| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_persister.h" | 5 #include "net/http/transport_security_persister.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/file_util.h" | 11 #include "base/file_util.h" |
| 12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 13 #include "base/files/scoped_temp_dir.h" | 13 #include "base/files/scoped_temp_dir.h" |
| 14 #include "base/message_loop/message_loop.h" | 14 #include "base/message_loop/message_loop.h" |
| 15 #include "net/http/transport_security_state.h" | 15 #include "net/http/transport_security_state.h" |
| 16 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
| 17 | 17 |
| 18 using net::TransportSecurityPersister; | 18 using net::TransportSecurityPersister; |
| 19 using net::TransportSecurityState; | 19 using net::TransportSecurityState; |
| 20 | 20 |
| 21 class TransportSecurityPersisterTest : public testing::Test { | 21 class TransportSecurityPersisterTest : public testing::Test { |
| 22 public: | 22 public: |
| 23 TransportSecurityPersisterTest() { | 23 TransportSecurityPersisterTest() {} |
| 24 } | |
| 25 | 24 |
| 26 virtual ~TransportSecurityPersisterTest() { | 25 virtual ~TransportSecurityPersisterTest() { |
| 27 base::MessageLoopForIO::current()->RunUntilIdle(); | 26 base::MessageLoopForIO::current()->RunUntilIdle(); |
| 28 } | 27 } |
| 29 | 28 |
| 30 virtual void SetUp() OVERRIDE { | 29 virtual void SetUp() OVERRIDE { |
| 31 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); | 30 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir()); |
| 32 persister_.reset(new TransportSecurityPersister( | 31 persister_.reset(new TransportSecurityPersister( |
| 33 &state_, | 32 &state_, |
| 34 temp_dir_.path(), | 33 temp_dir_.path(), |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 69 | 68 |
| 70 EXPECT_TRUE(state_.GetDomainState(kYahooDomain, true, &domain_state)); | 69 EXPECT_TRUE(state_.GetDomainState(kYahooDomain, true, &domain_state)); |
| 71 EXPECT_EQ(domain_state.upgrade_mode, | 70 EXPECT_EQ(domain_state.upgrade_mode, |
| 72 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 71 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 73 EXPECT_TRUE(state_.GetDomainState("foo.yahoo.com", true, &domain_state)); | 72 EXPECT_TRUE(state_.GetDomainState("foo.yahoo.com", true, &domain_state)); |
| 74 EXPECT_EQ(domain_state.upgrade_mode, | 73 EXPECT_EQ(domain_state.upgrade_mode, |
| 75 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 74 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 76 EXPECT_TRUE(state_.GetDomainState("foo.bar.yahoo.com", true, &domain_state)); | 75 EXPECT_TRUE(state_.GetDomainState("foo.bar.yahoo.com", true, &domain_state)); |
| 77 EXPECT_EQ(domain_state.upgrade_mode, | 76 EXPECT_EQ(domain_state.upgrade_mode, |
| 78 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 77 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 79 EXPECT_TRUE(state_.GetDomainState("foo.bar.baz.yahoo.com", true, | 78 EXPECT_TRUE( |
| 80 &domain_state)); | 79 state_.GetDomainState("foo.bar.baz.yahoo.com", true, &domain_state)); |
| 81 EXPECT_EQ(domain_state.upgrade_mode, | 80 EXPECT_EQ(domain_state.upgrade_mode, |
| 82 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); | 81 TransportSecurityState::DomainState::MODE_FORCE_HTTPS); |
| 83 EXPECT_FALSE(state_.GetDomainState("com", true, &domain_state)); | 82 EXPECT_FALSE(state_.GetDomainState("com", true, &domain_state)); |
| 84 } | 83 } |
| 85 | 84 |
| 86 TEST_F(TransportSecurityPersisterTest, SerializeData3) { | 85 TEST_F(TransportSecurityPersisterTest, SerializeData3) { |
| 87 // Add an entry. | 86 // Add an entry. |
| 88 net::HashValue fp1(net::HASH_VALUE_SHA1); | 87 net::HashValue fp1(net::HASH_VALUE_SHA1); |
| 89 memset(fp1.data(), 0, fp1.size()); | 88 memset(fp1.data(), 0, fp1.size()); |
| 90 net::HashValue fp2(net::HASH_VALUE_SHA1); | 89 net::HashValue fp2(net::HASH_VALUE_SHA1); |
| 91 memset(fp2.data(), 1, fp2.size()); | 90 memset(fp2.data(), 1, fp2.size()); |
| 92 base::Time expiry = | 91 base::Time expiry = base::Time::Now() + base::TimeDelta::FromSeconds(1000); |
| 93 base::Time::Now() + base::TimeDelta::FromSeconds(1000); | |
| 94 net::HashValueVector dynamic_spki_hashes; | 92 net::HashValueVector dynamic_spki_hashes; |
| 95 dynamic_spki_hashes.push_back(fp1); | 93 dynamic_spki_hashes.push_back(fp1); |
| 96 dynamic_spki_hashes.push_back(fp2); | 94 dynamic_spki_hashes.push_back(fp2); |
| 97 bool include_subdomains = false; | 95 bool include_subdomains = false; |
| 98 state_.AddHSTS("www.example.com", expiry, include_subdomains); | 96 state_.AddHSTS("www.example.com", expiry, include_subdomains); |
| 99 state_.AddHPKP("www.example.com", expiry, include_subdomains, | 97 state_.AddHPKP( |
| 100 dynamic_spki_hashes); | 98 "www.example.com", expiry, include_subdomains, dynamic_spki_hashes); |
| 101 | 99 |
| 102 // Add another entry. | 100 // Add another entry. |
| 103 memset(fp1.data(), 2, fp1.size()); | 101 memset(fp1.data(), 2, fp1.size()); |
| 104 memset(fp2.data(), 3, fp2.size()); | 102 memset(fp2.data(), 3, fp2.size()); |
| 105 expiry = | 103 expiry = base::Time::Now() + base::TimeDelta::FromSeconds(3000); |
| 106 base::Time::Now() + base::TimeDelta::FromSeconds(3000); | |
| 107 dynamic_spki_hashes.push_back(fp1); | 104 dynamic_spki_hashes.push_back(fp1); |
| 108 dynamic_spki_hashes.push_back(fp2); | 105 dynamic_spki_hashes.push_back(fp2); |
| 109 state_.AddHSTS("www.example.net", expiry, include_subdomains); | 106 state_.AddHSTS("www.example.net", expiry, include_subdomains); |
| 110 state_.AddHPKP("www.example.net", expiry, include_subdomains, | 107 state_.AddHPKP( |
| 111 dynamic_spki_hashes); | 108 "www.example.net", expiry, include_subdomains, dynamic_spki_hashes); |
| 112 | 109 |
| 113 // Save a copy of everything. | 110 // Save a copy of everything. |
| 114 std::map<std::string, TransportSecurityState::DomainState> saved; | 111 std::map<std::string, TransportSecurityState::DomainState> saved; |
| 115 TransportSecurityState::Iterator i(state_); | 112 TransportSecurityState::Iterator i(state_); |
| 116 while (i.HasNext()) { | 113 while (i.HasNext()) { |
| 117 saved[i.hostname()] = i.domain_state(); | 114 saved[i.hostname()] = i.domain_state(); |
| 118 i.Advance(); | 115 i.Advance(); |
| 119 } | 116 } |
| 120 | 117 |
| 121 std::string serialized; | 118 std::string serialized; |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 180 hashes.push_back(sha1); | 177 hashes.push_back(sha1); |
| 181 EXPECT_TRUE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); | 178 EXPECT_TRUE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
| 182 | 179 |
| 183 hashes[0].data()[0] = '2'; | 180 hashes[0].data()[0] = '2'; |
| 184 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); | 181 EXPECT_FALSE(domain_state.CheckPublicKeyPins(hashes, &failure_log)); |
| 185 | 182 |
| 186 const base::Time current_time(base::Time::Now()); | 183 const base::Time current_time(base::Time::Now()); |
| 187 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); | 184 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
| 188 bool include_subdomains = false; | 185 bool include_subdomains = false; |
| 189 state_.AddHSTS(kTestDomain, expiry, include_subdomains); | 186 state_.AddHSTS(kTestDomain, expiry, include_subdomains); |
| 190 state_.AddHPKP(kTestDomain, expiry, include_subdomains, | 187 state_.AddHPKP(kTestDomain, |
| 188 expiry, |
| 189 include_subdomains, |
| 191 domain_state.dynamic_spki_hashes); | 190 domain_state.dynamic_spki_hashes); |
| 192 std::string ser; | 191 std::string ser; |
| 193 EXPECT_TRUE(persister_->SerializeData(&ser)); | 192 EXPECT_TRUE(persister_->SerializeData(&ser)); |
| 194 bool dirty; | 193 bool dirty; |
| 195 EXPECT_TRUE(persister_->LoadEntries(ser, &dirty)); | 194 EXPECT_TRUE(persister_->LoadEntries(ser, &dirty)); |
| 196 EXPECT_TRUE(state_.GetDomainState(kTestDomain, false, &domain_state)); | 195 EXPECT_TRUE(state_.GetDomainState(kTestDomain, false, &domain_state)); |
| 197 EXPECT_EQ(1u, domain_state.dynamic_spki_hashes.size()); | 196 EXPECT_EQ(1u, domain_state.dynamic_spki_hashes.size()); |
| 198 EXPECT_EQ(sha1.tag, domain_state.dynamic_spki_hashes[0].tag); | 197 EXPECT_EQ(sha1.tag, domain_state.dynamic_spki_hashes[0].tag); |
| 199 EXPECT_EQ(0, memcmp(domain_state.dynamic_spki_hashes[0].data(), sha1.data(), | 198 EXPECT_EQ(0, |
| 200 sha1.size())); | 199 memcmp(domain_state.dynamic_spki_hashes[0].data(), |
| 200 sha1.data(), |
| 201 sha1.size())); |
| 201 } | 202 } |
| OLD | NEW |
|---|
Chromium Code Reviews
