OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/security_state/content/content_utils.h" | 5 #include "components/security_state/content/content_utils.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/test/histogram_tester.h" | 8 #include "base/test/histogram_tester.h" |
9 #include "components/security_state/core/security_state.h" | 9 #include "components/security_state/core/security_state.h" |
10 #include "components/security_state/core/switches.h" | 10 #include "components/security_state/core/switches.h" |
(...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
198 explanations.secure_explanations, "Secure Connection", &explanation)); | 198 explanations.secure_explanations, "Secure Connection", &explanation)); |
199 EXPECT_EQ( | 199 EXPECT_EQ( |
200 "The connection to this site is encrypted and authenticated using a " | 200 "The connection to this site is encrypted and authenticated using a " |
201 "strong protocol (TLS 1.3), a strong key exchange (X25519), and a " | 201 "strong protocol (TLS 1.3), a strong key exchange (X25519), and a " |
202 "strong cipher (AES_128_GCM).", | 202 "strong cipher (AES_128_GCM).", |
203 explanation.description); | 203 explanation.description); |
204 } | 204 } |
205 } | 205 } |
206 | 206 |
207 // Tests that a security level of HTTP_SHOW_WARNING produces | 207 // Tests that a security level of HTTP_SHOW_WARNING produces |
208 // blink::WebSecurityStyleUnauthenticated and an explanation if appropriate. | 208 // blink::WebSecurityStyleNeutral and an explanation if appropriate. |
209 TEST(SecurityStateContentUtilsTest, HTTPWarning) { | 209 TEST(SecurityStateContentUtilsTest, HTTPWarning) { |
210 security_state::SecurityInfo security_info; | 210 security_state::SecurityInfo security_info; |
211 content::SecurityStyleExplanations explanations; | 211 content::SecurityStyleExplanations explanations; |
212 security_info.security_level = security_state::HTTP_SHOW_WARNING; | 212 security_info.security_level = security_state::HTTP_SHOW_WARNING; |
213 blink::WebSecurityStyle security_style = | 213 blink::WebSecurityStyle security_style = |
214 GetSecurityStyle(security_info, &explanations); | 214 GetSecurityStyle(security_info, &explanations); |
215 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 215 EXPECT_EQ(blink::WebSecurityStyleNeutral, security_style); |
216 // Verify no explanation was shown, because Form Not Secure was not triggered. | 216 // Verify no explanation was shown, because Form Not Secure was not triggered. |
217 EXPECT_EQ(0u, explanations.unauthenticated_explanations.size()); | 217 EXPECT_EQ(0u, explanations.neutral_explanations.size()); |
218 | 218 |
219 explanations.unauthenticated_explanations.clear(); | 219 explanations.neutral_explanations.clear(); |
220 security_info.displayed_credit_card_field_on_http = true; | 220 security_info.displayed_credit_card_field_on_http = true; |
221 security_style = GetSecurityStyle(security_info, &explanations); | 221 security_style = GetSecurityStyle(security_info, &explanations); |
222 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 222 EXPECT_EQ(blink::WebSecurityStyleNeutral, security_style); |
223 // Verify one explanation was shown, because Form Not Secure was triggered. | 223 // Verify one explanation was shown, because Form Not Secure was triggered. |
224 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | 224 EXPECT_EQ(1u, explanations.neutral_explanations.size()); |
225 | 225 |
226 // Check that when both password and credit card fields get displayed, only | 226 // Check that when both password and credit card fields get displayed, only |
227 // one explanation is added. | 227 // one explanation is added. |
228 explanations.unauthenticated_explanations.clear(); | 228 explanations.neutral_explanations.clear(); |
229 security_info.displayed_credit_card_field_on_http = true; | 229 security_info.displayed_credit_card_field_on_http = true; |
230 security_info.displayed_password_field_on_http = true; | 230 security_info.displayed_password_field_on_http = true; |
231 security_style = GetSecurityStyle(security_info, &explanations); | 231 security_style = GetSecurityStyle(security_info, &explanations); |
232 EXPECT_EQ(blink::WebSecurityStyleUnauthenticated, security_style); | 232 EXPECT_EQ(blink::WebSecurityStyleNeutral, security_style); |
233 // Verify only one explanation was shown when Form Not Secure is triggered. | 233 // Verify only one explanation was shown when Form Not Secure is triggered. |
234 EXPECT_EQ(1u, explanations.unauthenticated_explanations.size()); | 234 EXPECT_EQ(1u, explanations.neutral_explanations.size()); |
235 } | 235 } |
236 | 236 |
237 // Tests that an explanation is provided if a certificate is missing a | 237 // Tests that an explanation is provided if a certificate is missing a |
238 // subjectAltName extension containing a domain name or IP address. | 238 // subjectAltName extension containing a domain name or IP address. |
239 TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { | 239 TEST(SecurityStateContentUtilsTest, SubjectAltNameWarning) { |
240 security_state::SecurityInfo security_info; | 240 security_state::SecurityInfo security_info; |
241 security_info.cert_status = 0; | 241 security_info.cert_status = 0; |
242 security_info.scheme_is_cryptographic = true; | 242 security_info.scheme_is_cryptographic = true; |
243 | 243 |
244 security_info.certificate = net::ImportCertFromFile( | 244 security_info.certificate = net::ImportCertFromFile( |
245 net::GetTestCertsDirectory(), "salesforce_com_test.pem"); | 245 net::GetTestCertsDirectory(), "salesforce_com_test.pem"); |
246 ASSERT_TRUE(security_info.certificate); | 246 ASSERT_TRUE(security_info.certificate); |
247 | 247 |
248 content::SecurityStyleExplanations explanations; | 248 content::SecurityStyleExplanations explanations; |
249 security_info.cert_missing_subject_alt_name = true; | 249 security_info.cert_missing_subject_alt_name = true; |
250 GetSecurityStyle(security_info, &explanations); | 250 GetSecurityStyle(security_info, &explanations); |
251 // Verify that an explanation was shown for a missing subjectAltName. | 251 // Verify that an explanation was shown for a missing subjectAltName. |
252 EXPECT_EQ(1u, explanations.broken_explanations.size()); | 252 EXPECT_EQ(1u, explanations.insecure_explanations.size()); |
253 | 253 |
254 explanations.broken_explanations.clear(); | 254 explanations.insecure_explanations.clear(); |
255 security_info.cert_missing_subject_alt_name = false; | 255 security_info.cert_missing_subject_alt_name = false; |
256 GetSecurityStyle(security_info, &explanations); | 256 GetSecurityStyle(security_info, &explanations); |
257 // Verify that no explanation is shown if the subjectAltName is present. | 257 // Verify that no explanation is shown if the subjectAltName is present. |
258 EXPECT_EQ(0u, explanations.broken_explanations.size()); | 258 EXPECT_EQ(0u, explanations.insecure_explanations.size()); |
259 } | 259 } |
260 | 260 |
261 } // namespace | 261 } // namespace |
OLD | NEW |