صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
lj
/
TaxControlAppTest
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
درخت: 698dd023a1
شاخه‌ها تگ‌ها
TaxControlAp...
/
third-party
/
folly-2018.10.22.00
/
folly
/
io
/
async
/
test
/
SSLContextTest.cpp

SSLContextTest.cpp 4.2 KB
تاريخچه خام

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 
  1. /*
    2. 

  2.  * Copyright 2017-present Facebook, Inc.
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5.  * you may not use this file except in compliance with the License.
    6. 

  6.  * You may obtain a copy of the License at
    7. 

  7.  *
    8. 

  8.  *   http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9.  *
    10. 

  10.  * Unless required by applicable law or agreed to in writing, software
    11. 

  11.  * distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.  * See the License for the specific language governing permissions and
    14. 

  14.  * limitations under the License.
    15. 

  15.  */
    16. 

  16. 

  17. #include <folly/io/async/SSLContext.h>
    18. 

  18. #include <folly/FileUtil.h>
    19. 

  19. #include <folly/portability/GTest.h>
    20. 

  20. #include <folly/ssl/OpenSSLPtrTypes.h>
    21. 

  21. 

  22. using namespace std;
    23. 

  23. using namespace testing;
    24. 

  24. 

  25. namespace folly {
    26. 

  26. 

  27. class SSLContextTest : public testing::Test {
    28. 

  28.  public:
    29. 

  29.   SSLContext ctx;
    30. 

  30.   void verifySSLCipherList(const vector<string>& ciphers);
    31. 

  31. };
    32. 

  32. 

  33. void SSLContextTest::verifySSLCipherList(const vector<string>& ciphers) {
    34. 

  34.   int i = 0;
    35. 

  35.   ssl::SSLUniquePtr ssl(ctx.createSSL());
    36. 

  36.   for (auto& cipher : ciphers) {
    37. 

  37.     ASSERT_STREQ(cipher.c_str(), SSL_get_cipher_list(ssl.get(), i++));
    38. 

  38.   }
    39. 

  39.   ASSERT_EQ(nullptr, SSL_get_cipher_list(ssl.get(), i));
    40. 

  40. }
    41. 

  41. 

  42. TEST_F(SSLContextTest, TestSetCipherString) {
    43. 

  43.   ctx.ciphers("AES128-SHA:ECDHE-RSA-AES256-SHA384");
    44. 

  44.   verifySSLCipherList({"AES128-SHA", "ECDHE-RSA-AES256-SHA384"});
    45. 

  45. }
    46. 

  46. 

  47. TEST_F(SSLContextTest, TestSetCipherList) {
    48. 

  48.   const vector<string> ciphers = {"ECDHE-RSA-AES128-SHA", "AES256-SHA"};
    49. 

  49.   ctx.setCipherList(ciphers);
    50. 

  50.   verifySSLCipherList(ciphers);
    51. 

  51. }
    52. 

  52. 

  53. TEST_F(SSLContextTest, TestLoadCertKey) {
    54. 

  54.   std::string certData, keyData, anotherKeyData;
    55. 

  55.   const char* certPath = "folly/io/async/test/certs/tests-cert.pem";
    56. 

  56.   const char* keyPath = "folly/io/async/test/certs/tests-key.pem";
    57. 

  57.   const char* anotherKeyPath = "folly/io/async/test/certs/client_key.pem";
    58. 

  58.   folly::readFile(certPath, certData);
    59. 

  59.   folly::readFile(keyPath, keyData);
    60. 

  60.   folly::readFile(anotherKeyPath, anotherKeyData);
    61. 

  61. 

  62.   {
    63. 

  63.     SCOPED_TRACE("Valid cert/key pair from buffer");
    64. 

  64.     SSLContext tmpCtx;
    65. 

  65.     tmpCtx.loadCertificateFromBufferPEM(certData);
    66. 

  66.     tmpCtx.loadPrivateKeyFromBufferPEM(keyData);
    67. 

  67.     EXPECT_TRUE(tmpCtx.isCertKeyPairValid());
    68. 

  68.   }
    69. 

  69. 

  70.   {
    71. 

  71.     SCOPED_TRACE("Valid cert/key pair from files");
    72. 

  72.     SSLContext tmpCtx;
    73. 

  73.     tmpCtx.loadCertificate(certPath);
    74. 

  74.     tmpCtx.loadPrivateKey(keyPath);
    75. 

  75.     EXPECT_TRUE(tmpCtx.isCertKeyPairValid());
    76. 

  76.   }
    77. 

  77. 

  78.   {
    79. 

  79.     SCOPED_TRACE("Invalid cert/key pair from file. Load cert first");
    80. 

  80.     SSLContext tmpCtx;
    81. 

  81.     tmpCtx.loadCertificate(certPath);
    82. 

  82.     EXPECT_THROW(tmpCtx.loadPrivateKey(anotherKeyPath), std::runtime_error);
    83. 

  83.   }
    84. 

  84. 

  85.   {
    86. 

  86.     SCOPED_TRACE("Invalid cert/key pair from file. Load key first");
    87. 

  87.     SSLContext tmpCtx;
    88. 

  88.     tmpCtx.loadPrivateKey(anotherKeyPath);
    89. 

  89.     tmpCtx.loadCertificate(certPath);
    90. 

  90.     EXPECT_FALSE(tmpCtx.isCertKeyPairValid());
    91. 

  91.   }
    92. 

  92. 

  93.   {
    94. 

  94.     SCOPED_TRACE("Invalid key/cert pair from buf. Load cert first");
    95. 

  95.     SSLContext tmpCtx;
    96. 

  96.     tmpCtx.loadCertificateFromBufferPEM(certData);
    97. 

  97.     EXPECT_THROW(
    98. 

  98.         tmpCtx.loadPrivateKeyFromBufferPEM(anotherKeyData), std::runtime_error);
    99. 

  99.   }
    100. 

  100. 

  101.   {
    102. 

  102.     SCOPED_TRACE("Invalid key/cert pair from buf. Load key first");
    103. 

  103.     SSLContext tmpCtx;
    104. 

  104.     tmpCtx.loadPrivateKeyFromBufferPEM(anotherKeyData);
    105. 

  105.     tmpCtx.loadCertificateFromBufferPEM(certData);
    106. 

  106.     EXPECT_FALSE(tmpCtx.isCertKeyPairValid());
    107. 

  107.   }
    108. 

  108. 

  109.   {
    110. 

  110.     SCOPED_TRACE(
    111. 

  111.         "loadCertKeyPairFromBufferPEM() must throw when cert/key mismatch");
    112. 

  112.     SSLContext tmpCtx;
    113. 

  113.     EXPECT_THROW(
    114. 

  114.         tmpCtx.loadCertKeyPairFromBufferPEM(certData, anotherKeyData),
    115. 

  115.         std::runtime_error);
    116. 

  116.   }
    117. 

  117. 

  118.   {
    119. 

  119.     SCOPED_TRACE(
    120. 

  120.         "loadCertKeyPairFromBufferPEM() must succeed when cert/key match");
    121. 

  121.     SSLContext tmpCtx;
    122. 

  122.     tmpCtx.loadCertKeyPairFromBufferPEM(certData, keyData);
    123. 

  123.   }
    124. 

  124. 

  125.   {
    126. 

  126.     SCOPED_TRACE(
    127. 

  127.         "loadCertKeyPairFromFiles() must throw when cert/key mismatch");
    128. 

  128.     SSLContext tmpCtx;
    129. 

  129.     EXPECT_THROW(
    130. 

  130.         tmpCtx.loadCertKeyPairFromFiles(certPath, anotherKeyPath),
    131. 

  131.         std::runtime_error);
    132. 

  132.   }
    133. 

  133. 

  134.   {
    135. 

  135.     SCOPED_TRACE("loadCertKeyPairFromFiles() must succeed when cert/key match");
    136. 

  136.     SSLContext tmpCtx;
    137. 

  137.     tmpCtx.loadCertKeyPairFromFiles(certPath, keyPath);
    138. 

  138.   }
    139. 

  139. }
    140. 

  140. } // namespace folly
    141.