MCPcopy
hub / github.com/grpc/grpc-go / TestClientServerHandshake

Method TestClientServerHandshake

security/advancedtls/advancedtls_test.go:400–981  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

398}
399
400func (s) TestClientServerHandshake(t *testing.T) {
401 cs := &testutils.CertStore{}
402 if err := cs.LoadCerts(); err != nil {
403 t.Fatalf("cs.LoadCerts() failed, err: %v", err)
404 }
405 getRootCertificatesForClient := func(*ConnectionInfo) (*RootCertificates, error) {
406 return &RootCertificates{TrustCerts: cs.ClientTrust1}, nil
407 }
408
409 clientVerifyFuncGood := func(params *HandshakeVerificationInfo) (*PostHandshakeVerificationResults, error) {
410 if params.ServerName == "" {
411 return nil, errors.New("client side server name should have a value")
412 }
413 // "foo.bar.com" is the common name on server certificate server_cert_1.pem.
414 if len(params.VerifiedChains) > 0 && (params.Leaf == nil || params.Leaf.Subject.CommonName != "foo.bar.com") {
415 return nil, errors.New("client side params parsing error")
416 }
417
418 return &PostHandshakeVerificationResults{}, nil
419 }
420 verifyFuncBad := func(*HandshakeVerificationInfo) (*PostHandshakeVerificationResults, error) {
421 return nil, fmt.Errorf("custom verification function failed")
422 }
423 getRootCertificatesForServer := func(*ConnectionInfo) (*RootCertificates, error) {
424 return &RootCertificates{TrustCerts: cs.ServerTrust1}, nil
425 }
426 serverVerifyFunc := func(params *HandshakeVerificationInfo) (*PostHandshakeVerificationResults, error) {
427 if params.ServerName != "" {
428 return nil, errors.New("server side server name should not have a value")
429 }
430 // "foo.bar.hoo.com" is the common name on client certificate client_cert_1.pem.
431 if len(params.VerifiedChains) > 0 && (params.Leaf == nil || params.Leaf.Subject.CommonName != "foo.bar.hoo.com") {
432 return nil, errors.New("server side params parsing error")
433 }
434
435 return &PostHandshakeVerificationResults{}, nil
436 }
437 getRootCertificatesForServerBad := func(*ConnectionInfo) (*RootCertificates, error) {
438 return nil, fmt.Errorf("bad root certificate reloading")
439 }
440
441 getRootCertificatesForClientCRL := func(*ConnectionInfo) (*RootCertificates, error) {
442 return &RootCertificates{TrustCerts: cs.ClientTrust3}, nil
443 }
444
445 getRootCertificatesForServerCRL := func(*ConnectionInfo) (*RootCertificates, error) {
446 return &RootCertificates{TrustCerts: cs.ServerTrust3}, nil
447 }
448
449 makeStaticCRLRevocationOptions := func(crlPath string, denyUndetermined bool) *RevocationOptions {
450 rawCRL, err := os.ReadFile(crlPath)
451 if err != nil {
452 t.Fatalf("readFile(%v) failed err = %v", crlPath, err)
453 }
454 cRLProvider := NewStaticCRLProvider([][]byte{rawCRL})
455 return &RevocationOptions{
456 DenyUndetermined: denyUndetermined,
457 CRLProvider: cRLProvider,

Callers

nothing calls this directly

Calls 15

LoadCertsMethod · 0.95
PathFunction · 0.92
NewStaticCRLProviderFunction · 0.85
NewServerCredsFunction · 0.70
NewClientCredsFunction · 0.70
compareFunction · 0.70
FatalfMethod · 0.65
ErrorfMethod · 0.65
CloseMethod · 0.65
ServerHandshakeMethod · 0.65
StringMethod · 0.65
ClientHandshakeMethod · 0.65

Tested by

no test coverage detected