1 // Copyright 2017 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/ssl/client_cert_identity_test_util.h"
6
7 #include <memory>
8 #include <utility>
9
10 #include "base/files/file_path.h"
11 #include "base/files/file_util.h"
12 #include "net/ssl/openssl_private_key.h"
13 #include "net/ssl/ssl_private_key.h"
14 #include "net/ssl/test_ssl_private_key.h"
15 #include "net/test/cert_test_util.h"
16 #include "third_party/boringssl/src/include/openssl/bytestring.h"
17 #include "third_party/boringssl/src/include/openssl/evp.h"
18
19 namespace net {
20
FakeClientCertIdentity(scoped_refptr<X509Certificate> cert,scoped_refptr<SSLPrivateKey> key)21 FakeClientCertIdentity::FakeClientCertIdentity(
22 scoped_refptr<X509Certificate> cert,
23 scoped_refptr<SSLPrivateKey> key)
24 : ClientCertIdentity(std::move(cert)), key_(std::move(key)) {}
25
26 FakeClientCertIdentity::~FakeClientCertIdentity() = default;
27
28 // static
29 std::unique_ptr<FakeClientCertIdentity>
CreateFromCertAndKeyFiles(const base::FilePath & dir,const std::string & cert_filename,const std::string & key_filename)30 FakeClientCertIdentity::CreateFromCertAndKeyFiles(
31 const base::FilePath& dir,
32 const std::string& cert_filename,
33 const std::string& key_filename) {
34 scoped_refptr<X509Certificate> cert =
35 net::ImportCertFromFile(dir, cert_filename);
36 if (!cert)
37 return nullptr;
38
39 std::string pkcs8;
40 if (!base::ReadFileToString(dir.AppendASCII(key_filename), &pkcs8))
41 return nullptr;
42
43 CBS cbs;
44 CBS_init(&cbs, reinterpret_cast<const uint8_t*>(pkcs8.data()), pkcs8.size());
45 bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
46 if (!pkey || CBS_len(&cbs) != 0)
47 return nullptr;
48
49 scoped_refptr<SSLPrivateKey> ssl_private_key =
50 WrapOpenSSLPrivateKey(std::move(pkey));
51 if (!ssl_private_key)
52 return nullptr;
53
54 return std::make_unique<FakeClientCertIdentity>(cert, ssl_private_key);
55 }
56
57 // static
58 std::unique_ptr<FakeClientCertIdentity>
CreateFromCertAndFailSigning(const base::FilePath & dir,const std::string & cert_filename)59 FakeClientCertIdentity::CreateFromCertAndFailSigning(
60 const base::FilePath& dir,
61 const std::string& cert_filename) {
62 scoped_refptr<X509Certificate> cert =
63 net::ImportCertFromFile(dir, cert_filename);
64 if (!cert)
65 return nullptr;
66
67 return std::make_unique<FakeClientCertIdentity>(
68 cert, CreateFailSigningSSLPrivateKey());
69 }
70
Copy()71 std::unique_ptr<FakeClientCertIdentity> FakeClientCertIdentity::Copy() {
72 return std::make_unique<FakeClientCertIdentity>(certificate(), key_);
73 }
74
AcquirePrivateKey(base::OnceCallback<void (scoped_refptr<SSLPrivateKey>)> private_key_callback)75 void FakeClientCertIdentity::AcquirePrivateKey(
76 base::OnceCallback<void(scoped_refptr<SSLPrivateKey>)>
77 private_key_callback) {
78 std::move(private_key_callback).Run(key_);
79 }
80
FakeClientCertIdentityListFromCertificateList(const CertificateList & certs)81 ClientCertIdentityList FakeClientCertIdentityListFromCertificateList(
82 const CertificateList& certs) {
83 ClientCertIdentityList result;
84 for (const auto& cert : certs) {
85 result.push_back(std::make_unique<FakeClientCertIdentity>(cert, nullptr));
86 }
87 return result;
88 }
89
90 } // namespace net
91