OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <algorithm> | 5 #include <algorithm> |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/sha1.h" | 8 #include "base/sha1.h" |
9 #include "base/strings/string_piece.h" | 9 #include "base/strings/string_piece.h" |
10 #include "crypto/sha2.h" | 10 #include "crypto/sha2.h" |
(...skipping 422 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
433 TEST_F(HttpSecurityHeadersTest, ValidPKPHeadersSHA256) { | 433 TEST_F(HttpSecurityHeadersTest, ValidPKPHeadersSHA256) { |
434 TestValidPKPHeaders(HASH_VALUE_SHA256); | 434 TestValidPKPHeaders(HASH_VALUE_SHA256); |
435 } | 435 } |
436 | 436 |
437 TEST_F(HttpSecurityHeadersTest, UpdateDynamicPKPOnly) { | 437 TEST_F(HttpSecurityHeadersTest, UpdateDynamicPKPOnly) { |
438 TransportSecurityState state; | 438 TransportSecurityState state; |
439 TransportSecurityState::DomainState domain_state; | 439 TransportSecurityState::DomainState domain_state; |
440 | 440 |
441 // docs.google.com has preloaded pins. | 441 // docs.google.com has preloaded pins. |
442 std::string domain = "docs.google.com"; | 442 std::string domain = "docs.google.com"; |
443 EXPECT_TRUE(state.GetDomainState(domain, true, true, &domain_state)); | 443 EXPECT_TRUE(state.GetDomainState(domain, true, &domain_state)); |
444 EXPECT_GT(domain_state.static_spki_hashes.size(), 1UL); | 444 EXPECT_GT(domain_state.static_spki_hashes.size(), 1UL); |
445 HashValueVector saved_hashes = domain_state.static_spki_hashes; | 445 HashValueVector saved_hashes = domain_state.static_spki_hashes; |
446 | 446 |
447 // Add a header, which should only update the dynamic state. | 447 // Add a header, which should only update the dynamic state. |
448 HashValue good_hash = GetTestHashValue(1, HASH_VALUE_SHA1); | 448 HashValue good_hash = GetTestHashValue(1, HASH_VALUE_SHA1); |
449 HashValue backup_hash = GetTestHashValue(2, HASH_VALUE_SHA1); | 449 HashValue backup_hash = GetTestHashValue(2, HASH_VALUE_SHA1); |
450 std::string good_pin = GetTestPin(1, HASH_VALUE_SHA1); | 450 std::string good_pin = GetTestPin(1, HASH_VALUE_SHA1); |
451 std::string backup_pin = GetTestPin(2, HASH_VALUE_SHA1); | 451 std::string backup_pin = GetTestPin(2, HASH_VALUE_SHA1); |
452 std::string header = "max-age = 10000; " + good_pin + "; " + backup_pin; | 452 std::string header = "max-age = 10000; " + good_pin + "; " + backup_pin; |
453 | 453 |
(...skipping 26 matching lines...) Expand all Loading... |
480 HashValuesEqual(good_hash)); | 480 HashValuesEqual(good_hash)); |
481 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); | 481 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); |
482 | 482 |
483 hash = std::find_if( | 483 hash = std::find_if( |
484 dynamic_domain_state.dynamic_spki_hashes.begin(), | 484 dynamic_domain_state.dynamic_spki_hashes.begin(), |
485 dynamic_domain_state.dynamic_spki_hashes.end(), | 485 dynamic_domain_state.dynamic_spki_hashes.end(), |
486 HashValuesEqual(backup_hash)); | 486 HashValuesEqual(backup_hash)); |
487 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); | 487 EXPECT_NE(dynamic_domain_state.dynamic_spki_hashes.end(), hash); |
488 | 488 |
489 // Expect the overall state to reflect the header, too. | 489 // Expect the overall state to reflect the header, too. |
490 EXPECT_TRUE(state.GetDomainState(domain, true, true, &domain_state)); | 490 EXPECT_TRUE(state.GetDomainState(domain, true, &domain_state)); |
491 EXPECT_EQ(2UL, domain_state.dynamic_spki_hashes.size()); | 491 EXPECT_EQ(2UL, domain_state.dynamic_spki_hashes.size()); |
492 | 492 |
493 hash = std::find_if(domain_state.dynamic_spki_hashes.begin(), | 493 hash = std::find_if(domain_state.dynamic_spki_hashes.begin(), |
494 domain_state.dynamic_spki_hashes.end(), | 494 domain_state.dynamic_spki_hashes.end(), |
495 HashValuesEqual(good_hash)); | 495 HashValuesEqual(good_hash)); |
496 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); | 496 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); |
497 | 497 |
498 hash = std::find_if( | 498 hash = std::find_if( |
499 domain_state.dynamic_spki_hashes.begin(), | 499 domain_state.dynamic_spki_hashes.begin(), |
500 domain_state.dynamic_spki_hashes.end(), | 500 domain_state.dynamic_spki_hashes.end(), |
501 HashValuesEqual(backup_hash)); | 501 HashValuesEqual(backup_hash)); |
502 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); | 502 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash); |
503 } | 503 } |
504 | 504 |
505 }; // namespace net | 505 }; // namespace net |
OLD | NEW |