Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(385)

Side by Side Diff: net/base/transport_security_state_unittest.cc

Issue 6895039: Merge 82409 - Add command-line control of the HSTS preload list. (Closed) Base URL: svn://svn.chromium.org/chrome/branches/742/src/
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/transport_security_state.cc ('k') | net/net.gyp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/transport_security_state.h" 5 #include "net/base/transport_security_state.h"
6 #include "testing/gtest/include/gtest/gtest.h" 6 #include "testing/gtest/include/gtest/gtest.h"
7 7
8 namespace net { 8 namespace net {
9 9
10 class TransportSecurityStateTest : public testing::Test { 10 class TransportSecurityStateTest : public testing::Test {
(...skipping 188 matching lines...) Expand 10 before | Expand all | Expand 10 after
199 true)); 199 true));
200 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "com", true)); 200 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "com", true));
201 } 201 }
202 202
203 TEST_F(TransportSecurityStateTest, Serialise1) { 203 TEST_F(TransportSecurityStateTest, Serialise1) {
204 scoped_refptr<TransportSecurityState> state( 204 scoped_refptr<TransportSecurityState> state(
205 new TransportSecurityState); 205 new TransportSecurityState);
206 std::string output; 206 std::string output;
207 bool dirty; 207 bool dirty;
208 state->Serialise(&output); 208 state->Serialise(&output);
209 EXPECT_TRUE(state->Deserialise(output, &dirty)); 209 EXPECT_TRUE(state->LoadEntries(output, &dirty));
210 EXPECT_FALSE(dirty); 210 EXPECT_FALSE(dirty);
211 } 211 }
212 212
213 TEST_F(TransportSecurityStateTest, Serialise2) { 213 TEST_F(TransportSecurityStateTest, Serialise2) {
214 scoped_refptr<TransportSecurityState> state( 214 scoped_refptr<TransportSecurityState> state(
215 new TransportSecurityState); 215 new TransportSecurityState);
216 216
217 TransportSecurityState::DomainState domain_state; 217 TransportSecurityState::DomainState domain_state;
218 const base::Time current_time(base::Time::Now()); 218 const base::Time current_time(base::Time::Now());
219 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 219 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
220 220
221 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true)); 221 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true));
222 domain_state.mode = TransportSecurityState::DomainState::MODE_STRICT; 222 domain_state.mode = TransportSecurityState::DomainState::MODE_STRICT;
223 domain_state.expiry = expiry; 223 domain_state.expiry = expiry;
224 domain_state.include_subdomains = true; 224 domain_state.include_subdomains = true;
225 state->EnableHost("google.com", domain_state); 225 state->EnableHost("google.com", domain_state);
226 226
227 std::string output; 227 std::string output;
228 bool dirty; 228 bool dirty;
229 state->Serialise(&output); 229 state->Serialise(&output);
230 EXPECT_TRUE(state->Deserialise(output, &dirty)); 230 EXPECT_TRUE(state->LoadEntries(output, &dirty));
231 231
232 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "google.com", true)); 232 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "google.com", true));
233 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ; 233 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ;
234 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.google.com", true)); 234 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.google.com", true));
235 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ; 235 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ;
236 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, 236 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
237 "foo.bar.google.com", 237 "foo.bar.google.com",
238 true)); 238 true));
239 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ; 239 EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT) ;
240 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, 240 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
(...skipping 12 matching lines...) Expand all
253 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 253 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
254 254
255 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true)); 255 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true));
256 domain_state.mode = TransportSecurityState::DomainState::MODE_OPPORTUNISTIC; 256 domain_state.mode = TransportSecurityState::DomainState::MODE_OPPORTUNISTIC;
257 domain_state.expiry = expiry; 257 domain_state.expiry = expiry;
258 state->EnableHost("google.com", domain_state); 258 state->EnableHost("google.com", domain_state);
259 259
260 std::string output; 260 std::string output;
261 bool dirty; 261 bool dirty;
262 state->Serialise(&output); 262 state->Serialise(&output);
263 EXPECT_TRUE(state->Deserialise(output, &dirty)); 263 EXPECT_TRUE(state->LoadEntries(output, &dirty));
264 264
265 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "google.com", true)); 265 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "google.com", true));
266 EXPECT_EQ(domain_state.mode, 266 EXPECT_EQ(domain_state.mode,
267 TransportSecurityState::DomainState::MODE_OPPORTUNISTIC); 267 TransportSecurityState::DomainState::MODE_OPPORTUNISTIC);
268 } 268 }
269 269
270 TEST_F(TransportSecurityStateTest, DeleteSince) { 270 TEST_F(TransportSecurityStateTest, DeleteSince) {
271 scoped_refptr<TransportSecurityState> state( 271 scoped_refptr<TransportSecurityState> state(
272 new TransportSecurityState); 272 new TransportSecurityState);
273 273
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
311 // date. 311 // date.
312 std::string output = 312 std::string output =
313 "{ " 313 "{ "
314 "\"NiyD+3J1r6z1wjl2n1ALBu94Zj9OsEAMo0kCN8js0Uk=\": {" 314 "\"NiyD+3J1r6z1wjl2n1ALBu94Zj9OsEAMo0kCN8js0Uk=\": {"
315 "\"expiry\": 1266815027.983453, " 315 "\"expiry\": 1266815027.983453, "
316 "\"include_subdomains\": false, " 316 "\"include_subdomains\": false, "
317 "\"mode\": \"strict\" " 317 "\"mode\": \"strict\" "
318 "}" 318 "}"
319 "}"; 319 "}";
320 bool dirty; 320 bool dirty;
321 EXPECT_TRUE(state->Deserialise(output, &dirty)); 321 EXPECT_TRUE(state->LoadEntries(output, &dirty));
322 EXPECT_TRUE(dirty); 322 EXPECT_TRUE(dirty);
323 } 323 }
324 324
325 TEST_F(TransportSecurityStateTest, IsPreloaded) { 325 TEST_F(TransportSecurityStateTest, IsPreloaded) {
326 const std::string paypal = 326 const std::string paypal =
327 TransportSecurityState::CanonicalizeHost("paypal.com"); 327 TransportSecurityState::CanonicalizeHost("paypal.com");
328 const std::string www_paypal = 328 const std::string www_paypal =
329 TransportSecurityState::CanonicalizeHost("www.paypal.com"); 329 TransportSecurityState::CanonicalizeHost("www.paypal.com");
330 const std::string a_www_paypal = 330 const std::string a_www_paypal =
331 TransportSecurityState::CanonicalizeHost("a.www.paypal.com"); 331 TransportSecurityState::CanonicalizeHost("a.www.paypal.com");
332 const std::string abc_paypal = 332 const std::string abc_paypal =
333 TransportSecurityState::CanonicalizeHost("a.b.c.paypal.com"); 333 TransportSecurityState::CanonicalizeHost("a.b.c.paypal.com");
334 const std::string example = 334 const std::string example =
335 TransportSecurityState::CanonicalizeHost("example.com"); 335 TransportSecurityState::CanonicalizeHost("example.com");
336 const std::string aypal = 336 const std::string aypal =
337 TransportSecurityState::CanonicalizeHost("aypal.com"); 337 TransportSecurityState::CanonicalizeHost("aypal.com");
338 338
339 bool b; 339 TransportSecurityState::DomainState domain_state;
340 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(paypal, true, &b)); 340 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(
341 EXPECT_TRUE(TransportSecurityState::IsPreloadedSTS(www_paypal, true, &b)); 341 paypal, true, &domain_state));
342 EXPECT_FALSE(b); 342 EXPECT_TRUE(TransportSecurityState::IsPreloadedSTS(
343 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(a_www_paypal, true, &b)); 343 www_paypal, true, &domain_state));
344 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(abc_paypal, true, &b)); 344 EXPECT_FALSE(domain_state.include_subdomains);
345 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(example, true, &b)); 345 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(
346 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(aypal, true, &b)); 346 a_www_paypal, true, &domain_state));
347 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(
348 abc_paypal, true, &domain_state));
349 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(
350 example, true, &domain_state));
351 EXPECT_FALSE(TransportSecurityState::IsPreloadedSTS(
352 aypal, true, &domain_state));
347 } 353 }
348 354
349 TEST_F(TransportSecurityStateTest, Preloaded) { 355 TEST_F(TransportSecurityStateTest, Preloaded) {
350 scoped_refptr<TransportSecurityState> state( 356 scoped_refptr<TransportSecurityState> state(
351 new TransportSecurityState); 357 new TransportSecurityState);
352 TransportSecurityState::DomainState domain_state; 358 TransportSecurityState::DomainState domain_state;
353 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "paypal.com", true)); 359 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "paypal.com", true));
354 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.paypal.com", true)); 360 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.paypal.com", true));
355 EXPECT_EQ(domain_state.mode, 361 EXPECT_EQ(domain_state.mode,
356 TransportSecurityState::DomainState::MODE_STRICT); 362 TransportSecurityState::DomainState::MODE_STRICT);
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
454 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, 460 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
455 "appengine.google.com", 461 "appengine.google.com",
456 true)); 462 true));
457 463
458 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, 464 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
459 "www.paycheckrecords.com", 465 "www.paycheckrecords.com",
460 true)); 466 true));
461 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, 467 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
462 "market.android.com", 468 "market.android.com",
463 true)); 469 true));
470 // The domain wasn't being set, leading to a blank string in the
471 // chrome://net-internals/#hsts UI. So test that.
472 EXPECT_EQ(domain_state.domain, "market.android.com");
473 EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
474 "sub.market.android.com",
475 true));
476 EXPECT_EQ(domain_state.domain, "market.android.com");
464 477
465 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "lastpass.com", true)); 478 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "lastpass.com", true));
466 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.lastpass.com", true)); 479 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.lastpass.com", true));
467 EXPECT_FALSE(state->IsEnabledForHost(&domain_state, 480 EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
468 "blog.lastpass.com", 481 "blog.lastpass.com",
469 true)); 482 true));
470 483
471 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "keyerror.com", true)); 484 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "keyerror.com", true));
472 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.keyerror.com", true)); 485 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.keyerror.com", true));
473 486
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
526 hashes[0].data[0] = '2'; 539 hashes[0].data[0] = '2';
527 EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes)); 540 EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes));
528 541
529 const base::Time current_time(base::Time::Now()); 542 const base::Time current_time(base::Time::Now());
530 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 543 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
531 domain_state.expiry = expiry; 544 domain_state.expiry = expiry;
532 state->EnableHost("example.com", domain_state); 545 state->EnableHost("example.com", domain_state);
533 std::string ser; 546 std::string ser;
534 EXPECT_TRUE(state->Serialise(&ser)); 547 EXPECT_TRUE(state->Serialise(&ser));
535 bool dirty; 548 bool dirty;
536 EXPECT_TRUE(state->Deserialise(ser, &dirty)); 549 EXPECT_TRUE(state->LoadEntries(ser, &dirty));
537 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "example.com", false)); 550 EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "example.com", false));
538 EXPECT_EQ(1u, domain_state.public_key_hashes.size()); 551 EXPECT_EQ(1u, domain_state.public_key_hashes.size());
539 EXPECT_TRUE(0 == memcmp(domain_state.public_key_hashes[0].data, hash.data, 552 EXPECT_TRUE(0 == memcmp(domain_state.public_key_hashes[0].data, hash.data,
540 sizeof(hash.data))); 553 sizeof(hash.data)));
541 } 554 }
542 555
543 } // namespace net 556 } // namespace net
OLDNEW
« no previous file with comments | « net/base/transport_security_state.cc ('k') | net/net.gyp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698