search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Roll src/third_party/WebKit d9c6159:8139f33 (svn 201974:201975)
[chromium-blink-merge.git] / net / quic / test_tools / crypto_test_utils_chromium.cc
blob6abc1c117f9b65f20e96b4a8a6617b3e03fcd3cc
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/test_tools/crypto_test_utils.h"
6
7 #include "base/memory/ref_counted.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "net/base/net_errors.h"
10 #include "net/base/test_data_directory.h"
11 #include "net/cert/cert_verifier.h"
12 #include "net/cert/mock_cert_verifier.h"
13 #include "net/cert/test_root_certs.h"
14 #include "net/cert/x509_certificate.h"
15 #include "net/http/transport_security_state.h"
16 #include "net/quic/crypto/proof_source_chromium.h"
17 #include "net/quic/crypto/proof_verifier_chromium.h"
18 #include "net/test/cert_test_util.h"
19
20 namespace net {
21
22 namespace test {
23
24 namespace {
25
26 class TestProofVerifierChromium : public ProofVerifierChromium {
27 public:
28 // TODO(rch): |transport_security_state| should be a scoped_ptr.
29 TestProofVerifierChromium(CertVerifier* cert_verifier,
30 TransportSecurityState* transport_security_state,
31 const std::string& cert_file)
32 : ProofVerifierChromium(cert_verifier, nullptr, transport_security_state),
33 cert_verifier_(cert_verifier),
34 transport_security_state_(transport_security_state) {
35 // Load and install the root for the validated chain.
36 scoped_refptr<X509Certificate> root_cert =
37 ImportCertFromFile(GetTestCertsDirectory(), cert_file);
38 scoped_root_.Reset(root_cert.get());
39 }
40 ~TestProofVerifierChromium() override {}
41
42 private:
43 ScopedTestRoot scoped_root_;
44 scoped_ptr<CertVerifier> cert_verifier_;
45 scoped_ptr<TransportSecurityState> transport_security_state_;
46 };
47
48 const char kLeafCert[] = "leaf";
49 const char kIntermediateCert[] = "intermediate";
50 const char kSignature[] = "signature";
51
52 class FakeProofSource : public ProofSource {
53 public:
54 FakeProofSource() : certs_(2) {
55 certs_[0] = kLeafCert;
56 certs_[1] = kIntermediateCert;
57 }
58 ~FakeProofSource() override {}
59
60 // ProofSource interface
61 bool GetProof(const IPAddressNumber& server_ip,
62 const std::string& hostname,
63 const std::string& server_config,
64 bool ecdsa_ok,
65 const std::vector<std::string>** out_certs,
66 std::string* out_signature) override {
67 *out_certs = &certs_;
68 *out_signature = kSignature;
69 return true;
70 }
71
72 private:
73 std::vector<std::string> certs_;
74 DISALLOW_COPY_AND_ASSIGN(FakeProofSource);
75 };
76
77 class FakeProofVerifier : public ProofVerifier {
78 public:
79 FakeProofVerifier() {}
80 ~FakeProofVerifier() override {}
81
82 // ProofVerifier interface
83 QuicAsyncStatus VerifyProof(const std::string& hostname,
84 const std::string& server_config,
85 const std::vector<std::string>& certs,
86 const std::string& signature,
87 const ProofVerifyContext* verify_context,
88 std::string* error_details,
89 scoped_ptr<ProofVerifyDetails>* verify_details,
90 ProofVerifierCallback* callback) override {
91 error_details->clear();
92 scoped_ptr<ProofVerifyDetailsChromium> verify_details_chromium(
93 new ProofVerifyDetailsChromium);
94 if (certs.size() != 2 || certs[0] != kLeafCert ||
95 certs[1] != kIntermediateCert || signature != kSignature) {
96 *error_details = "Invalid proof";
97 verify_details_chromium->cert_verify_result.cert_status =
98 CERT_STATUS_INVALID;
99 *verify_details = verify_details_chromium.Pass();
100 return QUIC_FAILURE;
101 }
102 *verify_details = verify_details_chromium.Pass();
103 return QUIC_SUCCESS;
104 }
105
106 private:
107 DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
108 };
109
110 } // namespace
111
112 // static
113 ProofSource* CryptoTestUtils::ProofSourceForTesting() {
114 ProofSourceChromium* source = new ProofSourceChromium();
115 base::FilePath certs_dir = GetTestCertsDirectory();
116 CHECK(source->Initialize(
117 certs_dir.AppendASCII("quic_chain.crt"),
118 certs_dir.AppendASCII("quic_test.example.com.key.pkcs8")));
119 return source;
120 }
121
122 // static
123 ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
124 // TODO(rch): use a real cert verifier?
125 MockCertVerifier* cert_verifier = new MockCertVerifier();
126 net::CertVerifyResult verify_result;
127 verify_result.verified_cert =
128 ImportCertFromFile(GetTestCertsDirectory(), "quic_test.example.com.crt");
129 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
130 "test.example.com", verify_result, OK);
131 verify_result.verified_cert = ImportCertFromFile(
132 GetTestCertsDirectory(), "quic_test_ecc.example.com.crt");
133 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
134 "test.example.com", verify_result, OK);
135 return new TestProofVerifierChromium(
136 cert_verifier, new TransportSecurityState, "quic_root.crt");
137 }
138
139 // static
140 ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
141 return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog());
142 }
143
144 // static
145 ProofSource* CryptoTestUtils::FakeProofSourceForTesting() {
146 return new FakeProofSource();
147 }
148
149 // static
150 ProofVerifier* CryptoTestUtils::FakeProofVerifierForTesting() {
151 return new FakeProofVerifier();
152 }
153
154 // static
155 ProofVerifyContext* CryptoTestUtils::FakeProofVerifyContextForTesting() {
156 return nullptr;
157 }
158
159 } // namespace test
160
161 } // namespace net