net/quic/test_tools/crypto_test_utils_chromium.cc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "net/quic/test_tools/crypto_test_utils.h"

#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "net/base/test_data_directory.h"
#include "net/cert/cert_verifier.h"
#include "net/cert/test_root_certs.h"
#include "net/cert/x509_certificate.h"
#include "net/http/transport_security_state.h"
#include "net/quic/crypto/proof_source_chromium.h"
#include "net/quic/crypto/proof_verifier_chromium.h"
#include "net/test/cert_test_util.h"

namespace net {

namespace test {

namespace {

class TestProofVerifierChromium : public ProofVerifierChromium {
 public:
  TestProofVerifierChromium(CertVerifier* cert_verifier,
                            TransportSecurityState* transport_security_state,
                            const std::string& cert_file)
      : ProofVerifierChromium(cert_verifier, transport_security_state),
        cert_verifier_(cert_verifier),
        transport_security_state_(transport_security_state) {
    // Load and install the root for the validated chain.
    scoped_refptr<X509Certificate> root_cert =
        ImportCertFromFile(GetTestCertsDirectory(), cert_file);
    scoped_root_.Reset(root_cert.get());
  }
  ~TestProofVerifierChromium() override {}

 private:
  ScopedTestRoot scoped_root_;
  scoped_ptr<CertVerifier> cert_verifier_;
  scoped_ptr<TransportSecurityState> transport_security_state_;
};

const char kLeafCert[] = "leaf";
const char kIntermediateCert[] = "intermediate";
const char kSignature[] = "signature";

class FakeProofSource : public ProofSource {
 public:
  FakeProofSource() : certs_(2) {
    certs_[0] = kLeafCert;
    certs_[1] = kIntermediateCert;
  }
  ~FakeProofSource() override {}

  // ProofSource interface
  bool GetProof(const std::string& hostname,
                const std::string& server_config,
                bool ecdsa_ok,
                const std::vector<std::string>** out_certs,
                std::string* out_signature) override {
    *out_certs = &certs_;
    *out_signature = kSignature;
    return true;
  }

 private:
  std::vector<std::string> certs_;
  DISALLOW_COPY_AND_ASSIGN(FakeProofSource);
};

class FakeProofVerifier : public ProofVerifier {
 public:
  FakeProofVerifier() {}
  ~FakeProofVerifier() override {}

  // ProofVerifier interface
  QuicAsyncStatus VerifyProof(const std::string& hostname,
                              const std::string& server_config,
                              const std::vector<std::string>& certs,
                              const std::string& signature,
                              const ProofVerifyContext* verify_context,
                              std::string* error_details,
                              scoped_ptr<ProofVerifyDetails>* verify_details,
                              ProofVerifierCallback* callback) override {
    error_details->clear();
    scoped_ptr<ProofVerifyDetailsChromium> verify_details_chromium(
        new ProofVerifyDetailsChromium);
    if (certs.size() != 2 || certs[0] != kLeafCert ||
        certs[1] != kIntermediateCert || signature != kSignature) {
      *error_details = "Invalid proof";
      verify_details_chromium->cert_verify_result.cert_status =
          CERT_STATUS_INVALID;
      *verify_details = verify_details_chromium.Pass();
      return QUIC_FAILURE;
    }
    *verify_details = verify_details_chromium.Pass();
    return QUIC_SUCCESS;
  }

 private:
  DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
};

}  // namespace

// static
ProofSource* CryptoTestUtils::ProofSourceForTesting() {
  return new ProofSourceChromium();
}

// static
ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
  TestProofVerifierChromium* proof_verifier =
      new TestProofVerifierChromium(CertVerifier::CreateDefault(),
                                    new TransportSecurityState,
                                    "quic_root.crt");
  return proof_verifier;
}

// static
ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
  return new ProofVerifyContextChromium(BoundNetLog());
}

// static
ProofSource* CryptoTestUtils::FakeProofSourceForTesting() {
  return new FakeProofSource();
}

// static
ProofVerifier* CryptoTestUtils::FakeProofVerifierForTesting() {
  return new FakeProofVerifier();
}

// static
ProofVerifyContext* CryptoTestUtils::FakeProofVerifyContextForTesting() {
  return nullptr;
}

}  // namespace test

}  // namespace net