OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
11 #include "base/base64.h" | 11 #include "base/base64.h" |
12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
13 #include "base/json/json_reader.h" | 13 #include "base/json/json_reader.h" |
14 #include "base/rand_util.h" | 14 #include "base/rand_util.h" |
15 #include "base/sha1.h" | 15 #include "base/sha1.h" |
16 #include "base/strings/string_piece.h" | 16 #include "base/strings/string_piece.h" |
17 #include "base/test/histogram_tester.h" | 17 #include "base/test/histogram_tester.h" |
18 #include "base/values.h" | 18 #include "base/values.h" |
| 19 #include "crypto/openssl_util.h" |
19 #include "crypto/sha2.h" | 20 #include "crypto/sha2.h" |
20 #include "net/base/host_port_pair.h" | 21 #include "net/base/host_port_pair.h" |
21 #include "net/base/net_errors.h" | 22 #include "net/base/net_errors.h" |
22 #include "net/base/test_completion_callback.h" | 23 #include "net/base/test_completion_callback.h" |
23 #include "net/base/test_data_directory.h" | 24 #include "net/base/test_data_directory.h" |
24 #include "net/cert/asn1_util.h" | 25 #include "net/cert/asn1_util.h" |
25 #include "net/cert/cert_verifier.h" | 26 #include "net/cert/cert_verifier.h" |
26 #include "net/cert/cert_verify_result.h" | 27 #include "net/cert/cert_verify_result.h" |
27 #include "net/cert/ct_policy_status.h" | 28 #include "net/cert/ct_policy_status.h" |
28 #include "net/cert/test_root_certs.h" | 29 #include "net/cert/test_root_certs.h" |
29 #include "net/cert/x509_cert_types.h" | 30 #include "net/cert/x509_cert_types.h" |
30 #include "net/cert/x509_certificate.h" | 31 #include "net/cert/x509_certificate.h" |
31 #include "net/http/http_util.h" | 32 #include "net/http/http_util.h" |
32 #include "net/log/net_log.h" | 33 #include "net/log/net_log.h" |
33 #include "net/ssl/ssl_info.h" | 34 #include "net/ssl/ssl_info.h" |
34 #include "net/test/cert_test_util.h" | 35 #include "net/test/cert_test_util.h" |
35 #include "testing/gtest/include/gtest/gtest.h" | 36 #include "testing/gtest/include/gtest/gtest.h" |
36 | 37 |
37 #if defined(USE_OPENSSL) | |
38 #include "crypto/openssl_util.h" | |
39 #else | |
40 #include "crypto/nss_util.h" | |
41 #endif | |
42 | |
43 namespace net { | 38 namespace net { |
44 | 39 |
45 namespace { | 40 namespace { |
46 | 41 |
47 const char kHost[] = "example.test"; | 42 const char kHost[] = "example.test"; |
48 const char kSubdomain[] = "foo.example.test"; | 43 const char kSubdomain[] = "foo.example.test"; |
49 const uint16_t kPort = 443; | 44 const uint16_t kPort = 443; |
50 const char kReportUri[] = "http://report-example.test/test"; | 45 const char kReportUri[] = "http://report-example.test/test"; |
51 const char kExpectCTStaticHostname[] = "preloaded-expect-ct.badssl.com"; | 46 const char kExpectCTStaticHostname[] = "preloaded-expect-ct.badssl.com"; |
52 const char kExpectCTStaticReportURI[] = "https://report.badssl.com/expect-ct"; | 47 const char kExpectCTStaticReportURI[] = "https://report.badssl.com/expect-ct"; |
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
229 &report_validated_certificate_chain)); | 224 &report_validated_certificate_chain)); |
230 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( | 225 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( |
231 validated_certificate_chain, report_validated_certificate_chain)); | 226 validated_certificate_chain, report_validated_certificate_chain)); |
232 } | 227 } |
233 | 228 |
234 } // namespace | 229 } // namespace |
235 | 230 |
236 class TransportSecurityStateTest : public testing::Test { | 231 class TransportSecurityStateTest : public testing::Test { |
237 public: | 232 public: |
238 void SetUp() override { | 233 void SetUp() override { |
239 #if defined(USE_OPENSSL) | |
240 crypto::EnsureOpenSSLInit(); | 234 crypto::EnsureOpenSSLInit(); |
241 #else | |
242 crypto::EnsureNSSInit(); | |
243 #endif | |
244 } | 235 } |
245 | 236 |
246 static void DisableStaticPins(TransportSecurityState* state) { | 237 static void DisableStaticPins(TransportSecurityState* state) { |
247 state->enable_static_pins_ = false; | 238 state->enable_static_pins_ = false; |
248 } | 239 } |
249 | 240 |
250 static void EnableStaticPins(TransportSecurityState* state) { | 241 static void EnableStaticPins(TransportSecurityState* state) { |
251 state->enable_static_pins_ = true; | 242 state->enable_static_pins_ = true; |
252 } | 243 } |
253 | 244 |
(...skipping 1553 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1807 EXPECT_EQ(1u, reporter.num_failures()); | 1798 EXPECT_EQ(1u, reporter.num_failures()); |
1808 EXPECT_TRUE(reporter.ssl_info().ct_compliance_details_available); | 1799 EXPECT_TRUE(reporter.ssl_info().ct_compliance_details_available); |
1809 EXPECT_EQ(ssl_info.ct_cert_policy_compliance, | 1800 EXPECT_EQ(ssl_info.ct_cert_policy_compliance, |
1810 reporter.ssl_info().ct_cert_policy_compliance); | 1801 reporter.ssl_info().ct_cert_policy_compliance); |
1811 EXPECT_EQ(host_port.host(), reporter.host_port_pair().host()); | 1802 EXPECT_EQ(host_port.host(), reporter.host_port_pair().host()); |
1812 EXPECT_EQ(host_port.port(), reporter.host_port_pair().port()); | 1803 EXPECT_EQ(host_port.port(), reporter.host_port_pair().port()); |
1813 EXPECT_EQ(GURL(kExpectCTStaticReportURI), reporter.report_uri()); | 1804 EXPECT_EQ(GURL(kExpectCTStaticReportURI), reporter.report_uri()); |
1814 } | 1805 } |
1815 | 1806 |
1816 } // namespace net | 1807 } // namespace net |
OLD | NEW |