Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(756)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/transport_security_persister_unittest.cc

Issue 2751803002: Serialize and deserialize dynamic Expect-CT state (Closed)
Patch Set: fix dictionary keys comment Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/http/transport_security_persister.cc ('K') | « net/http/transport_security_persister.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_persister_unittest.cc
diff --git a/net/http/transport_security_persister_unittest.cc b/net/http/transport_security_persister_unittest.cc
index 6e7e8047a8bb85ceee75bc78a4a265f288627326..18fd1d6dede3cb1f7b87546310300dcd15170021 100644
--- a/net/http/transport_security_persister_unittest.cc
+++ b/net/http/transport_security_persister_unittest.cc
@@ -14,6 +14,7 @@
#include "base/files/scoped_temp_dir.h"
#include "base/message_loop/message_loop.h"
#include "base/run_loop.h"
+#include "base/test/scoped_feature_list.h"
#include "base/threading/thread_task_runner_handle.h"
#include "net/http/transport_security_state.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -231,6 +232,68 @@ TEST_F(TransportSecurityPersisterTest, PublicKeyPins) {
EXPECT_EQ(report_uri, new_pkp_state.report_uri);
}
+TEST_F(TransportSecurityPersisterTest, ExpectCT) {
+ base::test::ScopedFeatureList feature_list;
+ feature_list.InitAndEnableFeature(
+ TransportSecurityState::kDynamicExpectCTFeature);
+ const GURL report_uri(kReportUri);
+ TransportSecurityState::ExpectCTState expect_ct_state;
+ static const char kTestDomain[] = "example.test";
+
+ EXPECT_FALSE(state_.GetDynamicExpectCTState(kTestDomain, &expect_ct_state));
+
+ const base::Time current_time(base::Time::Now());
+ const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
+ state_.AddExpectCT(kTestDomain, expiry, true /* enforce */, GURL());
+ std::string serialized;
+ EXPECT_TRUE(persister_->SerializeData(&serialized));
+ bool dirty;
+ EXPECT_TRUE(persister_->LoadEntries(serialized, &dirty));
mattm 2017/04/15 04:45:02 So this is loading the serialized data back into t
estark 2017/04/15 20:18:03 LoadEntries() clears existing dynamic data (https:
mattm 2017/04/18 20:25:35 I think this would be fine if there was another te
estark 2017/04/18 22:36:26 Done.
+
+ TransportSecurityState::ExpectCTState new_expect_ct_state;
+ EXPECT_TRUE(
+ state_.GetDynamicExpectCTState(kTestDomain, &new_expect_ct_state));
+ EXPECT_TRUE(new_expect_ct_state.enforce);
+ EXPECT_TRUE(new_expect_ct_state.report_uri.is_empty());
+ EXPECT_EQ(expiry, new_expect_ct_state.expiry);
+
+ // Update the state for the domian and check that it is
mattm 2017/04/15 04:45:01 domain
estark 2017/04/15 20:18:03 Done.
+ // serialized/deserialized correctly.
+ state_.AddExpectCT(kTestDomain, expiry, false /* enforce */, report_uri);
+ EXPECT_TRUE(persister_->SerializeData(&serialized));
+ EXPECT_TRUE(persister_->LoadEntries(serialized, &dirty));
+ EXPECT_TRUE(
+ state_.GetDynamicExpectCTState(kTestDomain, &new_expect_ct_state));
+ EXPECT_FALSE(new_expect_ct_state.enforce);
+ EXPECT_EQ(report_uri, new_expect_ct_state.report_uri);
+ EXPECT_EQ(expiry, new_expect_ct_state.expiry);
+}
+
+// Tests that Expect-CT state is not serialized and persisted when the feature
+// is disabled.
+TEST_F(TransportSecurityPersisterTest, ExpectCTDisabled) {
+ base::test::ScopedFeatureList feature_list;
+ feature_list.InitAndDisableFeature(
+ TransportSecurityState::kDynamicExpectCTFeature);
+ const GURL report_uri(kReportUri);
+ TransportSecurityState::ExpectCTState expect_ct_state;
+ static const char kTestDomain[] = "example.test";
+
+ EXPECT_FALSE(state_.GetDynamicExpectCTState(kTestDomain, &expect_ct_state));
+
+ const base::Time current_time(base::Time::Now());
+ const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
+ state_.AddExpectCT(kTestDomain, expiry, true /* enforce */, GURL());
+ std::string serialized;
+ EXPECT_TRUE(persister_->SerializeData(&serialized));
+ bool dirty;
+ EXPECT_TRUE(persister_->LoadEntries(serialized, &dirty));
+
+ TransportSecurityState::ExpectCTState new_expect_ct_state;
+ EXPECT_FALSE(
+ state_.GetDynamicExpectCTState(kTestDomain, &new_expect_ct_state));
+}
+
} // namespace
} // namespace net
« net/http/transport_security_persister.cc ('K') | « net/http/transport_security_persister.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698