Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(19)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_unittest.cc

Issue 2066603004: Return enum from TransportSecurityState::CheckPublicKeyPins (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Set CERT_STATUS_PINNED_KEY_MISSING Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/socket/ssl_client_socket_impl.cc ('k') | net/spdy/spdy_session.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_client_socket.h" 5 #include "net/socket/ssl_client_socket.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <string.h> 8 #include <string.h>
9 9
10 #include <utility> 10 #include <utility>
(...skipping 3298 matching lines...) Expand 10 before | Expand all | Expand 10 after
3309 SSLConfig ssl_config; 3309 SSLConfig ssl_config;
3310 int rv; 3310 int rv;
3311 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv)); 3311 ASSERT_TRUE(CreateAndConnectSSLClientSocket(ssl_config, &rv));
3312 SSLInfo ssl_info; 3312 SSLInfo ssl_info;
3313 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); 3313 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info));
3314 3314
3315 EXPECT_EQ(OK, rv); 3315 EXPECT_EQ(OK, rv);
3316 EXPECT_TRUE(sock_->IsConnected()); 3316 EXPECT_TRUE(sock_->IsConnected());
3317 3317
3318 EXPECT_TRUE(ssl_info.pkp_bypassed); 3318 EXPECT_TRUE(ssl_info.pkp_bypassed);
3319 EXPECT_FALSE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING);
3319 } 3320 }
3320 3321
3321 TEST_F(SSLClientSocketTest, PKPEnforced) { 3322 TEST_F(SSLClientSocketTest, PKPEnforced) {
3322 SpawnedTestServer::SSLOptions ssl_options; 3323 SpawnedTestServer::SSLOptions ssl_options;
3323 ASSERT_TRUE(StartTestServer(ssl_options)); 3324 ASSERT_TRUE(StartTestServer(ssl_options));
3324 scoped_refptr<X509Certificate> server_cert = 3325 scoped_refptr<X509Certificate> server_cert =
3325 spawned_test_server()->GetCertificate(); 3326 spawned_test_server()->GetCertificate();
3326 3327
3327 // Certificate is trusted, but chains to a public root that doesn't match the 3328 // Certificate is trusted, but chains to a public root that doesn't match the
3328 // pin hashes. 3329 // pin hashes.
(...skipping 17 matching lines...) Expand all
3346 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info)); 3347 ASSERT_TRUE(sock_->GetSSLInfo(&ssl_info));
3347 3348
3348 EXPECT_EQ(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, rv); 3349 EXPECT_EQ(ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, rv);
3349 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING); 3350 EXPECT_TRUE(ssl_info.cert_status & CERT_STATUS_PINNED_KEY_MISSING);
3350 EXPECT_TRUE(sock_->IsConnected()); 3351 EXPECT_TRUE(sock_->IsConnected());
3351 3352
3352 EXPECT_FALSE(ssl_info.pkp_bypassed); 3353 EXPECT_FALSE(ssl_info.pkp_bypassed);
3353 } 3354 }
3354 3355
3355 } // namespace net 3356 } // namespace net
OLDNEW
« no previous file with comments | « net/socket/ssl_client_socket_impl.cc ('k') | net/spdy/spdy_session.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698