| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/net/transport_security_persister.h" | 5 #include "chrome/browser/net/transport_security_persister.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 60 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); | 60 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); |
| 61 EXPECT_FALSE(dirty); | 61 EXPECT_FALSE(dirty); |
| 62 } | 62 } |
| 63 | 63 |
| 64 TEST_F(TransportSecurityPersisterTest, SerializeData2) { | 64 TEST_F(TransportSecurityPersisterTest, SerializeData2) { |
| 65 TransportSecurityState::DomainState domain_state; | 65 TransportSecurityState::DomainState domain_state; |
| 66 const base::Time current_time(base::Time::Now()); | 66 const base::Time current_time(base::Time::Now()); |
| 67 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); | 67 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
| 68 static const char kYahooDomain[] = "yahoo.com"; | 68 static const char kYahooDomain[] = "yahoo.com"; |
| 69 | 69 |
| 70 EXPECT_FALSE(state_.GetDomainState(kYahooDomain, true, true, &domain_state)); | 70 EXPECT_FALSE(state_.GetDomainState(kYahooDomain, true, &domain_state)); |
| 71 | 71 |
| 72 bool include_subdomains = true; | 72 bool include_subdomains = true; |
| 73 state_.AddHSTS(kYahooDomain, expiry, include_subdomains); | 73 state_.AddHSTS(kYahooDomain, expiry, include_subdomains); |
| 74 | 74 |
| 75 std::string output; | 75 std::string output; |
| 76 bool dirty; | 76 bool dirty; |
| 77 EXPECT_TRUE(persister_->SerializeData(&output)); | 77 EXPECT_TRUE(persister_->SerializeData(&output)); |
| 78 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); | 78 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); |
| 79 | 79 |
| 80 EXPECT_TRUE(state_.GetDomainState(kYahooDomain, true, true, &domain_state)); | 80 EXPECT_TRUE(state_.GetDomainState(kYahooDomain, true, &domain_state)); |
| 81 EXPECT_EQ(domain_state.upgrade_mode, | 81 EXPECT_EQ(domain_state.upgrade_mode, |
| 82 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 82 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 83 EXPECT_TRUE(state_.GetDomainState("foo.yahoo.com", true, true, | 83 EXPECT_TRUE(state_.GetDomainState("foo.yahoo.com", true, &domain_state)); |
| 84 &domain_state)); | |
| 85 EXPECT_EQ(domain_state.upgrade_mode, | 84 EXPECT_EQ(domain_state.upgrade_mode, |
| 86 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 85 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 87 EXPECT_TRUE(state_.GetDomainState("foo.bar.yahoo.com", true, true, | 86 EXPECT_TRUE(state_.GetDomainState("foo.bar.yahoo.com", true, &domain_state)); |
| 88 &domain_state)); | |
| 89 EXPECT_EQ(domain_state.upgrade_mode, | 87 EXPECT_EQ(domain_state.upgrade_mode, |
| 90 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 88 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 91 EXPECT_TRUE(state_.GetDomainState("foo.bar.baz.yahoo.com", true, | 89 EXPECT_TRUE(state_.GetDomainState("foo.bar.baz.yahoo.com", true, |
| 92 true, &domain_state)); | 90 &domain_state)); |
| 93 EXPECT_EQ(domain_state.upgrade_mode, | 91 EXPECT_EQ(domain_state.upgrade_mode, |
| 94 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 92 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 95 EXPECT_FALSE(state_.GetDomainState("com", true, true, &domain_state)); | 93 EXPECT_FALSE(state_.GetDomainState("com", true, &domain_state)); |
| 96 } | 94 } |
| 97 | 95 |
| 98 TEST_F(TransportSecurityPersisterTest, SerializeData3) { | 96 TEST_F(TransportSecurityPersisterTest, SerializeData3) { |
| 99 // Add an entry. | 97 // Add an entry. |
| 100 net::HashValue fp1(net::HASH_VALUE_SHA1); | 98 net::HashValue fp1(net::HASH_VALUE_SHA1); |
| 101 memset(fp1.data(), 0, fp1.size()); | 99 memset(fp1.data(), 0, fp1.size()); |
| 102 net::HashValue fp2(net::HASH_VALUE_SHA1); | 100 net::HashValue fp2(net::HASH_VALUE_SHA1); |
| 103 memset(fp2.data(), 1, fp2.size()); | 101 memset(fp2.data(), 1, fp2.size()); |
| 104 base::Time expiry = | 102 base::Time expiry = |
| 105 base::Time::Now() + base::TimeDelta::FromSeconds(1000); | 103 base::Time::Now() + base::TimeDelta::FromSeconds(1000); |
| (...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 172 "}" | 170 "}" |
| 173 "}"; | 171 "}"; |
| 174 bool dirty; | 172 bool dirty; |
| 175 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); | 173 EXPECT_TRUE(persister_->LoadEntries(output, &dirty)); |
| 176 EXPECT_TRUE(dirty); | 174 EXPECT_TRUE(dirty); |
| 177 } | 175 } |
| 178 | 176 |
| 179 TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) { | 177 TEST_F(TransportSecurityPersisterTest, PublicKeyHashes) { |
| 180 TransportSecurityState::DomainState domain_state; | 178 TransportSecurityState::DomainState domain_state; |
| 181 static const char kTestDomain[] = "example.com"; | 179 static const char kTestDomain[] = "example.com"; |
| 182 EXPECT_FALSE(state_.GetDomainState(kTestDomain, false, true, &domain_state)); | 180 EXPECT_FALSE(state_.GetDomainState(kTestDomain, false, &domain_state)); |
| 183 net::HashValueVector hashes; | 181 net::HashValueVector hashes; |
| 184 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); | 182 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); |
| 185 | 183 |
| 186 net::HashValue sha1(net::HASH_VALUE_SHA1); | 184 net::HashValue sha1(net::HASH_VALUE_SHA1); |
| 187 memset(sha1.data(), '1', sha1.size()); | 185 memset(sha1.data(), '1', sha1.size()); |
| 188 domain_state.dynamic_spki_hashes.push_back(sha1); | 186 domain_state.dynamic_spki_hashes.push_back(sha1); |
| 189 | 187 |
| 190 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); | 188 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); |
| 191 | 189 |
| 192 hashes.push_back(sha1); | 190 hashes.push_back(sha1); |
| 193 EXPECT_TRUE(domain_state.CheckPublicKeyPins(hashes)); | 191 EXPECT_TRUE(domain_state.CheckPublicKeyPins(hashes)); |
| 194 | 192 |
| 195 hashes[0].data()[0] = '2'; | 193 hashes[0].data()[0] = '2'; |
| 196 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); | 194 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes)); |
| 197 | 195 |
| 198 const base::Time current_time(base::Time::Now()); | 196 const base::Time current_time(base::Time::Now()); |
| 199 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); | 197 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
| 200 bool include_subdomains = false; | 198 bool include_subdomains = false; |
| 201 state_.AddHSTS(kTestDomain, expiry, include_subdomains); | 199 state_.AddHSTS(kTestDomain, expiry, include_subdomains); |
| 202 state_.AddHPKP(kTestDomain, expiry, include_subdomains, | 200 state_.AddHPKP(kTestDomain, expiry, include_subdomains, |
| 203 domain_state.dynamic_spki_hashes); | 201 domain_state.dynamic_spki_hashes); |
| 204 std::string ser; | 202 std::string ser; |
| 205 EXPECT_TRUE(persister_->SerializeData(&ser)); | 203 EXPECT_TRUE(persister_->SerializeData(&ser)); |
| 206 bool dirty; | 204 bool dirty; |
| 207 EXPECT_TRUE(persister_->LoadEntries(ser, &dirty)); | 205 EXPECT_TRUE(persister_->LoadEntries(ser, &dirty)); |
| 208 EXPECT_TRUE(state_.GetDomainState(kTestDomain, false, true, &domain_state)); | 206 EXPECT_TRUE(state_.GetDomainState(kTestDomain, false, &domain_state)); |
| 209 EXPECT_EQ(1u, domain_state.dynamic_spki_hashes.size()); | 207 EXPECT_EQ(1u, domain_state.dynamic_spki_hashes.size()); |
| 210 EXPECT_EQ(sha1.tag, domain_state.dynamic_spki_hashes[0].tag); | 208 EXPECT_EQ(sha1.tag, domain_state.dynamic_spki_hashes[0].tag); |
| 211 EXPECT_EQ(0, memcmp(domain_state.dynamic_spki_hashes[0].data(), sha1.data(), | 209 EXPECT_EQ(0, memcmp(domain_state.dynamic_spki_hashes[0].data(), sha1.data(), |
| 212 sha1.size())); | 210 sha1.size())); |
| 213 } | 211 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 24251011:
Revert 224269 "Don't persist HPKP if PrivacyMode is enabled." (Closed)
Base URL: svn://svn.chromium.org/chrome/