EQ("d", cert); | 238 EXPECT_EQ("d", cert); |
182 } | 239 } |
183 | 240 |
| 241 TEST(DefaultServerBoundCertStoreTest, TestAsyncGet) { |
| 242 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 243 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 244 "verisign.com", |
| 245 CLIENT_CERT_RSA_SIGN, |
| 246 base::Time::FromInternalValue(123), |
| 247 base::Time::FromInternalValue(1234), |
| 248 "a", "b")); |
| 249 |
| 250 DefaultServerBoundCertStore store(persistent_store.get()); |
| 251 AsyncGetCertHelper helper; |
| 252 SSLClientCertType type; |
| 253 base::Time expiration_time; |
| 254 std::string private_key; |
| 255 std::string cert = "not set"; |
| 256 EXPECT_EQ(0, store.GetCertCount()); |
| 257 EXPECT_FALSE(store.GetServerBoundCert( |
| 258 "verisign.com", &type, &expiration_time, &private_key, &cert, |
| 259 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&helper)))); |
| 260 |
| 261 // Wait for load & queued get tasks. |
| 262 MessageLoop::current()->RunUntilIdle(); |
| 263 EXPECT_EQ(1, store.GetCertCount()); |
| 264 EXPECT_EQ("not set", cert); |
| 265 EXPECT_TRUE(helper.called_); |
| 266 EXPECT_EQ("verisign.com", helper.server_identifier_); |
| 267 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, helper.type_); |
| 268 EXPECT_EQ(1234, helper.expiration_time_.ToInternalValue()); |
| 269 EXPECT_EQ("a", helper.private_key_); |
| 270 EXPECT_EQ("b", helper.cert_); |
| 271 } |
| 272 |
184 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { | 273 TEST(DefaultServerBoundCertStoreTest, TestDeleteAll) { |
185 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 274 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
186 DefaultServerBoundCertStore store(persistent_store.get()); | 275 DefaultServerBoundCertStore store(persistent_store.get()); |
187 | 276 |
188 EXPECT_EQ(0, store.GetCertCount()); | |
189 store.SetServerBoundCert( | 277 store.SetServerBoundCert( |
190 "verisign.com", | 278 "verisign.com", |
191 CLIENT_CERT_RSA_SIGN, | 279 CLIENT_CERT_RSA_SIGN, |
192 base::Time(), | 280 base::Time(), |
193 base::Time(), | 281 base::Time(), |
194 "a", "b"); | 282 "a", "b"); |
195 store.SetServerBoundCert( | 283 store.SetServerBoundCert( |
196 "google.com", | 284 "google.com", |
197 CLIENT_CERT_RSA_SIGN, | 285 CLIENT_CERT_RSA_SIGN, |
198 base::Time(), | 286 base::Time(), |
199 base::Time(), | 287 base::Time(), |
200 "c", "d"); | 288 "c", "d"); |
201 store.SetServerBoundCert( | 289 store.SetServerBoundCert( |
202 "harvard.com", | 290 "harvard.com", |
203 CLIENT_CERT_RSA_SIGN, | 291 CLIENT_CERT_RSA_SIGN, |
204 base::Time(), | 292 base::Time(), |
205 base::Time(), | 293 base::Time(), |
206 "e", "f"); | 294 "e", "f"); |
| 295 // Wait for load & queued set tasks. |
| 296 MessageLoop::current()->RunUntilIdle(); |
207 | 297 |
208 EXPECT_EQ(3, store.GetCertCount()); | 298 EXPECT_EQ(3, store.GetCertCount()); |
209 store.DeleteAll(); | 299 int delete_finished = 0; |
| 300 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); |
| 301 ASSERT_EQ(1, delete_finished); |
210 EXPECT_EQ(0, store.GetCertCount()); | 302 EXPECT_EQ(0, store.GetCertCount()); |
211 } | 303 } |
212 | 304 |
| 305 TEST(DefaultServerBoundCertStoreTest, TestAsyncGetAndDeleteAll) { |
| 306 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 307 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 308 "verisign.com", |
| 309 CLIENT_CERT_RSA_SIGN, |
| 310 base::Time(), |
| 311 base::Time(), |
| 312 "a", "b")); |
| 313 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 314 "google.com", |
| 315 CLIENT_CERT_RSA_SIGN, |
| 316 base::Time(), |
| 317 base::Time(), |
| 318 "c", "d")); |
| 319 |
| 320 ServerBoundCertStore::ServerBoundCertList pre_certs; |
| 321 ServerBoundCertStore::ServerBoundCertList post_certs; |
| 322 int delete_finished = 0; |
| 323 DefaultServerBoundCertStore store(persistent_store.get()); |
| 324 |
| 325 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &pre_certs)); |
| 326 store.DeleteAll(base::Bind(&CallCounter, &delete_finished)); |
| 327 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &post_certs)); |
| 328 // Tasks have not run yet. |
| 329 EXPECT_EQ(0u, pre_certs.size()); |
| 330 // Wait for load & queued tasks. |
| 331 MessageLoop::current()->RunUntilIdle(); |
| 332 EXPECT_EQ(0, store.GetCertCount()); |
| 333 EXPECT_EQ(2u, pre_certs.size()); |
| 334 EXPECT_EQ(0u, post_certs.size()); |
| 335 } |
| 336 |
213 TEST(DefaultServerBoundCertStoreTest, TestDelete) { | 337 TEST(DefaultServerBoundCertStoreTest, TestDelete) { |
214 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 338 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
215 DefaultServerBoundCertStore store(persistent_store.get()); | 339 DefaultServerBoundCertStore store(persistent_store.get()); |
216 | 340 |
217 SSLClientCertType type; | 341 SSLClientCertType type; |
218 base::Time creation_time; | |
219 base::Time expiration_time; | 342 base::Time expiration_time; |
220 std::string private_key, cert; | 343 std::string private_key, cert; |
221 EXPECT_EQ(0, store.GetCertCount()); | 344 EXPECT_EQ(0, store.GetCertCount()); |
222 store.SetServerBoundCert( | 345 store.SetServerBoundCert( |
223 "verisign.com", | 346 "verisign.com", |
224 CLIENT_CERT_RSA_SIGN, | 347 CLIENT_CERT_RSA_SIGN, |
225 base::Time(), | 348 base::Time(), |
226 base::Time(), | 349 base::Time(), |
227 "a", "b"); | 350 "a", "b"); |
| 351 // Wait for load & queued set task. |
| 352 MessageLoop::current()->RunUntilIdle(); |
| 353 |
228 store.SetServerBoundCert( | 354 store.SetServerBoundCert( |
229 "google.com", | 355 "google.com", |
230 CLIENT_CERT_ECDSA_SIGN, | 356 CLIENT_CERT_ECDSA_SIGN, |
231 base::Time(), | 357 base::Time(), |
232 base::Time(), | 358 base::Time(), |
233 "c", "d"); | 359 "c", "d"); |
234 | 360 |
235 EXPECT_EQ(2, store.GetCertCount()); | 361 EXPECT_EQ(2, store.GetCertCount()); |
236 store.DeleteServerBoundCert("verisign.com"); | 362 int delete_finished = 0; |
| 363 store.DeleteServerBoundCert("verisign.com", |
| 364 base::Bind(&CallCounter, &delete_finished)); |
| 365 ASSERT_EQ(1, delete_finished); |
237 EXPECT_EQ(1, store.GetCertCount()); | 366 EXPECT_EQ(1, store.GetCertCount()); |
238 EXPECT_FALSE(store.GetServerBoundCert("verisign.com", | 367 EXPECT_TRUE(store.GetServerBoundCert("verisign.com", |
239 &type, | 368 &type, |
240 &creation_time, | 369 &expiration_time, |
241 &expiration_time, | 370 &private_key, |
242 &private_key, | 371 &cert, |
243 &cert)); | 372 base::Bind(&GetCertCallbackNotCalled))); |
| 373 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); |
244 EXPECT_TRUE(store.GetServerBoundCert("google.com", | 374 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
245 &type, | 375 &type, |
246 &creation_time, | |
247 &expiration_time, | 376 &expiration_time, |
248 &private_key, | 377 &private_key, |
249 &cert)); | 378 &cert, |
250 store.DeleteServerBoundCert("google.com"); | 379 base::Bind(&GetCertCallbackNotCalled))); |
| 380 EXPECT_EQ(CLIENT_CERT_ECDSA_SIGN, type); |
| 381 int delete2_finished = 0; |
| 382 store.DeleteServerBoundCert("google.com", |
| 383 base::Bind(&CallCounter, &delete2_finished)); |
| 384 ASSERT_EQ(1, delete2_finished); |
251 EXPECT_EQ(0, store.GetCertCount()); | 385 EXPECT_EQ(0, store.GetCertCount()); |
252 EXPECT_FALSE(store.GetServerBoundCert("google.com", | 386 EXPECT_TRUE(store.GetServerBoundCert("google.com", |
253 &type, | 387 &type, |
254 &creation_time, | 388 &expiration_time, |
255 &expiration_time, | 389 &private_key, |
256 &private_key, | 390 &cert, |
257 &cert)); | 391 base::Bind(&GetCertCallbackNotCalled))); |
| 392 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, type); |
| 393 } |
| 394 |
| 395 TEST(DefaultServerBoundCertStoreTest, TestAsyncDelete) { |
| 396 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 397 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 398 "a.com", |
| 399 CLIENT_CERT_RSA_SIGN, |
| 400 base::Time::FromInternalValue(1), |
| 401 base::Time::FromInternalValue(2), |
| 402 "a", "b")); |
| 403 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 404 "b.com", |
| 405 CLIENT_CERT_RSA_SIGN, |
| 406 base::Time::FromInternalValue(3), |
| 407 base::Time::FromInternalValue(4), |
| 408 "c", "d")); |
| 409 DefaultServerBoundCertStore store(persistent_store.get()); |
| 410 int delete_finished = 0; |
| 411 store.DeleteServerBoundCert("a.com", |
| 412 base::Bind(&CallCounter, &delete_finished)); |
| 413 |
| 414 AsyncGetCertHelper a_helper; |
| 415 AsyncGetCertHelper b_helper; |
| 416 SSLClientCertType type; |
| 417 base::Time expiration_time; |
| 418 std::string private_key; |
| 419 std::string cert = "not set"; |
| 420 EXPECT_EQ(0, store.GetCertCount()); |
| 421 EXPECT_FALSE(store.GetServerBoundCert( |
| 422 "a.com", &type, &expiration_time, &private_key, &cert, |
| 423 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&a_helper)))); |
| 424 EXPECT_FALSE(store.GetServerBoundCert( |
| 425 "b.com", &type, &expiration_time, &private_key, &cert, |
| 426 base::Bind(&AsyncGetCertHelper::Callback, base::Unretained(&b_helper)))); |
| 427 |
| 428 EXPECT_EQ(0, delete_finished); |
| 429 EXPECT_FALSE(a_helper.called_); |
| 430 EXPECT_FALSE(b_helper.called_); |
| 431 // Wait for load & queued tasks. |
| 432 MessageLoop::current()->RunUntilIdle(); |
| 433 EXPECT_EQ(1, delete_finished); |
| 434 EXPECT_EQ(1, store.GetCertCount()); |
| 435 EXPECT_EQ("not set", cert); |
| 436 EXPECT_TRUE(a_helper.called_); |
| 437 EXPECT_EQ("a.com", a_helper.server_identifier_); |
| 438 EXPECT_EQ(CLIENT_CERT_INVALID_TYPE, a_helper.type_); |
| 439 EXPECT_EQ(0, a_helper.expiration_time_.ToInternalValue()); |
| 440 EXPECT_EQ("", a_helper.private_key_); |
| 441 EXPECT_EQ("", a_helper.cert_); |
| 442 EXPECT_TRUE(b_helper.called_); |
| 443 EXPECT_EQ("b.com", b_helper.server_identifier_); |
| 444 EXPECT_EQ(CLIENT_CERT_RSA_SIGN, b_helper.type_); |
| 445 EXPECT_EQ(4, b_helper.expiration_time_.ToInternalValue()); |
| 446 EXPECT_EQ("c", b_helper.private_key_); |
| 447 EXPECT_EQ("d", b_helper.cert_); |
258 } | 448 } |
259 | 449 |
260 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { | 450 TEST(DefaultServerBoundCertStoreTest, TestGetAll) { |
261 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 451 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
262 DefaultServerBoundCertStore store(persistent_store.get()); | 452 DefaultServerBoundCertStore store(persistent_store.get()); |
263 | 453 |
264 EXPECT_EQ(0, store.GetCertCount()); | 454 EXPECT_EQ(0, store.GetCertCount()); |
265 store.SetServerBoundCert( | 455 store.SetServerBoundCert( |
266 "verisign.com", | 456 "verisign.com", |
267 CLIENT_CERT_RSA_SIGN, | 457 CLIENT_CERT_RSA_SIGN, |
(...skipping 11 matching lines...) Expand all Loading... |
279 CLIENT_CERT_RSA_SIGN, | 469 CLIENT_CERT_RSA_SIGN, |
280 base::Time(), | 470 base::Time(), |
281 base::Time(), | 471 base::Time(), |
282 "e", "f"); | 472 "e", "f"); |
283 store.SetServerBoundCert( | 473 store.SetServerBoundCert( |
284 "mit.com", | 474 "mit.com", |
285 CLIENT_CERT_RSA_SIGN, | 475 CLIENT_CERT_RSA_SIGN, |
286 base::Time(), | 476 base::Time(), |
287 base::Time(), | 477 base::Time(), |
288 "g", "h"); | 478 "g", "h"); |
| 479 // Wait for load & queued set tasks. |
| 480 MessageLoop::current()->RunUntilIdle(); |
289 | 481 |
290 EXPECT_EQ(4, store.GetCertCount()); | 482 EXPECT_EQ(4, store.GetCertCount()); |
291 ServerBoundCertStore::ServerBoundCertList certs; | 483 ServerBoundCertStore::ServerBoundCertList certs; |
292 store.GetAllServerBoundCerts(&certs); | 484 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
293 EXPECT_EQ(4u, certs.size()); | 485 EXPECT_EQ(4u, certs.size()); |
294 } | 486 } |
295 | 487 |
296 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { | 488 TEST(DefaultServerBoundCertStoreTest, TestInitializeFrom) { |
297 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); | 489 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
298 DefaultServerBoundCertStore store(persistent_store.get()); | 490 DefaultServerBoundCertStore store(persistent_store.get()); |
299 | 491 |
300 store.SetServerBoundCert( | 492 store.SetServerBoundCert( |
301 "preexisting.com", | 493 "preexisting.com", |
302 CLIENT_CERT_RSA_SIGN, | 494 CLIENT_CERT_RSA_SIGN, |
303 base::Time(), | 495 base::Time(), |
304 base::Time(), | 496 base::Time(), |
305 "a", "b"); | 497 "a", "b"); |
306 store.SetServerBoundCert( | 498 store.SetServerBoundCert( |
307 "both.com", | 499 "both.com", |
308 CLIENT_CERT_ECDSA_SIGN, | 500 CLIENT_CERT_ECDSA_SIGN, |
309 base::Time(), | 501 base::Time(), |
310 base::Time(), | 502 base::Time(), |
311 "c", "d"); | 503 "c", "d"); |
| 504 // Wait for load & queued set tasks. |
| 505 MessageLoop::current()->RunUntilIdle(); |
312 EXPECT_EQ(2, store.GetCertCount()); | 506 EXPECT_EQ(2, store.GetCertCount()); |
313 | 507 |
314 ServerBoundCertStore::ServerBoundCertList source_certs; | 508 ServerBoundCertStore::ServerBoundCertList source_certs; |
315 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 509 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
316 "both.com", | 510 "both.com", |
317 CLIENT_CERT_RSA_SIGN, | 511 CLIENT_CERT_RSA_SIGN, |
318 base::Time(), | 512 base::Time(), |
319 base::Time(), | 513 base::Time(), |
320 // Key differs from above to test that existing entries are overwritten. | 514 // Key differs from above to test that existing entries are overwritten. |
321 "e", "f")); | 515 "e", "f")); |
322 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( | 516 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
323 "copied.com", | 517 "copied.com", |
324 CLIENT_CERT_RSA_SIGN, | 518 CLIENT_CERT_RSA_SIGN, |
325 base::Time(), | 519 base::Time(), |
326 base::Time(), | 520 base::Time(), |
327 "g", "h")); | 521 "g", "h")); |
328 store.InitializeFrom(source_certs); | 522 store.InitializeFrom(source_certs); |
329 EXPECT_EQ(3, store.GetCertCount()); | 523 EXPECT_EQ(3, store.GetCertCount()); |
330 | 524 |
331 ServerBoundCertStore::ServerBoundCertList certs; | 525 ServerBoundCertStore::ServerBoundCertList certs; |
332 store.GetAllServerBoundCerts(&certs); | 526 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
333 ASSERT_EQ(3u, certs.size()); | 527 ASSERT_EQ(3u, certs.size()); |
334 | 528 |
335 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); | 529 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); |
| 530 EXPECT_EQ("both.com", cert->server_identifier()); |
| 531 EXPECT_EQ("e", cert->private_key()); |
| 532 |
| 533 ++cert; |
| 534 EXPECT_EQ("copied.com", cert->server_identifier()); |
| 535 EXPECT_EQ("g", cert->private_key()); |
| 536 |
| 537 ++cert; |
| 538 EXPECT_EQ("preexisting.com", cert->server_identifier()); |
| 539 EXPECT_EQ("a", cert->private_key()); |
| 540 } |
| 541 |
| 542 TEST(DefaultServerBoundCertStoreTest, TestAsyncInitializeFrom) { |
| 543 scoped_refptr<MockPersistentStore> persistent_store(new MockPersistentStore); |
| 544 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 545 "preexisting.com", |
| 546 CLIENT_CERT_RSA_SIGN, |
| 547 base::Time(), |
| 548 base::Time(), |
| 549 "a", "b")); |
| 550 persistent_store->AddServerBoundCert(ServerBoundCertStore::ServerBoundCert( |
| 551 "both.com", |
| 552 CLIENT_CERT_RSA_SIGN, |
| 553 base::Time(), |
| 554 base::Time(), |
| 555 "c", "d")); |
| 556 |
| 557 DefaultServerBoundCertStore store(persistent_store.get()); |
| 558 ServerBoundCertStore::ServerBoundCertList source_certs; |
| 559 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
| 560 "both.com", |
| 561 CLIENT_CERT_RSA_SIGN, |
| 562 base::Time(), |
| 563 base::Time(), |
| 564 // Key differs from above to test that existing entries are overwritten. |
| 565 "e", "f")); |
| 566 source_certs.push_back(ServerBoundCertStore::ServerBoundCert( |
| 567 "copied.com", |
| 568 CLIENT_CERT_RSA_SIGN, |
| 569 base::Time(), |
| 570 base::Time(), |
| 571 "g", "h")); |
| 572 store.InitializeFrom(source_certs); |
| 573 EXPECT_EQ(0, store.GetCertCount()); |
| 574 // Wait for load & queued tasks. |
| 575 MessageLoop::current()->RunUntilIdle(); |
| 576 EXPECT_EQ(3, store.GetCertCount()); |
| 577 |
| 578 ServerBoundCertStore::ServerBoundCertList certs; |
| 579 store.GetAllServerBoundCerts(base::Bind(GetAllCallback, &certs)); |
| 580 ASSERT_EQ(3u, certs.size()); |
| 581 |
| 582 ServerBoundCertStore::ServerBoundCertList::iterator cert = certs.begin(); |
336 EXPECT_EQ("both.com", cert->server_identifier()); | 583 EXPECT_EQ("both.com", cert->server_identifier()); |
337 EXPECT_EQ("e", cert->private_key()); | 584 EXPECT_EQ("e", cert->private_key()); |
338 | 585 |
339 ++cert; | 586 ++cert; |
340 EXPECT_EQ("copied.com", cert->server_identifier()); | 587 EXPECT_EQ("copied.com", cert->server_identifier()); |
341 EXPECT_EQ("g", cert->private_key()); | 588 EXPECT_EQ("g", cert->private_key()); |
342 | 589 |
343 ++cert; | 590 ++cert; |
344 EXPECT_EQ("preexisting.com", cert->server_identifier()); | 591 EXPECT_EQ("preexisting.com", cert->server_identifier()); |
345 EXPECT_EQ("a", cert->private_key()); | 592 EXPECT_EQ("a", cert->private_key()); |
346 } | 593 } |
347 | 594 |
348 } // namespace net | 595 } // namespace net |
OLD | NEW |