Chromium Code Reviews Chromium Code Reviews
Issue 2225223002:
Certificate Transparency: Change CTVerifyResult to have a single list (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h" | 5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
| (...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 185 // from an Expect CT report. | 185 // from an Expect CT report. |
| 186 void CheckReportSCTs( | 186 void CheckReportSCTs( |
| 187 const net::SignedCertificateTimestampAndStatusList& expected_scts, | 187 const net::SignedCertificateTimestampAndStatusList& expected_scts, |
| 188 const base::ListValue& unknown_scts, | 188 const base::ListValue& unknown_scts, |
| 189 const base::ListValue& invalid_scts, | 189 const base::ListValue& invalid_scts, |
| 190 const base::ListValue& valid_scts) { | 190 const base::ListValue& valid_scts) { |
| 191 EXPECT_EQ( | 191 EXPECT_EQ( |
| 192 expected_scts.size(), | 192 expected_scts.size(), |
| 193 unknown_scts.GetSize() + invalid_scts.GetSize() + valid_scts.GetSize()); | 193 unknown_scts.GetSize() + invalid_scts.GetSize() + valid_scts.GetSize()); |
| 194 for (const auto& expected_sct : expected_scts) { | 194 for (const auto& expected_sct : expected_scts) { |
| 195 std::unique_ptr<base::ListValue> sct_list; | |
|
estark
2016/08/09 02:43:22
Hrmm, not sure I understand this change, could you
Eran Messeri
2016/08/09 08:14:21
The goal was to save repeated calls to:
ASSER
| |
| 195 switch (expected_sct.status) { | 196 switch (expected_sct.status) { |
| 196 case net::ct::SCT_STATUS_LOG_UNKNOWN: | 197 case net::ct::SCT_STATUS_LOG_UNKNOWN: |
| 197 ASSERT_NO_FATAL_FAILURE(FindSCTInReportList( | 198 sct_list.reset(unknown_scts.DeepCopy()); |
| 198 expected_sct.sct, net::ct::SCT_STATUS_LOG_UNKNOWN, unknown_scts)); | |
| 199 break; | 199 break; |
| 200 case net::ct::SCT_STATUS_INVALID: | 200 case net::ct::SCT_STATUS_INVALID: |
| 201 ASSERT_NO_FATAL_FAILURE(FindSCTInReportList( | 201 sct_list.reset(invalid_scts.DeepCopy()); |
| 202 expected_sct.sct, net::ct::SCT_STATUS_INVALID, invalid_scts)); | |
| 203 break; | 202 break; |
| 204 case net::ct::SCT_STATUS_OK: | 203 case net::ct::SCT_STATUS_OK: |
| 205 ASSERT_NO_FATAL_FAILURE(FindSCTInReportList( | 204 sct_list.reset(valid_scts.DeepCopy()); |
| 206 expected_sct.sct, net::ct::SCT_STATUS_OK, valid_scts)); | |
| 207 break; | 205 break; |
| 208 default: | 206 default: |
| 209 NOTREACHED(); | 207 NOTREACHED(); |
| 210 } | 208 } |
| 209 | |
| 210 ASSERT_NO_FATAL_FAILURE(FindSCTInReportList( | |
| 211 expected_sct.sct, expected_sct.status, *(sct_list.get()))); | |
| 211 } | 212 } |
| 212 } | 213 } |
| 213 | 214 |
| 214 // Checks that the |serialized_report| deserializes properly and | 215 // Checks that the |serialized_report| deserializes properly and |
| 215 // contains the correct information (hostname, port, served and | 216 // contains the correct information (hostname, port, served and |
| 216 // validated certificate chains, SCTs) for the given |host_port| and | 217 // validated certificate chains, SCTs) for the given |host_port| and |
| 217 // |ssl_info|. | 218 // |ssl_info|. |
| 218 void CheckExpectCTReport(const std::string& serialized_report, | 219 void CheckExpectCTReport(const std::string& serialized_report, |
| 219 const net::HostPortPair& host_port, | 220 const net::HostPortPair& host_port, |
| 220 const net::SSLInfo& ssl_info) { | 221 const net::SSLInfo& ssl_info) { |
| (...skipping 242 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 463 reporter.OnExpectCTFailed(host_port, report_uri, ssl_info); | 464 reporter.OnExpectCTFailed(host_port, report_uri, ssl_info); |
| 464 EXPECT_EQ(report_uri, sender->latest_report_uri()); | 465 EXPECT_EQ(report_uri, sender->latest_report_uri()); |
| 465 EXPECT_FALSE(sender->latest_serialized_report().empty()); | 466 EXPECT_FALSE(sender->latest_serialized_report().empty()); |
| 466 ASSERT_NO_FATAL_FAILURE(CheckExpectCTReport( | 467 ASSERT_NO_FATAL_FAILURE(CheckExpectCTReport( |
| 467 sender->latest_serialized_report(), host_port, ssl_info)); | 468 sender->latest_serialized_report(), host_port, ssl_info)); |
| 468 | 469 |
| 469 histograms.ExpectTotalCount(kFailureHistogramName, 0); | 470 histograms.ExpectTotalCount(kFailureHistogramName, 0); |
| 470 histograms.ExpectTotalCount(kSendHistogramName, 1); | 471 histograms.ExpectTotalCount(kSendHistogramName, 1); |
| 471 histograms.ExpectBucketCount(kSendHistogramName, true, 1); | 472 histograms.ExpectBucketCount(kSendHistogramName, true, 1); |
| 472 } | 473 } |
| OLD | NEW |
