Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(488)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/ssl_config/ssl_config_service_manager_pref_unittest.cc

Issue 2613533004: Only disable SHA-1 for local trust anchors if there's a PrefService (Closed)
Patch Set: Expand test Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/ssl_config/ssl_config_service_manager_pref.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/ssl_config/ssl_config_service_manager_pref_unittest.cc
diff --git a/components/ssl_config/ssl_config_service_manager_pref_unittest.cc b/components/ssl_config/ssl_config_service_manager_pref_unittest.cc
index 675833045afa3132bd93e22f6f46ea5a0a80197f..9c2e24b80f636a251a02a79e2baf2ec064db85b0 100644
--- a/components/ssl_config/ssl_config_service_manager_pref_unittest.cc
+++ b/components/ssl_config/ssl_config_service_manager_pref_unittest.cc
@@ -199,3 +199,53 @@ TEST_F(SSLConfigServiceManagerPrefTest, TLS13Feature) {
config_service->GetSSLConfig(&ssl_config);
EXPECT_EQ(net::SSL_PROTOCOL_VERSION_TLS1_3, ssl_config.version_max);
}
+
+// Tests that SHA-1 signatures for local trust anchors can be enabled.
+TEST_F(SSLConfigServiceManagerPrefTest, SHA1ForLocalAnchors) {
+ scoped_refptr<TestingPrefStore> local_state_store(new TestingPrefStore());
+
+ TestingPrefServiceSimple local_state;
+ SSLConfigServiceManager::RegisterPrefs(local_state.registry());
+
+ std::unique_ptr<SSLConfigServiceManager> config_manager(
+ SSLConfigServiceManager::CreateDefaultManager(
+ &local_state, base::ThreadTaskRunnerHandle::Get()));
+ ASSERT_TRUE(config_manager);
+ scoped_refptr<SSLConfigService> config_service(config_manager->Get());
+ ASSERT_TRUE(config_service);
+
+ // By default, SHA-1 local trust anchors should be enabled when not
+ // using any pref service.
+ SSLConfig config1;
+ EXPECT_TRUE(config1.sha1_local_anchors_enabled);
+
+ // Using a pref service without any preference set should result in
+ // SHA-1 local trust anchors being disabled.
+ SSLConfig config2;
+ config_service->GetSSLConfig(&config2);
+ EXPECT_FALSE(config2.sha1_local_anchors_enabled);
+
+ // Enabling the local preference should result in SHA-1 local trust anchors
+ // being enabled.
+ local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors,
+ new base::FundamentalValue(true));
+ // Pump the message loop to notify the SSLConfigServiceManagerPref that the
+ // preferences changed.
+ base::RunLoop().RunUntilIdle();
+
+ SSLConfig config3;
+ config_service->GetSSLConfig(&config3);
+ EXPECT_TRUE(config3.sha1_local_anchors_enabled);
+
+ // Disabling the local preference should result in SHA-1 local trust
+ // anchors being disabled.
+ local_state.SetUserPref(ssl_config::prefs::kCertEnableSha1LocalAnchors,
+ new base::FundamentalValue(false));
+ // Pump the message loop to notify the SSLConfigServiceManagerPref that the
+ // preferences changed.
+ base::RunLoop().RunUntilIdle();
+
+ SSLConfig config4;
+ config_service->GetSSLConfig(&config4);
+ EXPECT_FALSE(config4.sha1_local_anchors_enabled);
+}
« no previous file with comments | « components/ssl_config/ssl_config_service_manager_pref.cc ('k') | net/ssl/ssl_config.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698