net/ssl/client_cert_store_mac_unittest.cc

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/ssl/client_cert_store_mac.h"
   6
   7 #include "net/ssl/client_cert_store_unittest-inl.h"
   8
   9 namespace net {
  10
  11 class ClientCertStoreMacTestDelegate {
  12  public:
  13   bool SelectClientCerts(const CertificateList& input_certs,
  14                          const SSLCertRequestInfo& cert_request_info,
  15                          CertificateList* selected_certs) {
  16     return store_.SelectClientCertsForTesting(
  17         input_certs, cert_request_info, selected_certs);
  18   }
  19
  20  private:
  21   ClientCertStoreMac store_;
  22 };
  23
  24 INSTANTIATE_TYPED_TEST_CASE_P(Mac,
  25                               ClientCertStoreTest,
  26                               ClientCertStoreMacTestDelegate);
  27
  28 class ClientCertStoreMacTest : public ::testing::Test {
  29  protected:
  30   bool SelectClientCertsGivenPreferred(
  31       const scoped_refptr<X509Certificate>& preferred_cert,
  32       const CertificateList& regular_certs,
  33       const SSLCertRequestInfo& request,
  34       CertificateList* selected_certs) {
  35     return store_.SelectClientCertsGivenPreferredForTesting(
  36         preferred_cert, regular_certs, request, selected_certs);
  37   }
  38
  39  private:
  40   ClientCertStoreMac store_;
  41 };
  42
  43 // Verify that the preferred cert gets filtered out when it doesn't match the
  44 // server criteria.
  45 TEST_F(ClientCertStoreMacTest, FilterOutThePreferredCert) {
  46   scoped_refptr<X509Certificate> cert_1(
  47       ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
  48   ASSERT_TRUE(cert_1.get());
  49
  50   std::vector<std::string> authority_2(
  51       1, std::string(reinterpret_cast<const char*>(kAuthority2DN),
  52                      sizeof(kAuthority2DN)));
  53   EXPECT_FALSE(cert_1->IsIssuedByEncoded(authority_2));
  54
  55   std::vector<scoped_refptr<X509Certificate> > certs;
  56   scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
  57   request->cert_authorities = authority_2;
  58
  59   std::vector<scoped_refptr<X509Certificate> > selected_certs;
  60   bool rv = SelectClientCertsGivenPreferred(
  61       cert_1, certs, *request.get(), &selected_certs);
  62   EXPECT_TRUE(rv);
  63   EXPECT_EQ(0u, selected_certs.size());
  64 }
  65
  66 // Verify that the preferred cert takes the first position in the output list,
  67 // when it does not get filtered out.
  68 TEST_F(ClientCertStoreMacTest, PreferredCertGoesFirst) {
  69   scoped_refptr<X509Certificate> cert_1(
  70       ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem"));
  71   ASSERT_TRUE(cert_1.get());
  72   scoped_refptr<X509Certificate> cert_2(
  73       ImportCertFromFile(GetTestCertsDirectory(), "client_2.pem"));
  74   ASSERT_TRUE(cert_2.get());
  75
  76   std::vector<scoped_refptr<X509Certificate> > certs;
  77   certs.push_back(cert_2);
  78   scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo());
  79
  80   std::vector<scoped_refptr<X509Certificate> > selected_certs;
  81   bool rv = SelectClientCertsGivenPreferred(
  82       cert_1, certs, *request.get(), &selected_certs);
  83   EXPECT_TRUE(rv);
  84   ASSERT_EQ(2u, selected_certs.size());
  85   EXPECT_TRUE(selected_certs[0]->Equals(cert_1.get()));
  86   EXPECT_TRUE(selected_certs[1]->Equals(cert_2.get()));
  87 }
  88
  89 }  // namespace net