Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(876)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/url_request/url_request_unittest.cc

Issue 1781003003: Implement referred Token Bindings (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix nits; add unittest Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/ssl/token_binding_openssl.cc ('K') | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/url_request/url_request_unittest.cc
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index 68e999743c71f0d836f335f787e235ea462492f6..e00592418d21ef1a352bebc128066a37b9a840d5 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -3464,14 +3464,110 @@ TEST_F(TokenBindingURLRequestTest, TokenBindingTest) {
EXPECT_TRUE(base::Base64UrlDecode(
token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
&token_binding_message));
- base::StringPiece ec_point, signature;
- EXPECT_TRUE(
- ParseTokenBindingMessage(token_binding_message, &ec_point, &signature));
+ std::vector<TokenBinding> token_bindings;
+ ASSERT_TRUE(
+ ParseTokenBindingMessage(token_binding_message, &token_bindings));
+ ASSERT_EQ(1ull, token_bindings.size());
EXPECT_GT(d.bytes_received(), 0);
std::string ekm = d.data_received();
- EXPECT_TRUE(VerifyEKMSignature(ec_point, signature, ekm));
+ EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
+ EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
+ token_bindings[0].signature, ekm));
+ }
+}
+
+TEST_F(TokenBindingURLRequestTest, ForwardTokenBinding) {
+ SpawnedTestServer::SSLOptions ssl_options;
+ ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
+ SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
+ ssl_options,
+ base::FilePath(kTestFilePath));
+ ASSERT_TRUE(https_test_server.Start());
+
+ TestDelegate d;
+ {
+ GURL redirect_url =
+ https_test_server.GetURL("forward-tokbind?/tokbind-ekm");
+ scoped_ptr<URLRequest> r(
+ default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
+ r->Start();
+ EXPECT_TRUE(r->is_pending());
+
+ base::RunLoop().Run();
+
+ EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
+
+ HttpRequestHeaders headers;
+ std::string token_binding_header, token_binding_message;
+ EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
+ EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
+ &token_binding_header));
+ EXPECT_TRUE(base::Base64UrlDecode(
+ token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
+ &token_binding_message));
+ std::vector<TokenBinding> token_bindings;
+ ASSERT_TRUE(
+ ParseTokenBindingMessage(token_binding_message, &token_bindings));
+ ASSERT_EQ(2ull, token_bindings.size());
+
+ EXPECT_GT(d.bytes_received(), 0);
+ std::string ekm = d.data_received();
+
+ EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
+ EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
+ token_bindings[0].signature, ekm));
+ EXPECT_EQ(TB_TYPE_REFERRED, token_bindings[1].type);
+ EXPECT_TRUE(VerifyEKMSignature(token_bindings[1].ec_point,
+ token_bindings[1].signature, ekm));
+ }
+}
+
+TEST_F(TokenBindingURLRequestTest, DontForwardHeaderFromHttp) {
+ SpawnedTestServer http_server(SpawnedTestServer::TYPE_HTTP,
+ SpawnedTestServer::kLocalhost,
+ base::FilePath());
+ ASSERT_TRUE(http_server.Start());
+ SpawnedTestServer::SSLOptions ssl_options;
+ ssl_options.supported_token_binding_params.push_back(TB_PARAM_ECDSAP256);
+ SpawnedTestServer https_test_server(SpawnedTestServer::TYPE_HTTPS,
+ ssl_options,
+ base::FilePath(kTestFilePath));
+ ASSERT_TRUE(https_test_server.Start());
+
+ TestDelegate d;
+ {
+ GURL redirect_url = http_server.GetURL(
+ "forward-tokbind?" + https_test_server.GetURL("tokbind-ekm").spec());
+ scoped_ptr<URLRequest> r(
+ default_context_.CreateRequest(redirect_url, DEFAULT_PRIORITY, &d));
+ r->Start();
+ EXPECT_TRUE(r->is_pending());
+
+ base::RunLoop().Run();
+
+ EXPECT_EQ(URLRequestStatus::SUCCESS, r->status().status());
+
+ HttpRequestHeaders headers;
+ std::string token_binding_header, token_binding_message;
+ EXPECT_TRUE(r->GetFullRequestHeaders(&headers));
+ EXPECT_TRUE(headers.GetHeader(HttpRequestHeaders::kTokenBinding,
+ &token_binding_header));
+ EXPECT_TRUE(base::Base64UrlDecode(
+ token_binding_header, base::Base64UrlDecodePolicy::REQUIRE_PADDING,
+ &token_binding_message));
+ std::vector<TokenBinding> token_bindings;
+ ASSERT_TRUE(
+ ParseTokenBindingMessage(token_binding_message, &token_bindings));
+ ASSERT_EQ(1ull, token_bindings.size());
+
+ EXPECT_GT(d.bytes_received(), 0);
+ std::string ekm = d.data_received();
+
+ EXPECT_EQ(TB_TYPE_PROVIDED, token_bindings[0].type);
+ EXPECT_TRUE(VerifyEKMSignature(token_bindings[0].ec_point,
+ token_bindings[0].signature, ekm));
}
}
#endif // !defined(OS_IOS)
« net/ssl/token_binding_openssl.cc ('K') | « net/url_request/url_request_job.cc ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698