search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Roll src/third_party/WebKit eac3800:0237a66 (svn 202606:202607)
[chromium-blink-merge.git] / net / quic / test_tools / crypto_test_utils_chromium.cc
blob366dd5e2dd01725f436b9931189dd7230c60b9ab
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/quic/test_tools/crypto_test_utils.h"
6
7 #include "base/memory/ref_counted.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "net/base/net_errors.h"
10 #include "net/base/test_data_directory.h"
11 #include "net/cert/cert_verifier.h"
12 #include "net/cert/mock_cert_verifier.h"
13 #include "net/cert/test_root_certs.h"
14 #include "net/cert/x509_certificate.h"
15 #include "net/http/transport_security_state.h"
16 #include "net/quic/crypto/proof_source_chromium.h"
17 #include "net/quic/crypto/proof_verifier_chromium.h"
18 #include "net/test/cert_test_util.h"
19
20 namespace net {
21
22 namespace test {
23
24 namespace {
25
26 class TestProofVerifierChromium : public ProofVerifierChromium {
27 public:
28 TestProofVerifierChromium(
29 scoped_ptr<CertVerifier> cert_verifier,
30 scoped_ptr<TransportSecurityState> transport_security_state,
31 const std::string& cert_file)
32 : ProofVerifierChromium(cert_verifier.get(),
33 nullptr,
34 transport_security_state.get()),
35 cert_verifier_(cert_verifier.Pass()),
36 transport_security_state_(transport_security_state.Pass()) {
37 // Load and install the root for the validated chain.
38 scoped_refptr<X509Certificate> root_cert =
39 ImportCertFromFile(GetTestCertsDirectory(), cert_file);
40 scoped_root_.Reset(root_cert.get());
41 }
42 ~TestProofVerifierChromium() override {}
43
44 private:
45 ScopedTestRoot scoped_root_;
46 scoped_ptr<CertVerifier> cert_verifier_;
47 scoped_ptr<TransportSecurityState> transport_security_state_;
48 };
49
50 const char kLeafCert[] = "leaf";
51 const char kIntermediateCert[] = "intermediate";
52 const char kSignature[] = "signature";
53
54 class FakeProofSource : public ProofSource {
55 public:
56 FakeProofSource() : certs_(2) {
57 certs_[0] = kLeafCert;
58 certs_[1] = kIntermediateCert;
59 }
60 ~FakeProofSource() override {}
61
62 // ProofSource interface
63 bool GetProof(const IPAddressNumber& server_ip,
64 const std::string& hostname,
65 const std::string& server_config,
66 bool ecdsa_ok,
67 const std::vector<std::string>** out_certs,
68 std::string* out_signature) override {
69 *out_certs = &certs_;
70 *out_signature = kSignature;
71 return true;
72 }
73
74 private:
75 std::vector<std::string> certs_;
76 DISALLOW_COPY_AND_ASSIGN(FakeProofSource);
77 };
78
79 class FakeProofVerifier : public ProofVerifier {
80 public:
81 FakeProofVerifier() {}
82 ~FakeProofVerifier() override {}
83
84 // ProofVerifier interface
85 QuicAsyncStatus VerifyProof(const std::string& hostname,
86 const std::string& server_config,
87 const std::vector<std::string>& certs,
88 const std::string& signature,
89 const ProofVerifyContext* verify_context,
90 std::string* error_details,
91 scoped_ptr<ProofVerifyDetails>* verify_details,
92 ProofVerifierCallback* callback) override {
93 error_details->clear();
94 scoped_ptr<ProofVerifyDetailsChromium> verify_details_chromium(
95 new ProofVerifyDetailsChromium);
96 if (certs.size() != 2 || certs[0] != kLeafCert ||
97 certs[1] != kIntermediateCert || signature != kSignature) {
98 *error_details = "Invalid proof";
99 verify_details_chromium->cert_verify_result.cert_status =
100 CERT_STATUS_INVALID;
101 *verify_details = verify_details_chromium.Pass();
102 return QUIC_FAILURE;
103 }
104 *verify_details = verify_details_chromium.Pass();
105 return QUIC_SUCCESS;
106 }
107
108 private:
109 DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
110 };
111
112 } // namespace
113
114 // static
115 ProofSource* CryptoTestUtils::ProofSourceForTesting() {
116 ProofSourceChromium* source = new ProofSourceChromium();
117 base::FilePath certs_dir = GetTestCertsDirectory();
118 CHECK(source->Initialize(
119 certs_dir.AppendASCII("quic_chain.crt"),
120 certs_dir.AppendASCII("quic_test.example.com.key.pkcs8")));
121 return source;
122 }
123
124 // static
125 ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
126 // TODO(rch): use a real cert verifier?
127 scoped_ptr<MockCertVerifier> cert_verifier(new MockCertVerifier());
128 net::CertVerifyResult verify_result;
129 verify_result.verified_cert =
130 ImportCertFromFile(GetTestCertsDirectory(), "quic_test.example.com.crt");
131 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
132 "test.example.com", verify_result, OK);
133 verify_result.verified_cert = ImportCertFromFile(
134 GetTestCertsDirectory(), "quic_test_ecc.example.com.crt");
135 cert_verifier->AddResultForCertAndHost(verify_result.verified_cert.get(),
136 "test.example.com", verify_result, OK);
137 return new TestProofVerifierChromium(
138 cert_verifier.Pass(), make_scoped_ptr(new TransportSecurityState),
139 "quic_root.crt");
140 }
141
142 // static
143 ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
144 return new ProofVerifyContextChromium(/*cert_verify_flags=*/0, BoundNetLog());
145 }
146
147 // static
148 ProofSource* CryptoTestUtils::FakeProofSourceForTesting() {
149 return new FakeProofSource();
150 }
151
152 // static
153 ProofVerifier* CryptoTestUtils::FakeProofVerifierForTesting() {
154 return new FakeProofVerifier();
155 }
156
157 // static
158 ProofVerifyContext* CryptoTestUtils::FakeProofVerifyContextForTesting() {
159 return nullptr;
160 }
161
162 } // namespace test
163
164 } // namespace net