| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "content/common/ssl_status_serialization.h" | |
| 6 | |
| 7 #include "net/ssl/ssl_connection_status_flags.h" | |
| 8 #include "testing/gtest/include/gtest/gtest.h" | |
| 9 | |
| 10 namespace content { | |
| 11 | |
| 12 namespace { | |
| 13 | |
| 14 void SetTestStatus(SSLStatus* status) { | |
| 15 status->security_style = SECURITY_STYLE_AUTHENTICATED; | |
| 16 status->cert_id = 1; | |
| 17 status->cert_status = net::CERT_STATUS_DATE_INVALID; | |
| 18 status->security_bits = 80; | |
| 19 status->key_exchange_info = 23; | |
| 20 status->connection_status = net::SSL_CONNECTION_VERSION_TLS1_2; | |
| 21 status->sct_statuses.push_back(net::ct::SCT_STATUS_OK); | |
| 22 } | |
| 23 | |
| 24 bool SSLStatusAreEqual(const SSLStatus& a, const SSLStatus &b) { | |
| 25 return a.Equals(b); | |
| 26 } | |
| 27 | |
| 28 } // namespace | |
| 29 | |
| 30 std::ostream& operator<<(std::ostream& os, const SSLStatus& status) { | |
| 31 return os << "Security Style: " << status.security_style | |
| 32 << "\nCert ID: " << status.cert_id | |
| 33 << "\nCert Status: " << status.cert_status | |
| 34 << "\nSecurity bits: " << status.security_bits | |
| 35 << "\nKey exchange info: " << status.key_exchange_info | |
| 36 << "\nConnection status: " << status.connection_status | |
| 37 << "\nContent Status: " << status.content_status | |
| 38 << "\nNumber of SCTs: " << status.sct_statuses.size(); | |
| 39 } | |
| 40 | |
| 41 // Test that a valid serialized SSLStatus returns true on | |
| 42 // deserialization and deserializes correctly. | |
| 43 TEST(SSLStatusSerializationTest, DeserializeSerializedStatus) { | |
| 44 // Serialize dummy data and test that it deserializes properly. | |
| 45 SSLStatus status; | |
| 46 SetTestStatus(&status); | |
| 47 std::string serialized = SerializeSecurityInfo(status); | |
| 48 | |
| 49 SSLStatus deserialized; | |
| 50 ASSERT_TRUE(DeserializeSecurityInfo(serialized, &deserialized)); | |
| 51 EXPECT_PRED2(SSLStatusAreEqual, status, deserialized); | |
| 52 // Test that |content_status| has the default (initialized) value. | |
| 53 EXPECT_EQ(SSLStatus::NORMAL_CONTENT, deserialized.content_status); | |
| 54 } | |
| 55 | |
| 56 // Test that an invalid serialized SSLStatus returns false on | |
| 57 // deserialization. | |
| 58 TEST(SSLStatusSerializationTest, DeserializeBogusStatus) { | |
| 59 // Test that a failure to deserialize returns false and returns | |
| 60 // initialized, default data. | |
| 61 SSLStatus invalid_deserialized; | |
| 62 ASSERT_FALSE( | |
| 63 DeserializeSecurityInfo("not an SSLStatus", &invalid_deserialized)); | |
| 64 EXPECT_PRED2(SSLStatusAreEqual, SSLStatus(), invalid_deserialized); | |
| 65 } | |
| 66 | |
| 67 // Serialize a status with a bad |security_bits| value and test that | |
| 68 // deserializing it fails. | |
| 69 TEST(SSLStatusSerializationTest, DeserializeBogusSecurityBits) { | |
| 70 SSLStatus status; | |
| 71 SetTestStatus(&status); | |
| 72 // |security_bits| must be <-1. (-1 means the strength is unknown, and | |
| 73 // |0 means the connection is not encrypted). | |
| 74 status.security_bits = -5; | |
| 75 std::string serialized = SerializeSecurityInfo(status); | |
| 76 | |
| 77 SSLStatus invalid_deserialized; | |
| 78 ASSERT_FALSE(DeserializeSecurityInfo(serialized, &invalid_deserialized)); | |
| 79 EXPECT_PRED2(SSLStatusAreEqual, SSLStatus(), invalid_deserialized); | |
| 80 } | |
| 81 | |
| 82 // Serialize a status with a bad |key_exchange_info| value and test that | |
| 83 // deserializing it fails. | |
| 84 TEST(SSLStatusSerializationTest, DeserializeBogusKeyExchangeInfo) { | |
| 85 SSLStatus status; | |
| 86 SetTestStatus(&status); | |
| 87 status.key_exchange_info = -1; | |
| 88 | |
| 89 SSLStatus invalid_deserialized; | |
| 90 std::string serialized = SerializeSecurityInfo(status); | |
| 91 ASSERT_FALSE(DeserializeSecurityInfo(serialized, &invalid_deserialized)); | |
| 92 EXPECT_PRED2(SSLStatusAreEqual, SSLStatus(), invalid_deserialized); | |
| 93 } | |
| 94 | |
| 95 // Serialize a status with a bad |security_style| value and test that | |
| 96 // deserializing it fails. | |
| 97 TEST(SSLStatusSerializationTest, DeserializeBogusSecurityStyle) { | |
| 98 SSLStatus status; | |
| 99 SetTestStatus(&status); | |
| 100 status.security_style = static_cast<SecurityStyle>(100); | |
| 101 std::string serialized = SerializeSecurityInfo(status); | |
| 102 | |
| 103 SSLStatus invalid_deserialized; | |
| 104 ASSERT_FALSE(DeserializeSecurityInfo(serialized, &invalid_deserialized)); | |
| 105 EXPECT_PRED2(SSLStatusAreEqual, SSLStatus(), invalid_deserialized); | |
| 106 } | |
| 107 | |
| 108 // Serialize a status with an empty |sct_statuses| field and test that | |
| 109 // deserializing works. | |
| 110 TEST(SSLStatusSerializationTest, DeserializeEmptySCTStatuses) { | |
| 111 SSLStatus status; | |
| 112 SetTestStatus(&status); | |
| 113 status.sct_statuses.clear(); | |
| 114 std::string serialized = SerializeSecurityInfo(status); | |
| 115 | |
| 116 SSLStatus deserialized; | |
| 117 ASSERT_TRUE(DeserializeSecurityInfo(serialized, &deserialized)); | |
| 118 EXPECT_PRED2(SSLStatusAreEqual, status, deserialized); | |
| 119 } | |
| 120 | |
| 121 // Serialize a status with multiple different |sct_statuses| and test that | |
| 122 // deserializing works. | |
| 123 TEST(SSLStatusSerializationTest, DeserializeMultipleSCTStatuses) { | |
| 124 SSLStatus status; | |
| 125 SetTestStatus(&status); | |
| 126 status.sct_statuses.push_back(net::ct::SCT_STATUS_LOG_UNKNOWN); | |
| 127 status.sct_statuses.push_back(net::ct::SCT_STATUS_LOG_UNKNOWN); | |
| 128 status.sct_statuses.push_back(net::ct::SCT_STATUS_OK); | |
| 129 status.sct_statuses.push_back(net::ct::SCT_STATUS_INVALID_SIGNATURE); | |
| 130 status.sct_statuses.push_back(net::ct::SCT_STATUS_INVALID_TIMESTAMP); | |
| 131 std::string serialized = SerializeSecurityInfo(status); | |
| 132 | |
| 133 SSLStatus deserialized; | |
| 134 ASSERT_TRUE(DeserializeSecurityInfo(serialized, &deserialized)); | |
| 135 EXPECT_PRED2(SSLStatusAreEqual, status, deserialized); | |
| 136 } | |
| 137 | |
| 138 // Serialize a status with a bad SCTVerifyStatus value and test that | |
| 139 // deserializing it fails. | |
| 140 TEST(SSLStatusSerializationTest, DeserializeBogusSCTVerifyStatus) { | |
| 141 SSLStatus status; | |
| 142 SetTestStatus(&status); | |
| 143 status.sct_statuses.push_back(static_cast<net::ct::SCTVerifyStatus>(100)); | |
| 144 std::string serialized = SerializeSecurityInfo(status); | |
| 145 | |
| 146 SSLStatus deserialized; | |
| 147 ASSERT_FALSE(DeserializeSecurityInfo(serialized, &deserialized)); | |
| 148 EXPECT_PRED2(SSLStatusAreEqual, SSLStatus(), deserialized); | |
| 149 } | |
| 150 | |
| 151 // Test that SCTVerifyStatus INVALID can be deserialized; even though | |
| 152 // this value is deprecated, it may still appear in previously written | |
| 153 // disk cache entries. Regression test for https://crbug.com/640296 | |
| 154 TEST(SSLStatusSerializationTest, DeserializeInvalidSCT) { | |
| 155 SSLStatus status; | |
| 156 SetTestStatus(&status); | |
| 157 status.sct_statuses.push_back( | |
| 158 static_cast<net::ct::SCTVerifyStatus>(net::ct::SCT_STATUS_INVALID)); | |
| 159 std::string serialized = SerializeSecurityInfo(status); | |
| 160 | |
| 161 SSLStatus deserialized; | |
| 162 ASSERT_TRUE(DeserializeSecurityInfo(serialized, &deserialized)); | |
| 163 EXPECT_PRED2(SSLStatusAreEqual, status, deserialized); | |
| 164 } | |
| 165 | |
| 166 } // namespace | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2315443003:
Stop sending serialized SSLStatus to the renderer. (Closed)
