Index: net/http/transport_security_persister_unittest.cc |
diff --git a/net/http/transport_security_persister_unittest.cc b/net/http/transport_security_persister_unittest.cc |
index 2c9419e5cff600f0de2f1205d280444f552cea48..0e8e06688fbeddbc36cd6424e08948483910273e 100644 |
--- a/net/http/transport_security_persister_unittest.cc |
+++ b/net/http/transport_security_persister_unittest.cc |
@@ -84,6 +84,9 @@ TEST_F(TransportSecurityPersisterTest, SerializeData2) { |
} |
TEST_F(TransportSecurityPersisterTest, SerializeData3) { |
+ static const char kReportUri[] = "http://www.example.com/report"; |
+ std::string report_uri(kReportUri); |
+ |
// Add an entry. |
HashValue fp1(HASH_VALUE_SHA1); |
memset(fp1.data(), 0, fp1.size()); |
@@ -97,7 +100,7 @@ TEST_F(TransportSecurityPersisterTest, SerializeData3) { |
bool include_subdomains = false; |
state_.AddHSTS("www.example.com", expiry, include_subdomains); |
state_.AddHPKP("www.example.com", expiry, include_subdomains, |
- dynamic_spki_hashes); |
+ dynamic_spki_hashes, report_uri); |
// Add another entry. |
memset(fp1.data(), 2, fp1.size()); |
@@ -108,7 +111,7 @@ TEST_F(TransportSecurityPersisterTest, SerializeData3) { |
dynamic_spki_hashes.push_back(fp2); |
state_.AddHSTS("www.example.net", expiry, include_subdomains); |
state_.AddHPKP("www.example.net", expiry, include_subdomains, |
- dynamic_spki_hashes); |
+ dynamic_spki_hashes, report_uri); |
// Save a copy of everything. |
std::map<std::string, TransportSecurityState::DomainState> saved; |
@@ -164,6 +167,9 @@ TEST_F(TransportSecurityPersisterTest, SerializeDataOld) { |
} |
TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) { |
+ static const char kReportUri[] = "http://example.com/test"; |
+ std::string report_uri(kReportUri); |
+ |
TransportSecurityState::DomainState domain_state; |
static const char kTestDomain[] = "example.com"; |
EXPECT_FALSE(state_.GetDynamicDomainState(kTestDomain, &domain_state)); |
@@ -187,8 +193,48 @@ TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) { |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
bool include_subdomains = false; |
state_.AddHSTS(kTestDomain, expiry, include_subdomains); |
- state_.AddHPKP( |
- kTestDomain, expiry, include_subdomains, domain_state.pkp.spki_hashes); |
+ state_.AddHPKP(kTestDomain, expiry, include_subdomains, |
+ domain_state.pkp.spki_hashes, report_uri); |
+ std::string serialized; |
+ EXPECT_TRUE(persister_->SerializeData(&serialized)); |
+ bool dirty; |
+ EXPECT_TRUE(persister_->LoadEntries(serialized, &dirty)); |
+ |
+ TransportSecurityState::DomainState new_domain_state; |
+ EXPECT_TRUE(state_.GetDynamicDomainState(kTestDomain, &new_domain_state)); |
+ EXPECT_EQ(1u, new_domain_state.pkp.spki_hashes.size()); |
+ EXPECT_EQ(sha1.tag, new_domain_state.pkp.spki_hashes[0].tag); |
+ EXPECT_EQ(0, memcmp(new_domain_state.pkp.spki_hashes[0].data(), sha1.data(), |
+ sha1.size())); |
+} |
+ |
+TEST_F(TransportSecurityPersisterTest, PublicKeyPinReportUri) { |
+ TransportSecurityState::DomainState domain_state; |
+ static const char kTestDomain[] = "example.com"; |
+ static const char kTestReportUri[] = "http://example.com/report"; |
+ |
+ EXPECT_FALSE(state_.GetDynamicDomainState(kTestDomain, &domain_state)); |
+ HashValueVector hashes; |
+ std::string failure_log; |
+ EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
+ |
+ HashValue sha1(HASH_VALUE_SHA1); |
+ memset(sha1.data(), '1', sha1.size()); |
+ domain_state.pkp.spki_hashes.push_back(sha1); |
+ |
+ EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
+ |
+ hashes.push_back(sha1); |
+ EXPECT_TRUE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
+ |
+ hashes[0].data()[0] = '2'; |
+ EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
+ |
+ const base::Time current_time(base::Time::Now()); |
+ const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
+ bool include_subdomains = false; |
+ state_.AddHPKP(kTestDomain, expiry, include_subdomains, |
+ domain_state.pkp.spki_hashes, std::string(kTestReportUri)); |
std::string serialized; |
EXPECT_TRUE(persister_->SerializeData(&serialized)); |
bool dirty; |
@@ -202,6 +248,7 @@ TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) { |
memcmp(new_domain_state.pkp.spki_hashes[0].data(), |
sha1.data(), |
sha1.size())); |
+ EXPECT_EQ(kTestReportUri, new_domain_state.pkp.report_uri); |
} |
} // namespace |