diff options
Diffstat (limited to 'chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc')
-rw-r--r-- | chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc | 98 |
1 files changed, 66 insertions, 32 deletions
diff --git a/chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc b/chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc index 7ea1c519dd3..243a5c535d5 100644 --- a/chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc +++ b/chromium/net/third_party/quiche/src/quic/qbone/qbone_session_test.cc @@ -17,6 +17,7 @@ #include "net/third_party/quiche/src/quic/qbone/qbone_control_placeholder.pb.h" #include "net/third_party/quiche/src/quic/qbone/qbone_packet_processor_test_tools.h" #include "net/third_party/quiche/src/quic/qbone/qbone_server_session.h" +#include "net/third_party/quiche/src/quic/test_tools/crypto_test_utils.h" #include "net/third_party/quiche/src/quic/test_tools/mock_clock.h" #include "net/third_party/quiche/src/quic/test_tools/quic_connection_peer.h" #include "net/third_party/quiche/src/quic/test_tools/quic_session_peer.h" @@ -59,60 +60,80 @@ ParsedQuicVersionVector GetTestParams() { return test_versions; } -// Used by QuicCryptoServerConfig to provide server credentials, returning a -// canned response equal to |success|. -class FakeProofSource : public ProofSource { +// Used by QuicCryptoServerConfig to provide server credentials, passes +// everything through to ProofSourceForTesting if success is true, +// and fails otherwise. +class IndirectionProofSource : public ProofSource { public: - explicit FakeProofSource(bool success) : success_(success) {} + explicit IndirectionProofSource(bool success) { + if (success) { + proof_source_ = crypto_test_utils::ProofSourceForTesting(); + } + } // ProofSource override. void GetProof(const QuicSocketAddress& server_address, + const QuicSocketAddress& client_address, const std::string& hostname, const std::string& server_config, QuicTransportVersion transport_version, quiche::QuicheStringPiece chlo_hash, std::unique_ptr<Callback> callback) override { - QuicReferenceCountedPointer<ProofSource::Chain> chain = - GetCertChain(server_address, hostname); - QuicCryptoProof proof; - if (success_) { - proof.signature = "Signature"; - proof.leaf_cert_scts = "Time"; + if (!proof_source_) { + QuicReferenceCountedPointer<ProofSource::Chain> chain = + GetCertChain(server_address, client_address, hostname); + QuicCryptoProof proof; + callback->Run(/*ok=*/false, chain, proof, /*details=*/nullptr); + return; } - callback->Run(success_, chain, proof, nullptr /* details */); + proof_source_->GetProof(server_address, client_address, hostname, + server_config, transport_version, chlo_hash, + std::move(callback)); } QuicReferenceCountedPointer<Chain> GetCertChain( const QuicSocketAddress& server_address, + const QuicSocketAddress& client_address, const std::string& hostname) override { - if (!success_) { + if (!proof_source_) { return QuicReferenceCountedPointer<Chain>(); } - std::vector<std::string> certs; - certs.push_back("Required to establish handshake"); - return QuicReferenceCountedPointer<ProofSource::Chain>( - new ProofSource::Chain(certs)); + return proof_source_->GetCertChain(server_address, client_address, + hostname); } void ComputeTlsSignature( const QuicSocketAddress& server_address, + const QuicSocketAddress& client_address, const std::string& hostname, uint16_t signature_algorithm, quiche::QuicheStringPiece in, std::unique_ptr<SignatureCallback> callback) override { - callback->Run(true, "Signature", /*details=*/nullptr); + if (!proof_source_) { + callback->Run(/*ok=*/true, "Signature", /*details=*/nullptr); + return; + } + proof_source_->ComputeTlsSignature(server_address, client_address, hostname, + signature_algorithm, in, + std::move(callback)); } + TicketCrypter* GetTicketCrypter() override { return nullptr; } + private: - // Whether or not obtaining proof source succeeds. - bool success_; + std::unique_ptr<ProofSource> proof_source_; }; -// Used by QuicCryptoClientConfig to verify server credentials, returning a -// canned response of QUIC_SUCCESS if |success| is true. -class FakeProofVerifier : public ProofVerifier { +// Used by QuicCryptoClientConfig to verify server credentials, passes +// everything through to ProofVerifierForTesting is success is true, +// otherwise returns a canned response of QUIC_FAILURE. +class IndirectionProofVerifier : public ProofVerifier { public: - explicit FakeProofVerifier(bool success) : success_(success) {} + explicit IndirectionProofVerifier(bool success) { + if (success) { + proof_verifier_ = crypto_test_utils::ProofVerifierForTesting(); + } + } // ProofVerifier override QuicAsyncStatus VerifyProof( @@ -128,11 +149,18 @@ class FakeProofVerifier : public ProofVerifier { std::string* error_details, std::unique_ptr<ProofVerifyDetails>* verify_details, std::unique_ptr<ProofVerifierCallback> callback) override { - return success_ ? QUIC_SUCCESS : QUIC_FAILURE; + if (!proof_verifier_) { + return QUIC_FAILURE; + } + return proof_verifier_->VerifyProof( + hostname, port, server_config, transport_version, chlo_hash, certs, + cert_sct, signature, context, error_details, verify_details, + std::move(callback)); } QuicAsyncStatus VerifyCertChain( const std::string& hostname, + const uint16_t port, const std::vector<std::string>& certs, const std::string& ocsp_response, const std::string& cert_sct, @@ -140,16 +168,23 @@ class FakeProofVerifier : public ProofVerifier { std::string* error_details, std::unique_ptr<ProofVerifyDetails>* details, std::unique_ptr<ProofVerifierCallback> callback) override { - return success_ ? QUIC_SUCCESS : QUIC_FAILURE; + if (!proof_verifier_) { + return QUIC_FAILURE; + } + return proof_verifier_->VerifyCertChain( + hostname, port, certs, ocsp_response, cert_sct, context, error_details, + details, std::move(callback)); } std::unique_ptr<ProofVerifyContext> CreateDefaultContext() override { - return nullptr; + if (!proof_verifier_) { + return nullptr; + } + return proof_verifier_->CreateDefaultContext(); } private: - // Whether or not proof verification succeeds. - bool success_; + std::unique_ptr<ProofVerifier> proof_verifier_; }; class DataSavingQbonePacketWriter : public QbonePacketWriter { @@ -289,7 +324,7 @@ class QboneSessionTest : public QuicTestWithParam<ParsedQuicVersion> { client_connection_->SetSelfAddress(client_address); QuicConfig config; client_crypto_config_ = std::make_unique<QuicCryptoClientConfig>( - std::make_unique<FakeProofVerifier>(client_handshake_success)); + std::make_unique<IndirectionProofVerifier>(client_handshake_success)); if (send_qbone_alpn) { client_crypto_config_->set_alpn("qbone"); } @@ -308,9 +343,8 @@ class QboneSessionTest : public QuicTestWithParam<ParsedQuicVersion> { server_connection_->SetSelfAddress(server_address); QuicConfig config; server_crypto_config_ = std::make_unique<QuicCryptoServerConfig>( - "TESTING", QuicRandom::GetInstance(), - std::unique_ptr<FakeProofSource>( - new FakeProofSource(server_handshake_success)), + QuicCryptoServerConfig::TESTING, QuicRandom::GetInstance(), + std::make_unique<IndirectionProofSource>(server_handshake_success), KeyExchangeSource::Default()); QuicCryptoServerConfig::ConfigOptions options; QuicServerConfigProtobuf primary_config = |