1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/ssl/client_cert_store_mac.h" 6 7 #include "net/ssl/client_cert_store_unittest-inl.h" 8 9 namespace net { 10 11 class ClientCertStoreMacTestDelegate { 12 public: 13 bool SelectClientCerts(const CertificateList& input_certs, 14 const SSLCertRequestInfo& cert_request_info, 15 CertificateList* selected_certs) { 16 return store_.SelectClientCertsForTesting( 17 input_certs, cert_request_info, selected_certs); 18 } 19 20 private: 21 ClientCertStoreMac store_; 22 }; 23 24 INSTANTIATE_TYPED_TEST_CASE_P(Mac, 25 ClientCertStoreTest, 26 ClientCertStoreMacTestDelegate); 27 28 class ClientCertStoreMacTest : public ::testing::Test { 29 protected: 30 bool SelectClientCertsGivenPreferred( 31 const scoped_refptr<X509Certificate>& preferred_cert, 32 const CertificateList& regular_certs, 33 const SSLCertRequestInfo& request, 34 CertificateList* selected_certs) { 35 return store_.SelectClientCertsGivenPreferredForTesting( 36 preferred_cert, regular_certs, request, selected_certs); 37 } 38 39 private: 40 ClientCertStoreMac store_; 41 }; 42 43 // Verify that the preferred cert gets filtered out when it doesn't match the 44 // server criteria. 45 TEST_F(ClientCertStoreMacTest, FilterOutThePreferredCert) { 46 scoped_refptr<X509Certificate> cert_1( 47 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); 48 ASSERT_TRUE(cert_1.get()); 49 50 std::vector<std::string> authority_2( 51 1, std::string(reinterpret_cast<const char*>(kAuthority2DN), 52 sizeof(kAuthority2DN))); 53 EXPECT_FALSE(cert_1->IsIssuedByEncoded(authority_2)); 54 55 std::vector<scoped_refptr<X509Certificate> > certs; 56 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); 57 request->cert_authorities = authority_2; 58 59 std::vector<scoped_refptr<X509Certificate> > selected_certs; 60 bool rv = SelectClientCertsGivenPreferred( 61 cert_1, certs, *request.get(), &selected_certs); 62 EXPECT_TRUE(rv); 63 EXPECT_EQ(0u, selected_certs.size()); 64 } 65 66 // Verify that the preferred cert takes the first position in the output list, 67 // when it does not get filtered out. 68 TEST_F(ClientCertStoreMacTest, PreferredCertGoesFirst) { 69 scoped_refptr<X509Certificate> cert_1( 70 ImportCertFromFile(GetTestCertsDirectory(), "client_1.pem")); 71 ASSERT_TRUE(cert_1.get()); 72 scoped_refptr<X509Certificate> cert_2( 73 ImportCertFromFile(GetTestCertsDirectory(), "client_2.pem")); 74 ASSERT_TRUE(cert_2.get()); 75 76 std::vector<scoped_refptr<X509Certificate> > certs; 77 certs.push_back(cert_2); 78 scoped_refptr<SSLCertRequestInfo> request(new SSLCertRequestInfo()); 79 80 std::vector<scoped_refptr<X509Certificate> > selected_certs; 81 bool rv = SelectClientCertsGivenPreferred( 82 cert_1, certs, *request.get(), &selected_certs); 83 EXPECT_TRUE(rv); 84 ASSERT_EQ(2u, selected_certs.size()); 85 EXPECT_TRUE(selected_certs[0]->Equals(cert_1.get())); 86 EXPECT_TRUE(selected_certs[1]->Equals(cert_2.get())); 87 } 88 89 } // namespace net 90
