Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(457)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_error_classification_unittest.cc

Issue 376333003: Find reasons for the SSL common name invalid error. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressed Comments Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/ssl_error_classification.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_error_classification.h" 5 #include "chrome/browser/ssl/ssl_error_classification.h"
6 6
7 #include "base/files/file_path.h" 7 #include "base/files/file_path.h"
8 #include "base/strings/string_split.h"
8 #include "base/time/time.h" 9 #include "base/time/time.h"
9 #include "net/base/test_data_directory.h" 10 #include "net/base/test_data_directory.h"
11 #include "net/cert/x509_cert_types.h"
10 #include "net/cert/x509_certificate.h" 12 #include "net/cert/x509_certificate.h"
11 #include "net/test/cert_test_util.h" 13 #include "net/test/cert_test_util.h"
12 #include "net/test/test_certificate_data.h" 14 #include "net/test/test_certificate_data.h"
13 #include "testing/gtest/include/gtest/gtest.h" 15 #include "testing/gtest/include/gtest/gtest.h"
16 #include "url/gurl.h"
14 17
15 using base::Time; 18 using base::Time;
16 19
17 TEST(SSLErrorClassification, TestDateInvalidScore) { 20 TEST(SSLErrorClassificationTest, TestDateInvalidScore) {
18 base::FilePath certs_dir = net::GetTestCertsDirectory(); 21 base::FilePath certs_dir = net::GetTestCertsDirectory();
19 scoped_refptr<net::X509Certificate> expired_cert = 22 scoped_refptr<net::X509Certificate> expired_cert =
20 net::ImportCertFromFile(certs_dir, "expired_cert.pem"); 23 net::ImportCertFromFile(certs_dir, "expired_cert.pem");
21 base::Time time; 24 base::Time time;
25 GURL origin("https://example.com");
22 26
23 { 27 {
24 EXPECT_TRUE(base::Time::FromString("Wed, 03 Jan 2007 12:00:00 GMT", &time)); 28 EXPECT_TRUE(base::Time::FromString("Wed, 03 Jan 2007 12:00:00 GMT", &time));
25 SSLErrorClassification ssl_error(time, *expired_cert); 29 SSLErrorClassification ssl_error(time, origin, *expired_cert);
26 EXPECT_FLOAT_EQ(0.2f, ssl_error.CalculateScoreTimePassedSinceExpiry()); 30 EXPECT_FLOAT_EQ(0.2f, ssl_error.CalculateScoreTimePassedSinceExpiry());
27 } 31 }
28 32
29 { 33 {
30 EXPECT_TRUE(base::Time::FromString("Sat, 06 Jan 2007 12:00:00 GMT", &time)); 34 EXPECT_TRUE(base::Time::FromString("Sat, 06 Jan 2007 12:00:00 GMT", &time));
31 SSLErrorClassification ssl_error(time, *expired_cert); 35 SSLErrorClassification ssl_error(time, origin, *expired_cert);
32 EXPECT_FLOAT_EQ(0.3f, ssl_error.CalculateScoreTimePassedSinceExpiry()); 36 EXPECT_FLOAT_EQ(0.3f, ssl_error.CalculateScoreTimePassedSinceExpiry());
33 } 37 }
34 38
35 { 39 {
36 EXPECT_TRUE(base::Time::FromString("Mon, 08 Jan 2007 12:00:00 GMT", &time)); 40 EXPECT_TRUE(base::Time::FromString("Mon, 08 Jan 2007 12:00:00 GMT", &time));
37 SSLErrorClassification ssl_error(time, *expired_cert); 41 SSLErrorClassification ssl_error(time, origin, *expired_cert);
38 EXPECT_FLOAT_EQ(0.4f, ssl_error.CalculateScoreTimePassedSinceExpiry()); 42 EXPECT_FLOAT_EQ(0.4f, ssl_error.CalculateScoreTimePassedSinceExpiry());
39 } 43 }
44 }
40 45
46 TEST(SSLErrorClassificationTest, TestNameMismatch) {
47 scoped_refptr<net::X509Certificate> google_cert(
48 net::X509Certificate::CreateFromBytes(
49 reinterpret_cast<const char*>(google_der), sizeof(google_der)));
50 ASSERT_NE(static_cast<net::X509Certificate*>(NULL), google_cert);
51 base::Time time = base::Time::NowFromSystemTime();
52 std::vector<std::string> dns_names_google;
53 dns_names_google.push_back("www");
54 dns_names_google.push_back("google");
55 dns_names_google.push_back("com");
56 std::vector<std::vector<std::string>> dns_name_tokens_google;
57 dns_name_tokens_google.push_back(dns_names_google);
58 {
59 GURL origin("https://google.com");
60 std::string host_name = origin.host();
61 std::vector<std::string> host_name_tokens;
62 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
63 SSLErrorClassification ssl_error(time, origin, *google_cert);
64 EXPECT_TRUE(ssl_error.IsWWWSubDomainMatch());
65 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
66 dns_name_tokens_google));
67 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
68 host_name_tokens));
69 EXPECT_FALSE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
70 }
71
72 {
73 GURL origin("https://foo.blah.google.com");
74 std::string host_name = origin.host();
75 std::vector<std::string> host_name_tokens;
76 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
77 SSLErrorClassification ssl_error(time, origin, *google_cert);
78 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
79 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
80 dns_name_tokens_google));
81 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
82 host_name_tokens));
83 }
84
85 {
86 GURL origin("https://foo.www.google.com");
87 std::string host_name = origin.host();
88 std::vector<std::string> host_name_tokens;
89 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
90 SSLErrorClassification ssl_error(time, origin, *google_cert);
91 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
92 EXPECT_TRUE(ssl_error.NameUnderAnyNames(host_name_tokens,
93 dns_name_tokens_google));
94 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
95 host_name_tokens));
96 }
97
98 {
99 GURL origin("https://www.google.com.foo");
100 std::string host_name = origin.host();
101 std::vector<std::string> host_name_tokens;
102 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
103 SSLErrorClassification ssl_error(time, origin, *google_cert);
104 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
105 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
106 dns_name_tokens_google));
107 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
108 host_name_tokens));
109 }
110
111 {
112 GURL origin("https://www.foogoogle.com.");
113 std::string host_name = origin.host();
114 std::vector<std::string> host_name_tokens;
115 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
116 SSLErrorClassification ssl_error(time, origin, *google_cert);
117 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
118 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
119 dns_name_tokens_google));
120 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
121 host_name_tokens));
122 }
123
124 scoped_refptr<net::X509Certificate> webkit_cert(
125 net::X509Certificate::CreateFromBytes(
126 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)));
127 ASSERT_NE(static_cast<net::X509Certificate*>(NULL), webkit_cert);
128 std::vector<std::string> dns_names_webkit;
129 dns_names_webkit.push_back("webkit");
130 dns_names_webkit.push_back("org");
131 std::vector<std::vector<std::string>> dns_name_tokens_webkit;
132 dns_name_tokens_webkit.push_back(dns_names_webkit);
133 {
134 GURL origin("https://a.b.webkit.org");
135 std::string host_name = origin.host();
136 std::vector<std::string> host_name_tokens;
137 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
138 SSLErrorClassification ssl_error(time, origin, *webkit_cert);
139 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
140 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
141 dns_name_tokens_webkit));
142 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_webkit,
143 host_name_tokens));
144 EXPECT_TRUE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
145 }
41 } 146 }
147
148 TEST(SSLErrorClassificationTest, TestHostNameHasKnownTLD) {
149 std::string url1 = "www.google.com";
150 std::string url2 = "b.appspot.com";
151 std::string url3 = "a.private";
152 EXPECT_TRUE(SSLErrorClassification::IsHostNameKnownTLD(url1));
153 EXPECT_TRUE(SSLErrorClassification::IsHostNameKnownTLD(url2));
154 EXPECT_FALSE(SSLErrorClassification::IsHostNameKnownTLD(url3));
155 }
OLDNEW
« no previous file with comments | « chrome/browser/ssl/ssl_error_classification.cc ('k') | tools/metrics/histograms/histograms.xml » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698