1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "net/quic/test_tools/crypto_test_utils.h"
6
7#include "base/memory/ref_counted.h"
8#include "base/memory/scoped_ptr.h"
9#include "net/base/test_data_directory.h"
10#include "net/cert/cert_verifier.h"
11#include "net/cert/test_root_certs.h"
12#include "net/cert/x509_certificate.h"
13#include "net/http/transport_security_state.h"
14#include "net/quic/crypto/proof_source_chromium.h"
15#include "net/quic/crypto/proof_verifier_chromium.h"
16#include "net/test/cert_test_util.h"
17
18namespace net {
19
20namespace test {
21
22namespace {
23
24class TestProofVerifierChromium : public ProofVerifierChromium {
25 public:
26  TestProofVerifierChromium(CertVerifier* cert_verifier,
27                            TransportSecurityState* transport_security_state,
28                            const std::string& cert_file)
29      : ProofVerifierChromium(cert_verifier, transport_security_state),
30        cert_verifier_(cert_verifier),
31        transport_security_state_(transport_security_state) {
32    // Load and install the root for the validated chain.
33    scoped_refptr<X509Certificate> root_cert =
34        ImportCertFromFile(GetTestCertsDirectory(), cert_file);
35    scoped_root_.Reset(root_cert.get());
36  }
37  virtual ~TestProofVerifierChromium() {}
38
39 private:
40  ScopedTestRoot scoped_root_;
41  scoped_ptr<CertVerifier> cert_verifier_;
42  scoped_ptr<TransportSecurityState> transport_security_state_;
43};
44
45const char kLeafCert[] = "leaf";
46const char kIntermediateCert[] = "intermediate";
47const char kSignature[] = "signature";
48
49class FakeProofSource : public ProofSource {
50 public:
51  FakeProofSource() : certs_(2) {
52    certs_[0] = kLeafCert;
53    certs_[1] = kIntermediateCert;
54  }
55  virtual ~FakeProofSource() {}
56
57  // ProofSource interface
58  virtual bool GetProof(const std::string& hostname,
59                        const std::string& server_config,
60                        bool ecdsa_ok,
61                        const std::vector<std::string>** out_certs,
62                        std::string* out_signature) OVERRIDE {
63    *out_certs = &certs_;
64    *out_signature = kSignature;
65    return true;
66  }
67
68 private:
69  std::vector<std::string> certs_;
70  DISALLOW_COPY_AND_ASSIGN(FakeProofSource);
71};
72
73class FakeProofVerifier : public ProofVerifier {
74 public:
75  FakeProofVerifier() {}
76  virtual ~FakeProofVerifier() {}
77
78  // ProofVerifier interface
79  virtual QuicAsyncStatus VerifyProof(
80      const std::string& hostname,
81      const std::string& server_config,
82      const std::vector<std::string>& certs,
83      const std::string& signature,
84      const ProofVerifyContext* verify_context,
85      std::string* error_details,
86      scoped_ptr<ProofVerifyDetails>* verify_details,
87      ProofVerifierCallback* callback) OVERRIDE {
88    error_details->clear();
89    scoped_ptr<ProofVerifyDetailsChromium> verify_details_chromium(
90        new ProofVerifyDetailsChromium);
91    if (certs.size() != 2 || certs[0] != kLeafCert ||
92        certs[1] != kIntermediateCert || signature != kSignature) {
93      *error_details = "Invalid proof";
94      verify_details_chromium->cert_verify_result.cert_status =
95          CERT_STATUS_INVALID;
96      *verify_details = verify_details_chromium.Pass();
97      return QUIC_FAILURE;
98    }
99    *verify_details = verify_details_chromium.Pass();
100    return QUIC_SUCCESS;
101  }
102
103 private:
104  DISALLOW_COPY_AND_ASSIGN(FakeProofVerifier);
105};
106
107}  // namespace
108
109// static
110ProofSource* CryptoTestUtils::ProofSourceForTesting() {
111  return new ProofSourceChromium();
112}
113
114// static
115ProofVerifier* CryptoTestUtils::ProofVerifierForTesting() {
116  TestProofVerifierChromium* proof_verifier =
117      new TestProofVerifierChromium(CertVerifier::CreateDefault(),
118                                    new TransportSecurityState,
119                                    "quic_root.crt");
120  return proof_verifier;
121}
122
123// static
124ProofVerifyContext* CryptoTestUtils::ProofVerifyContextForTesting() {
125  return new ProofVerifyContextChromium(BoundNetLog());
126}
127
128// static
129ProofSource* CryptoTestUtils::FakeProofSourceForTesting() {
130  return new FakeProofSource();
131}
132
133// static
134ProofVerifier* CryptoTestUtils::FakeProofVerifierForTesting() {
135  return new FakeProofVerifier();
136}
137
138// static
139ProofVerifyContext* CryptoTestUtils::FakeProofVerifyContextForTesting() {
140  return NULL;
141}
142
143}  // namespace test
144
145}  // namespace net
146