Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(94)

Side by Side Diff: content/browser/ssl/ssl_host_state_unittest.cc

Issue 369703002: Remember user decisions on invalid certificates behind a flag (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixed broken include Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/browser/ssl/ssl_host_state.h"
6 #include "testing/gtest/include/gtest/gtest.h"
7
8 namespace {
9
10 // Certificates for test data. They're obtained with:
11 //
12 // $ openssl s_client -connect [host]:443 -showcerts
13 // $ openssl x509 -inform PEM -outform DER > /tmp/host.der
14 // $ xxd -i /tmp/host.der
15
16 // Google's cert.
17
18 unsigned char google_der[] = {
19 0x30, 0x82, 0x03, 0x21, 0x30, 0x82, 0x02, 0x8a, 0xa0, 0x03, 0x02, 0x01,
20 0x02, 0x02, 0x10, 0x3c, 0x8d, 0x3a, 0x64, 0xee, 0x18, 0xdd, 0x1b, 0x73,
21 0x0b, 0xa1, 0x92, 0xee, 0xf8, 0x98, 0x1b, 0x30, 0x0d, 0x06, 0x09, 0x2a,
22 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, 0x4c,
23 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x5a,
24 0x41, 0x31, 0x25, 0x30, 0x23, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x1c,
25 0x54, 0x68, 0x61, 0x77, 0x74, 0x65, 0x20, 0x43, 0x6f, 0x6e, 0x73, 0x75,
26 0x6c, 0x74, 0x69, 0x6e, 0x67, 0x20, 0x28, 0x50, 0x74, 0x79, 0x29, 0x20,
27 0x4c, 0x74, 0x64, 0x2e, 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04,
28 0x03, 0x13, 0x0d, 0x54, 0x68, 0x61, 0x77, 0x74, 0x65, 0x20, 0x53, 0x47,
29 0x43, 0x20, 0x43, 0x41, 0x30, 0x1e, 0x17, 0x0d, 0x30, 0x38, 0x30, 0x35,
30 0x30, 0x32, 0x31, 0x37, 0x30, 0x32, 0x35, 0x35, 0x5a, 0x17, 0x0d, 0x30,
31 0x39, 0x30, 0x35, 0x30, 0x32, 0x31, 0x37, 0x30, 0x32, 0x35, 0x35, 0x5a,
32 0x30, 0x68, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
33 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08,
34 0x13, 0x0a, 0x43, 0x61, 0x6c, 0x69, 0x66, 0x6f, 0x72, 0x6e, 0x69, 0x61,
35 0x31, 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x0d, 0x4d,
36 0x6f, 0x75, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x20, 0x56, 0x69, 0x65, 0x77,
37 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x0a, 0x47,
38 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x31, 0x17, 0x30,
39 0x15, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0e, 0x77, 0x77, 0x77, 0x2e,
40 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x81,
41 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01,
42 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
43 0x81, 0x81, 0x00, 0x9b, 0x19, 0xed, 0x5d, 0xa5, 0x56, 0xaf, 0x49, 0x66,
44 0xdb, 0x79, 0xfd, 0xc2, 0x1c, 0x78, 0x4e, 0x4f, 0x11, 0xa5, 0x8a, 0xac,
45 0xe2, 0x94, 0xee, 0xe3, 0xe2, 0x4b, 0xc0, 0x03, 0x25, 0xa7, 0x99, 0xcc,
46 0x65, 0xe1, 0xec, 0x94, 0xae, 0xae, 0xf0, 0xa7, 0x99, 0xbc, 0x10, 0xd7,
47 0xed, 0x87, 0x30, 0x47, 0xcd, 0x50, 0xf9, 0xaf, 0xd3, 0xd3, 0xf4, 0x0b,
48 0x8d, 0x47, 0x8a, 0x2e, 0xe2, 0xce, 0x53, 0x9b, 0x91, 0x99, 0x7f, 0x1e,
49 0x5c, 0xf9, 0x1b, 0xd6, 0xe9, 0x93, 0x67, 0xe3, 0x4a, 0xf8, 0xcf, 0xc4,
50 0x8c, 0x0c, 0x68, 0xd1, 0x97, 0x54, 0x47, 0x0e, 0x0a, 0x24, 0x30, 0xa7,
51 0x82, 0x94, 0xae, 0xde, 0xae, 0x3f, 0xbf, 0xba, 0x14, 0xc6, 0xf8, 0xb2,
52 0x90, 0x8e, 0x36, 0xad, 0xe1, 0xd0, 0xbe, 0x16, 0x9a, 0xb3, 0x5e, 0x72,
53 0x38, 0x49, 0xda, 0x74, 0xa1, 0x3f, 0xff, 0xd2, 0x87, 0x81, 0xed, 0x02,
54 0x03, 0x01, 0x00, 0x01, 0xa3, 0x81, 0xe7, 0x30, 0x81, 0xe4, 0x30, 0x28,
55 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x21, 0x30, 0x1f, 0x06, 0x08, 0x2b,
56 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2b, 0x06, 0x01,
57 0x05, 0x05, 0x07, 0x03, 0x02, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86,
58 0xf8, 0x42, 0x04, 0x01, 0x30, 0x36, 0x06, 0x03, 0x55, 0x1d, 0x1f, 0x04,
59 0x2f, 0x30, 0x2d, 0x30, 0x2b, 0xa0, 0x29, 0xa0, 0x27, 0x86, 0x25, 0x68,
60 0x74, 0x74, 0x70, 0x3a, 0x2f, 0x2f, 0x63, 0x72, 0x6c, 0x2e, 0x74, 0x68,
61 0x61, 0x77, 0x74, 0x65, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x54, 0x68, 0x61,
62 0x77, 0x74, 0x65, 0x53, 0x47, 0x43, 0x43, 0x41, 0x2e, 0x63, 0x72, 0x6c,
63 0x30, 0x72, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x01, 0x01,
64 0x04, 0x66, 0x30, 0x64, 0x30, 0x22, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
65 0x05, 0x07, 0x30, 0x01, 0x86, 0x16, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
66 0x2f, 0x6f, 0x63, 0x73, 0x70, 0x2e, 0x74, 0x68, 0x61, 0x77, 0x74, 0x65,
67 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x3e, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05,
68 0x05, 0x07, 0x30, 0x02, 0x86, 0x32, 0x68, 0x74, 0x74, 0x70, 0x3a, 0x2f,
69 0x2f, 0x77, 0x77, 0x77, 0x2e, 0x74, 0x68, 0x61, 0x77, 0x74, 0x65, 0x2e,
70 0x63, 0x6f, 0x6d, 0x2f, 0x72, 0x65, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x6f,
71 0x72, 0x79, 0x2f, 0x54, 0x68, 0x61, 0x77, 0x74, 0x65, 0x5f, 0x53, 0x47,
72 0x43, 0x5f, 0x43, 0x41, 0x2e, 0x63, 0x72, 0x74, 0x30, 0x0c, 0x06, 0x03,
73 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0d,
74 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05,
75 0x00, 0x03, 0x81, 0x81, 0x00, 0x31, 0x0a, 0x6c, 0xa2, 0x9e, 0xe9, 0x54,
76 0x19, 0x16, 0x68, 0x99, 0x91, 0xd6, 0x43, 0xcb, 0x6b, 0xb4, 0xcc, 0x6c,
77 0xcc, 0xb0, 0xfb, 0xf1, 0xee, 0x81, 0xbf, 0x00, 0x2b, 0x6f, 0x50, 0x12,
78 0xc6, 0xaf, 0x02, 0x2a, 0x36, 0xc1, 0x28, 0xde, 0xc5, 0x4c, 0x56, 0x20,
79 0x6d, 0xf5, 0x3d, 0x42, 0xb9, 0x18, 0x81, 0x20, 0xb2, 0xdd, 0x57, 0x5d,
80 0xeb, 0xbe, 0x32, 0x84, 0x50, 0x45, 0x51, 0x6e, 0xcd, 0xe4, 0x2e, 0x2a,
81 0x38, 0x88, 0x9f, 0x52, 0xed, 0x28, 0xff, 0xfc, 0x8d, 0x57, 0xb5, 0xad,
82 0x64, 0xae, 0x4d, 0x0e, 0x0e, 0xd9, 0x3d, 0xac, 0xb8, 0xfe, 0x66, 0x4c,
83 0x15, 0x8f, 0x44, 0x52, 0xfa, 0x7c, 0x3c, 0x04, 0xed, 0x7f, 0x37, 0x61,
84 0x04, 0xfe, 0xd5, 0xe9, 0xb9, 0xb0, 0x9e, 0xfe, 0xa5, 0x11, 0x69, 0xc9,
85 0x63, 0xd6, 0x46, 0x81, 0x6f, 0x00, 0xd8, 0x72, 0x2f, 0x82, 0x37, 0x44,
86 0xc1
87 };
88
89 } // namespace
90
91 namespace content {
92
93 class SSLHostStateTest : public testing::Test {
94 };
95
96 TEST_F(SSLHostStateTest, DidHostRunInsecureContent) {
97 SSLHostState state;
98
99 EXPECT_FALSE(state.DidHostRunInsecureContent("www.google.com", 42));
100 EXPECT_FALSE(state.DidHostRunInsecureContent("www.google.com", 191));
101 EXPECT_FALSE(state.DidHostRunInsecureContent("example.com", 42));
102
103 state.HostRanInsecureContent("www.google.com", 42);
104
105 EXPECT_TRUE(state.DidHostRunInsecureContent("www.google.com", 42));
106 EXPECT_FALSE(state.DidHostRunInsecureContent("www.google.com", 191));
107 EXPECT_FALSE(state.DidHostRunInsecureContent("example.com", 42));
108
109 state.HostRanInsecureContent("example.com", 42);
110
111 EXPECT_TRUE(state.DidHostRunInsecureContent("www.google.com", 42));
112 EXPECT_FALSE(state.DidHostRunInsecureContent("www.google.com", 191));
113 EXPECT_TRUE(state.DidHostRunInsecureContent("example.com", 42));
114 }
115
116 TEST_F(SSLHostStateTest, QueryPolicy) {
117 scoped_refptr<net::X509Certificate> google_cert(
118 net::X509Certificate::CreateFromBytes(
119 reinterpret_cast<const char*>(google_der), sizeof(google_der)));
120
121 SSLHostState state;
122
123 EXPECT_EQ(net::CertPolicy::UNKNOWN,
124 state.QueryPolicy(google_cert.get(),
125 "www.google.com",
126 net::CERT_STATUS_DATE_INVALID));
127 EXPECT_EQ(net::CertPolicy::UNKNOWN,
128 state.QueryPolicy(google_cert.get(),
129 "google.com",
130 net::CERT_STATUS_DATE_INVALID));
131 EXPECT_EQ(net::CertPolicy::UNKNOWN,
132 state.QueryPolicy(google_cert.get(),
133 "example.com",
134 net::CERT_STATUS_DATE_INVALID));
135
136 state.AllowCertForHost(google_cert.get(),
137 "www.google.com",
138 net::CERT_STATUS_DATE_INVALID);
139
140 EXPECT_EQ(net::CertPolicy::ALLOWED,
141 state.QueryPolicy(google_cert.get(),
142 "www.google.com",
143 net::CERT_STATUS_DATE_INVALID));
144 EXPECT_EQ(net::CertPolicy::UNKNOWN,
145 state.QueryPolicy(google_cert.get(),
146 "google.com",
147 net::CERT_STATUS_DATE_INVALID));
148 EXPECT_EQ(net::CertPolicy::UNKNOWN,
149 state.QueryPolicy(google_cert.get(),
150 "example.com",
151 net::CERT_STATUS_DATE_INVALID));
152
153 state.AllowCertForHost(google_cert.get(),
154 "example.com",
155 net::CERT_STATUS_DATE_INVALID);
156
157 EXPECT_EQ(net::CertPolicy::ALLOWED,
158 state.QueryPolicy(google_cert.get(),
159 "www.google.com",
160 net::CERT_STATUS_DATE_INVALID));
161 EXPECT_EQ(net::CertPolicy::UNKNOWN,
162 state.QueryPolicy(google_cert.get(),
163 "google.com",
164 net::CERT_STATUS_DATE_INVALID));
165 EXPECT_EQ(net::CertPolicy::ALLOWED,
166 state.QueryPolicy(google_cert.get(),
167 "example.com",
168 net::CERT_STATUS_DATE_INVALID));
169
170 state.DenyCertForHost(google_cert.get(),
171 "example.com",
172 net::CERT_STATUS_DATE_INVALID);
173
174 EXPECT_EQ(net::CertPolicy::ALLOWED,
175 state.QueryPolicy(google_cert.get(),
176 "www.google.com",
177 net::CERT_STATUS_DATE_INVALID));
178 EXPECT_EQ(net::CertPolicy::UNKNOWN,
179 state.QueryPolicy(google_cert.get(),
180 "google.com",
181 net::CERT_STATUS_DATE_INVALID));
182 EXPECT_EQ(net::CertPolicy::DENIED,
183 state.QueryPolicy(google_cert.get(),
184 "example.com",
185 net::CERT_STATUS_DATE_INVALID));
186
187 state.Clear();
188
189 EXPECT_EQ(net::CertPolicy::UNKNOWN,
190 state.QueryPolicy(google_cert.get(),
191 "www.google.com",
192 net::CERT_STATUS_DATE_INVALID));
193 EXPECT_EQ(net::CertPolicy::UNKNOWN,
194 state.QueryPolicy(google_cert.get(),
195 "google.com",
196 net::CERT_STATUS_DATE_INVALID));
197 EXPECT_EQ(net::CertPolicy::UNKNOWN,
198 state.QueryPolicy(google_cert.get(),
199 "example.com",
200 net::CERT_STATUS_DATE_INVALID));
201 }
202
203 } // namespace content
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698