OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
6 | 6 |
| 7 #include "base/base64.h" |
7 #include "base/bind.h" | 8 #include "base/bind.h" |
8 #include "base/file_util.h" | 9 #include "base/file_util.h" |
9 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
10 #include "base/message_loop.h" | 11 #include "base/message_loop.h" |
11 #include "base/path_service.h" | 12 #include "base/path_service.h" |
12 #include "base/test/test_timeouts.h" | 13 #include "base/test/test_timeouts.h" |
13 #include "base/timer.h" | 14 #include "base/timer.h" |
14 #include "crypto/rsa_private_key.h" | 15 #include "crypto/rsa_private_key.h" |
15 #include "net/base/net_errors.h" | 16 #include "net/base/net_errors.h" |
16 #include "net/base/test_data_directory.h" | 17 #include "net/base/test_data_directory.h" |
| 18 #include "remoting/base/rsa_key_pair.h" |
17 #include "remoting/protocol/connection_tester.h" | 19 #include "remoting/protocol/connection_tester.h" |
18 #include "remoting/protocol/fake_session.h" | 20 #include "remoting/protocol/fake_session.h" |
19 #include "testing/gmock/include/gmock/gmock.h" | 21 #include "testing/gmock/include/gmock/gmock.h" |
20 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
21 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" | 23 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h" |
22 | 24 |
23 using testing::_; | 25 using testing::_; |
24 using testing::NotNull; | 26 using testing::NotNull; |
25 using testing::SaveArg; | 27 using testing::SaveArg; |
26 | 28 |
(...skipping 27 matching lines...) Expand all Loading... |
54 protected: | 56 protected: |
55 virtual void SetUp() OVERRIDE { | 57 virtual void SetUp() OVERRIDE { |
56 base::FilePath certs_dir(net::GetTestCertsDirectory()); | 58 base::FilePath certs_dir(net::GetTestCertsDirectory()); |
57 | 59 |
58 base::FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der"); | 60 base::FilePath cert_path = certs_dir.AppendASCII("unittest.selfsigned.der"); |
59 ASSERT_TRUE(file_util::ReadFileToString(cert_path, &host_cert_)); | 61 ASSERT_TRUE(file_util::ReadFileToString(cert_path, &host_cert_)); |
60 | 62 |
61 base::FilePath key_path = certs_dir.AppendASCII("unittest.key.bin"); | 63 base::FilePath key_path = certs_dir.AppendASCII("unittest.key.bin"); |
62 std::string key_string; | 64 std::string key_string; |
63 ASSERT_TRUE(file_util::ReadFileToString(key_path, &key_string)); | 65 ASSERT_TRUE(file_util::ReadFileToString(key_path, &key_string)); |
64 std::vector<uint8> key_vector( | 66 std::string key_base64; |
65 reinterpret_cast<const uint8*>(key_string.data()), | 67 base::Base64Encode(key_string, &key_base64); |
66 reinterpret_cast<const uint8*>(key_string.data() + | 68 key_pair_ = RsaKeyPair::FromString(key_base64); |
67 key_string.length())); | 69 ASSERT_TRUE(key_pair_); |
68 private_key_.reset( | |
69 crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_vector)); | |
70 } | 70 } |
71 | 71 |
72 void RunChannelAuth(bool expected_fail) { | 72 void RunChannelAuth(bool expected_fail) { |
73 client_fake_socket_.reset(new FakeSocket()); | 73 client_fake_socket_.reset(new FakeSocket()); |
74 host_fake_socket_.reset(new FakeSocket()); | 74 host_fake_socket_.reset(new FakeSocket()); |
75 client_fake_socket_->PairWith(host_fake_socket_.get()); | 75 client_fake_socket_->PairWith(host_fake_socket_.get()); |
76 | 76 |
77 client_auth_->SecureAndAuthenticate( | 77 client_auth_->SecureAndAuthenticate( |
78 client_fake_socket_.PassAs<net::StreamSocket>(), | 78 client_fake_socket_.PassAs<net::StreamSocket>(), |
79 base::Bind(&SslHmacChannelAuthenticatorTest::OnClientConnected, | 79 base::Bind(&SslHmacChannelAuthenticatorTest::OnClientConnected, |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
115 } | 115 } |
116 | 116 |
117 void OnClientConnected(net::Error error, | 117 void OnClientConnected(net::Error error, |
118 scoped_ptr<net::StreamSocket> socket) { | 118 scoped_ptr<net::StreamSocket> socket) { |
119 client_callback_.OnDone(error, socket.get()); | 119 client_callback_.OnDone(error, socket.get()); |
120 client_socket_ = socket.Pass(); | 120 client_socket_ = socket.Pass(); |
121 } | 121 } |
122 | 122 |
123 MessageLoop message_loop_; | 123 MessageLoop message_loop_; |
124 | 124 |
125 scoped_ptr<crypto::RSAPrivateKey> private_key_; | 125 scoped_refptr<RsaKeyPair> key_pair_; |
126 std::string host_cert_; | 126 std::string host_cert_; |
127 scoped_ptr<FakeSocket> client_fake_socket_; | 127 scoped_ptr<FakeSocket> client_fake_socket_; |
128 scoped_ptr<FakeSocket> host_fake_socket_; | 128 scoped_ptr<FakeSocket> host_fake_socket_; |
129 scoped_ptr<ChannelAuthenticator> client_auth_; | 129 scoped_ptr<ChannelAuthenticator> client_auth_; |
130 scoped_ptr<ChannelAuthenticator> host_auth_; | 130 scoped_ptr<ChannelAuthenticator> host_auth_; |
131 MockChannelDoneCallback client_callback_; | 131 MockChannelDoneCallback client_callback_; |
132 MockChannelDoneCallback host_callback_; | 132 MockChannelDoneCallback host_callback_; |
133 scoped_ptr<net::StreamSocket> client_socket_; | 133 scoped_ptr<net::StreamSocket> client_socket_; |
134 scoped_ptr<net::StreamSocket> host_socket_; | 134 scoped_ptr<net::StreamSocket> host_socket_; |
135 | 135 |
136 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticatorTest); | 136 DISALLOW_COPY_AND_ASSIGN(SslHmacChannelAuthenticatorTest); |
137 }; | 137 }; |
138 | 138 |
139 // Verify that a channel can be connected using a valid shared secret. | 139 // Verify that a channel can be connected using a valid shared secret. |
140 TEST_F(SslHmacChannelAuthenticatorTest, SuccessfulAuth) { | 140 TEST_F(SslHmacChannelAuthenticatorTest, SuccessfulAuth) { |
141 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( | 141 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( |
142 host_cert_, kTestSharedSecret); | 142 host_cert_, kTestSharedSecret); |
143 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( | 143 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( |
144 host_cert_, private_key_.get(), kTestSharedSecret); | 144 host_cert_, key_pair_, kTestSharedSecret); |
145 | 145 |
146 RunChannelAuth(false); | 146 RunChannelAuth(false); |
147 | 147 |
148 ASSERT_TRUE(client_socket_.get() != NULL); | 148 ASSERT_TRUE(client_socket_.get() != NULL); |
149 ASSERT_TRUE(host_socket_.get() != NULL); | 149 ASSERT_TRUE(host_socket_.get() != NULL); |
150 | 150 |
151 StreamConnectionTester tester(host_socket_.get(), client_socket_.get(), | 151 StreamConnectionTester tester(host_socket_.get(), client_socket_.get(), |
152 100, 2); | 152 100, 2); |
153 | 153 |
154 tester.Start(); | 154 tester.Start(); |
155 message_loop_.Run(); | 155 message_loop_.Run(); |
156 tester.CheckResults(); | 156 tester.CheckResults(); |
157 } | 157 } |
158 | 158 |
159 // Verify that channels cannot be using invalid shared secret. | 159 // Verify that channels cannot be using invalid shared secret. |
160 TEST_F(SslHmacChannelAuthenticatorTest, InvalidChannelSecret) { | 160 TEST_F(SslHmacChannelAuthenticatorTest, InvalidChannelSecret) { |
161 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( | 161 client_auth_ = SslHmacChannelAuthenticator::CreateForClient( |
162 host_cert_, kTestSharedSecretBad); | 162 host_cert_, kTestSharedSecretBad); |
163 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( | 163 host_auth_ = SslHmacChannelAuthenticator::CreateForHost( |
164 host_cert_, private_key_.get(), kTestSharedSecret); | 164 host_cert_, key_pair_, kTestSharedSecret); |
165 | 165 |
166 RunChannelAuth(true); | 166 RunChannelAuth(true); |
167 | 167 |
168 ASSERT_TRUE(host_socket_.get() == NULL); | 168 ASSERT_TRUE(host_socket_.get() == NULL); |
169 } | 169 } |
170 | 170 |
171 } // namespace protocol | 171 } // namespace protocol |
172 } // namespace remoting | 172 } // namespace remoting |
OLD | NEW |