OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/client_cert_store_impl.h" | 5 #include "net/ssl/client_cert_store_impl.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/files/file_path.h" | 10 #include "base/files/file_path.h" |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
54 | 54 |
55 private: | 55 private: |
56 ClientCertStoreImpl store_; | 56 ClientCertStoreImpl store_; |
57 }; | 57 }; |
58 | 58 |
59 TEST_F(ClientCertStoreImplTest, EmptyQuery) { | 59 TEST_F(ClientCertStoreImplTest, EmptyQuery) { |
60 std::vector<scoped_refptr<X509Certificate> > certs; | 60 std::vector<scoped_refptr<X509Certificate> > certs; |
61 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); | 61 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); |
62 | 62 |
63 std::vector<scoped_refptr<X509Certificate> > selected_certs; | 63 std::vector<scoped_refptr<X509Certificate> > selected_certs; |
64 bool rv = SelectClientCerts(certs, *request, &selected_certs); | 64 bool rv = SelectClientCerts(certs, *request.get(), &selected_certs); |
65 EXPECT_TRUE(rv); | 65 EXPECT_TRUE(rv); |
66 EXPECT_EQ(0u, selected_certs.size()); | 66 EXPECT_EQ(0u, selected_certs.size()); |
67 } | 67 } |
68 | 68 |
69 // Verify that CertRequestInfo with empty |cert_authorities| matches all | 69 // Verify that CertRequestInfo with empty |cert_authorities| matches all |
70 // issuers, rather than no issuers. | 70 // issuers, rather than no issuers. |
71 TEST_F(ClientCertStoreImplTest, AllIssuersAllowed) { | 71 TEST_F(ClientCertStoreImplTest, AllIssuersAllowed) { |
72 scoped_refptr<X509Certificate> cert( | 72 scoped_refptr<X509Certificate> cert( |
73 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); | 73 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); |
74 ASSERT_TRUE(cert); | 74 ASSERT_TRUE(cert.get()); |
75 | 75 |
76 std::vector<scoped_refptr<X509Certificate> > certs; | 76 std::vector<scoped_refptr<X509Certificate> > certs; |
77 certs.push_back(cert); | 77 certs.push_back(cert); |
78 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); | 78 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); |
79 | 79 |
80 std::vector<scoped_refptr<X509Certificate> > selected_certs; | 80 std::vector<scoped_refptr<X509Certificate> > selected_certs; |
81 bool rv = SelectClientCerts(certs, *request, &selected_certs); | 81 bool rv = SelectClientCerts(certs, *request.get(), &selected_certs); |
82 EXPECT_TRUE(rv); | 82 EXPECT_TRUE(rv); |
83 ASSERT_EQ(1u, selected_certs.size()); | 83 ASSERT_EQ(1u, selected_certs.size()); |
84 EXPECT_TRUE(selected_certs[0]->Equals(cert)); | 84 EXPECT_TRUE(selected_certs[0]->Equals(cert.get())); |
85 } | 85 } |
86 | 86 |
87 // Verify that certificates are correctly filtered against CertRequestInfo with | 87 // Verify that certificates are correctly filtered against CertRequestInfo with |
88 // |cert_authorities| containing only |authority_1_DN|. | 88 // |cert_authorities| containing only |authority_1_DN|. |
89 TEST_F(ClientCertStoreImplTest, CertAuthorityFiltering) { | 89 TEST_F(ClientCertStoreImplTest, CertAuthorityFiltering) { |
90 scoped_refptr<X509Certificate> cert_1( | 90 scoped_refptr<X509Certificate> cert_1( |
91 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); | 91 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); |
92 ASSERT_TRUE(cert_1); | 92 ASSERT_TRUE(cert_1.get()); |
93 scoped_refptr<X509Certificate> cert_2( | 93 scoped_refptr<X509Certificate> cert_2( |
94 ImportCertFromFile(GetTestCertsDirectory(), "client_2.pem")); | 94 ImportCertFromFile(GetTestCertsDirectory(), "client_2.pem")); |
95 ASSERT_TRUE(cert_2); | 95 ASSERT_TRUE(cert_2.get()); |
96 | 96 |
97 std::vector<std::string> authority_1( | 97 std::vector<std::string> authority_1( |
98 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), | 98 1, std::string(reinterpret_cast<const char*>(kAuthority1DN), |
99 sizeof(kAuthority1DN))); | 99 sizeof(kAuthority1DN))); |
100 std::vector<std::string> authority_2( | 100 std::vector<std::string> authority_2( |
101 1, std::string(reinterpret_cast<const char*>(kAuthority2DN), | 101 1, std::string(reinterpret_cast<const char*>(kAuthority2DN), |
102 sizeof(kAuthority2DN))); | 102 sizeof(kAuthority2DN))); |
103 EXPECT_TRUE(cert_1->IsIssuedByEncoded(authority_1)); | 103 EXPECT_TRUE(cert_1->IsIssuedByEncoded(authority_1)); |
104 EXPECT_FALSE(cert_1->IsIssuedByEncoded(authority_2)); | 104 EXPECT_FALSE(cert_1->IsIssuedByEncoded(authority_2)); |
105 EXPECT_TRUE(cert_2->IsIssuedByEncoded(authority_2)); | 105 EXPECT_TRUE(cert_2->IsIssuedByEncoded(authority_2)); |
106 EXPECT_FALSE(cert_2->IsIssuedByEncoded(authority_1)); | 106 EXPECT_FALSE(cert_2->IsIssuedByEncoded(authority_1)); |
107 | 107 |
108 std::vector<scoped_refptr<X509Certificate> > certs; | 108 std::vector<scoped_refptr<X509Certificate> > certs; |
109 certs.push_back(cert_1); | 109 certs.push_back(cert_1); |
110 certs.push_back(cert_2); | 110 certs.push_back(cert_2); |
111 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); | 111 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); |
112 request->cert_authorities = authority_1; | 112 request->cert_authorities = authority_1; |
113 | 113 |
114 std::vector<scoped_refptr<X509Certificate> > selected_certs; | 114 std::vector<scoped_refptr<X509Certificate> > selected_certs; |
115 bool rv = SelectClientCerts(certs, *request, &selected_certs); | 115 bool rv = SelectClientCerts(certs, *request.get(), &selected_certs); |
116 EXPECT_TRUE(rv); | 116 EXPECT_TRUE(rv); |
117 ASSERT_EQ(1u, selected_certs.size()); | 117 ASSERT_EQ(1u, selected_certs.size()); |
118 EXPECT_TRUE(selected_certs[0]->Equals(cert_1)); | 118 EXPECT_TRUE(selected_certs[0]->Equals(cert_1.get())); |
119 } | 119 } |
120 | 120 |
121 #if defined(OS_MACOSX) && !defined(OS_IOS) | 121 #if defined(OS_MACOSX) && !defined(OS_IOS) |
122 // Verify that the preferred cert gets filtered out when it doesn't match the | 122 // Verify that the preferred cert gets filtered out when it doesn't match the |
123 // server criteria. | 123 // server criteria. |
124 TEST_F(ClientCertStoreImplTest, FilterOutThePreferredCert) { | 124 TEST_F(ClientCertStoreImplTest, FilterOutThePreferredCert) { |
125 scoped_refptr<X509Certificate> cert_1( | 125 scoped_refptr<X509Certificate> cert_1( |
126 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); | 126 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); |
127 ASSERT_TRUE(cert_1); | 127 ASSERT_TRUE(cert_1); |
128 | 128 |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
160 bool rv = | 160 bool rv = |
161 SelectClientCertsGivenPreferred(cert_1, certs, *request, &selected_certs); | 161 SelectClientCertsGivenPreferred(cert_1, certs, *request, &selected_certs); |
162 EXPECT_TRUE(rv); | 162 EXPECT_TRUE(rv); |
163 ASSERT_EQ(2u, selected_certs.size()); | 163 ASSERT_EQ(2u, selected_certs.size()); |
164 EXPECT_TRUE(selected_certs[0]->Equals(cert_1)); | 164 EXPECT_TRUE(selected_certs[0]->Equals(cert_1)); |
165 EXPECT_TRUE(selected_certs[1]->Equals(cert_2)); | 165 EXPECT_TRUE(selected_certs[1]->Equals(cert_2)); |
166 } | 166 } |
167 #endif | 167 #endif |
168 | 168 |
169 } // namespace net | 169 } // namespace net |
OLD | NEW |