Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(327)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state_unittest.cc

Issue 2016143002: Expose when PKP is bypassed in SSLInfo. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add test Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/transport_security_state.cc ('k') | net/socket/ssl_client_socket_impl.cc » ('j') | net/socket/ssl_client_socket_impl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/transport_security_state.h" 5 #include "net/http/transport_security_state.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 1255 matching lines...) Expand 10 before | Expand all | Expand 10 after
1266 1266
1267 EXPECT_TRUE(state.CheckPublicKeyPins( 1267 EXPECT_TRUE(state.CheckPublicKeyPins(
1268 host_port_pair, true, good_hashes, cert1.get(), cert2.get(), 1268 host_port_pair, true, good_hashes, cert1.get(), cert2.get(),
1269 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); 1269 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log));
1270 1270
1271 // No report should have been sent because there was no violation. 1271 // No report should have been sent because there was no violation.
1272 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); 1272 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri());
1273 EXPECT_EQ(std::string(), mock_report_sender.latest_report()); 1273 EXPECT_EQ(std::string(), mock_report_sender.latest_report());
1274 1274
1275 EXPECT_FALSE(state.CheckPublicKeyPins( 1275 EXPECT_FALSE(state.CheckPublicKeyPins(
1276 host_port_pair, false, bad_hashes, cert1.get(), cert2.get(),
1277 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log));
1278
1279 // No report should have been sent because the certificate chained to a
1280 // non-public root
1281 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri());
1282 EXPECT_EQ(std::string(), mock_report_sender.latest_report());
1283
1284 EXPECT_TRUE(state.CheckPublicKeyPins(
1285 host_port_pair, false, good_hashes, cert1.get(), cert2.get(),
1286 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log));
1287
1288 // No report should have been sent because there was no violation, even though
1289 // the certificate chained to a local trust anchor.
1290 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri());
1291 EXPECT_EQ(std::string(), mock_report_sender.latest_report());
1292
1293 EXPECT_FALSE(state.CheckPublicKeyPins(
1276 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), 1294 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(),
1277 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); 1295 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log));
1278 1296
1279 // Now a report should have been sent. Check that it contains the 1297 // Now a report should have been sent. Check that it contains the
1280 // right information. 1298 // right information.
1281 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); 1299 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri());
1282 std::string report = mock_report_sender.latest_report(); 1300 std::string report = mock_report_sender.latest_report();
1283 ASSERT_FALSE(report.empty()); 1301 ASSERT_FALSE(report.empty());
1284 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, true, kHost, 1302 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, true, kHost,
1285 cert1.get(), cert2.get(), 1303 cert1.get(), cert2.get(),
(...skipping 512 matching lines...) Expand 10 before | Expand all | Expand 10 after
1798 EXPECT_EQ(1u, reporter.num_failures()); 1816 EXPECT_EQ(1u, reporter.num_failures());
1799 EXPECT_TRUE(reporter.ssl_info().ct_compliance_details_available); 1817 EXPECT_TRUE(reporter.ssl_info().ct_compliance_details_available);
1800 EXPECT_EQ(ssl_info.ct_cert_policy_compliance, 1818 EXPECT_EQ(ssl_info.ct_cert_policy_compliance,
1801 reporter.ssl_info().ct_cert_policy_compliance); 1819 reporter.ssl_info().ct_cert_policy_compliance);
1802 EXPECT_EQ(host_port.host(), reporter.host_port_pair().host()); 1820 EXPECT_EQ(host_port.host(), reporter.host_port_pair().host());
1803 EXPECT_EQ(host_port.port(), reporter.host_port_pair().port()); 1821 EXPECT_EQ(host_port.port(), reporter.host_port_pair().port());
1804 EXPECT_EQ(GURL(kExpectCTStaticReportURI), reporter.report_uri()); 1822 EXPECT_EQ(GURL(kExpectCTStaticReportURI), reporter.report_uri());
1805 } 1823 }
1806 1824
1807 } // namespace net 1825 } // namespace net
OLDNEW
« no previous file with comments | « net/http/transport_security_state.cc ('k') | net/socket/ssl_client_socket_impl.cc » ('j') | net/socket/ssl_client_socket_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698