Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(45)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/security_state/security_state_model_unittest.cc

Issue 1727133002: Expose TLS settings in the Security panel overview, and call out individual obsolete settings. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Also check that connection_status is not zero, which is the case for 3 browser tests. Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/security_state/security_state_model.cc ('k') | net/ssl/ssl_cipher_suite_names.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/security_state/security_state_model.h" 5 #include "components/security_state/security_state_model.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include "components/security_state/security_state_model_client.h" 9 #include "components/security_state/security_state_model_client.h"
10 #include "net/cert/x509_certificate.h" 10 #include "net/cert/x509_certificate.h"
11 #include "net/ssl/ssl_cipher_suite_names.h"
11 #include "net/ssl/ssl_connection_status_flags.h" 12 #include "net/ssl/ssl_connection_status_flags.h"
12 #include "net/test/cert_test_util.h" 13 #include "net/test/cert_test_util.h"
13 #include "net/test/test_certificate_data.h" 14 #include "net/test/test_certificate_data.h"
14 #include "net/test/test_data_directory.h" 15 #include "net/test/test_data_directory.h"
15 #include "testing/gtest/include/gtest/gtest.h" 16 #include "testing/gtest/include/gtest/gtest.h"
16 17
17 namespace security_state { 18 namespace security_state {
18 19
19 namespace { 20 namespace {
20 21
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after
156 SecurityStateModel model; 157 SecurityStateModel model;
157 model.SetClient(&client); 158 model.SetClient(&client);
158 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from 159 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from
159 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4 160 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4
160 const uint16_t ciphersuite = 0xc02f; 161 const uint16_t ciphersuite = 0xc02f;
161 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_2 162 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_2
162 << net::SSL_CONNECTION_VERSION_SHIFT); 163 << net::SSL_CONNECTION_VERSION_SHIFT);
163 client.SetCipherSuite(ciphersuite); 164 client.SetCipherSuite(ciphersuite);
164 const SecurityStateModel::SecurityInfo& security_info = 165 const SecurityStateModel::SecurityInfo& security_info =
165 model.GetSecurityInfo(); 166 model.GetSecurityInfo();
166 EXPECT_TRUE(security_info.is_secure_protocol_and_ciphersuite); 167 EXPECT_EQ(net::OBSOLETE_SSL_NONE, security_info.obsolete_ssl_status);
167 } 168 }
168 169
169 TEST(SecurityStateModelTest, NonsecureProtocol) { 170 TEST(SecurityStateModelTest, NonsecureProtocol) {
170 TestSecurityStateModelClient client; 171 TestSecurityStateModelClient client;
171 SecurityStateModel model; 172 SecurityStateModel model;
172 model.SetClient(&client); 173 model.SetClient(&client);
173 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from 174 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from
174 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4 175 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4
175 const uint16_t ciphersuite = 0xc02f; 176 const uint16_t ciphersuite = 0xc02f;
176 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_1 177 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_1
177 << net::SSL_CONNECTION_VERSION_SHIFT); 178 << net::SSL_CONNECTION_VERSION_SHIFT);
178 client.SetCipherSuite(ciphersuite); 179 client.SetCipherSuite(ciphersuite);
179 const SecurityStateModel::SecurityInfo& security_info = 180 const SecurityStateModel::SecurityInfo& security_info =
180 model.GetSecurityInfo(); 181 model.GetSecurityInfo();
181 EXPECT_FALSE(security_info.is_secure_protocol_and_ciphersuite); 182 EXPECT_EQ(net::OBSOLETE_SSL_MASK_PROTOCOL, security_info.obsolete_ssl_status);
182 } 183 }
183 184
184 TEST(SecurityStateModelTest, NonsecureCiphersuite) { 185 TEST(SecurityStateModelTest, NonsecureCiphersuite) {
185 TestSecurityStateModelClient client; 186 TestSecurityStateModelClient client;
186 SecurityStateModel model; 187 SecurityStateModel model;
187 model.SetClient(&client); 188 model.SetClient(&client);
188 // TLS_RSA_WITH_AES_128_CCM_8 from 189 // TLS_RSA_WITH_AES_128_CCM_8 from
189 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4 190 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4
190 const uint16_t ciphersuite = 0xc0a0; 191 const uint16_t ciphersuite = 0xc0a0;
191 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_2 192 client.set_connection_status(net::SSL_CONNECTION_VERSION_TLS1_2
192 << net::SSL_CONNECTION_VERSION_SHIFT); 193 << net::SSL_CONNECTION_VERSION_SHIFT);
193 client.SetCipherSuite(ciphersuite); 194 client.SetCipherSuite(ciphersuite);
194 const SecurityStateModel::SecurityInfo& security_info = 195 const SecurityStateModel::SecurityInfo& security_info =
195 model.GetSecurityInfo(); 196 model.GetSecurityInfo();
196 EXPECT_FALSE(security_info.is_secure_protocol_and_ciphersuite); 197 EXPECT_EQ(net::OBSOLETE_SSL_MASK_KEY_EXCHANGE | net::OBSOLETE_SSL_MASK_CIPHER,
198 security_info.obsolete_ssl_status);
197 } 199 }
198 200
199 // Tests that the malware/phishing status is set, and it overrides valid HTTPS. 201 // Tests that the malware/phishing status is set, and it overrides valid HTTPS.
200 TEST(SecurityStateModelTest, MalwareOverride) { 202 TEST(SecurityStateModelTest, MalwareOverride) {
201 TestSecurityStateModelClient client; 203 TestSecurityStateModelClient client;
202 SecurityStateModel model; 204 SecurityStateModel model;
203 model.SetClient(&client); 205 model.SetClient(&client);
204 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from 206 // TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 from
205 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4 207 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-param eters-4
206 const uint16_t ciphersuite = 0xc02f; 208 const uint16_t ciphersuite = 0xc02f;
(...skipping 16 matching lines...) Expand all
223 client.set_fails_malware_check(true); 225 client.set_fails_malware_check(true);
224 const SecurityStateModel::SecurityInfo& security_info = 226 const SecurityStateModel::SecurityInfo& security_info =
225 model.GetSecurityInfo(); 227 model.GetSecurityInfo();
226 EXPECT_TRUE(security_info.fails_malware_check); 228 EXPECT_TRUE(security_info.fails_malware_check);
227 EXPECT_EQ(SecurityStateModel::SECURITY_ERROR, security_info.security_level); 229 EXPECT_EQ(SecurityStateModel::SECURITY_ERROR, security_info.security_level);
228 } 230 }
229 231
230 } // namespace 232 } // namespace
231 233
232 } // namespace security_state 234 } // namespace security_state
OLDNEW
« no previous file with comments | « components/security_state/security_state_model.cc ('k') | net/ssl/ssl_cipher_suite_names.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698