Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(551)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/ssl_errors/error_classification_unittest.cc

Issue 1355413003: Move error classification into the ssl_errors component (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« components/ssl_errors/error_classification.h ('K') | « components/ssl_errors/error_classification.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/ssl_errors/error_classification_unittest.cc
diff --git a/components/ssl_errors/error_classification_unittest.cc b/components/ssl_errors/error_classification_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..86bdeed4035a999d44e756192f063ff07b730631
--- /dev/null
+++ b/components/ssl_errors/error_classification_unittest.cc
@@ -0,0 +1,146 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
estark 2015/09/23 22:42:19 nit: update copyright year
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "components/ssl_errors/error_classification.h"
+
+#include "base/files/file_path.h"
+#include "base/strings/string_split.h"
+#include "base/time/time.h"
+#include "net/base/net_errors.h"
+#include "net/base/test_data_directory.h"
+#include "net/cert/x509_cert_types.h"
+#include "net/cert/x509_certificate.h"
+#include "net/test/cert_test_util.h"
+#include "net/test/test_certificate_data.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "url/gurl.h"
+
+using base::Time;
+
+namespace ssl_errors {
+
+// Placeholder class to allow friending.
+class ErrorClassificationTest : public testing::Test {};
+
+TEST_F(ErrorClassificationTest, TestNameMismatch) {
+ scoped_refptr<net::X509Certificate> google_cert(
+ net::X509Certificate::CreateFromBytes(
+ reinterpret_cast<const char*>(google_der), sizeof(google_der)));
+ ASSERT_NE(static_cast<net::X509Certificate*>(NULL), google_cert.get());
+ base::Time time = base::Time::NowFromSystemTime();
+ std::vector<std::string> dns_names_google;
+ dns_names_google.push_back("www");
+ dns_names_google.push_back("google");
+ dns_names_google.push_back("com");
+ std::vector<std::vector<std::string>> dns_name_tokens_google;
+ dns_name_tokens_google.push_back(dns_names_google);
+ int cert_error = net::ERR_CERT_COMMON_NAME_INVALID;
+ {
+ GURL origin("https://google.com");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *google_cert);
+ EXPECT_TRUE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_FALSE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_google));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_google, host_name_tokens));
+ EXPECT_FALSE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
+ EXPECT_FALSE(ssl_error.IsCertLikelyFromMultiTenantHosting());
+ EXPECT_TRUE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+
+ {
+ GURL origin("https://foo.blah.google.com");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *google_cert);
+ EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_FALSE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_google));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_google, host_name_tokens));
+ EXPECT_TRUE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+
+ {
+ GURL origin("https://foo.www.google.com");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *google_cert);
+ EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_TRUE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_google));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_google, host_name_tokens));
+ EXPECT_TRUE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+
+ {
+ GURL origin("https://www.google.com.foo");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *google_cert);
+ EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_FALSE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_google));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_google, host_name_tokens));
+ EXPECT_FALSE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+
+ {
+ GURL origin("https://www.foogoogle.com.");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *google_cert);
+ EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_FALSE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_google));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_google, host_name_tokens));
+ EXPECT_FALSE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+
+ scoped_refptr<net::X509Certificate> webkit_cert(
+ net::X509Certificate::CreateFromBytes(
+ reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)));
+ ASSERT_NE(static_cast<net::X509Certificate*>(NULL), webkit_cert.get());
+ std::vector<std::string> dns_names_webkit;
+ dns_names_webkit.push_back("webkit");
+ dns_names_webkit.push_back("org");
+ std::vector<std::vector<std::string>> dns_name_tokens_webkit;
+ dns_name_tokens_webkit.push_back(dns_names_webkit);
+ {
+ GURL origin("https://a.b.webkit.org");
+ std::vector<std::string> host_name_tokens = base::SplitString(
+ origin.host(), ".", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ ErrorClassification ssl_error(time, origin, cert_error, *webkit_cert);
+ EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
+ EXPECT_FALSE(
+ ssl_error.NameUnderAnyNames(host_name_tokens, dns_name_tokens_webkit));
+ EXPECT_FALSE(
+ ssl_error.AnyNamesUnderName(dns_name_tokens_webkit, host_name_tokens));
+ EXPECT_TRUE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
+ EXPECT_FALSE(ssl_error.IsCertLikelyFromMultiTenantHosting());
+ EXPECT_TRUE(ssl_error.IsCertLikelyFromSameDomain());
+ }
+}
+
+TEST_F(ErrorClassificationTest, TestHostNameHasKnownTLD) {
+ EXPECT_TRUE(ErrorClassification::IsHostNameKnownTLD("www.google.com"));
+ EXPECT_TRUE(ErrorClassification::IsHostNameKnownTLD("b.appspot.com"));
+ EXPECT_FALSE(ErrorClassification::IsHostNameKnownTLD("a.private"));
+}
+
+TEST_F(ErrorClassificationTest, TestPrivateURL) {
+ EXPECT_FALSE(
+ ErrorClassification::IsHostnameNonUniqueOrDotless("www.foogoogle.com."));
+ EXPECT_TRUE(ErrorClassification::IsHostnameNonUniqueOrDotless("go"));
+ EXPECT_TRUE(
+ ErrorClassification::IsHostnameNonUniqueOrDotless("172.17.108.108"));
+ EXPECT_TRUE(ErrorClassification::IsHostnameNonUniqueOrDotless("foo.blah"));
+}
+
+} // namespace ssl_errors
« components/ssl_errors/error_classification.h ('K') | « components/ssl_errors/error_classification.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698