OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <algorithm> | 5 #include <algorithm> |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/sha1.h" | 8 #include "base/sha1.h" |
9 #include "base/strings/string_piece.h" | 9 #include "base/strings/string_piece.h" |
10 #include "crypto/sha2.h" | 10 #include "crypto/sha2.h" |
(...skipping 373 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
384 HashValueVector hashes; | 384 HashValueVector hashes; |
385 HashValueVector chain_hashes; | 385 HashValueVector chain_hashes; |
386 | 386 |
387 // Set some fake "chain" hashes into chain_hashes | 387 // Set some fake "chain" hashes into chain_hashes |
388 chain_hashes.push_back(GetTestHashValue(1, tag)); | 388 chain_hashes.push_back(GetTestHashValue(1, tag)); |
389 chain_hashes.push_back(GetTestHashValue(2, tag)); | 389 chain_hashes.push_back(GetTestHashValue(2, tag)); |
390 chain_hashes.push_back(GetTestHashValue(3, tag)); | 390 chain_hashes.push_back(GetTestHashValue(3, tag)); |
391 | 391 |
392 // The good pin must be in the chain, the backup pin must not be | 392 // The good pin must be in the chain, the backup pin must not be |
393 std::string good_pin = GetTestPin(2, tag); | 393 std::string good_pin = GetTestPin(2, tag); |
| 394 std::string good_pin2 = GetTestPin(3, tag); |
394 std::string backup_pin = GetTestPin(4, tag); | 395 std::string backup_pin = GetTestPin(4, tag); |
395 | 396 |
396 EXPECT_TRUE(ParseHPKPHeader( | 397 EXPECT_TRUE(ParseHPKPHeader( |
397 "max-age=243; " + good_pin + ";" + backup_pin, | 398 "max-age=243; " + good_pin + ";" + backup_pin, |
398 chain_hashes, &max_age, &include_subdomains, &hashes)); | 399 chain_hashes, &max_age, &include_subdomains, &hashes)); |
399 expect_max_age = base::TimeDelta::FromSeconds(243); | 400 expect_max_age = base::TimeDelta::FromSeconds(243); |
400 EXPECT_EQ(expect_max_age, max_age); | 401 EXPECT_EQ(expect_max_age, max_age); |
401 EXPECT_FALSE(include_subdomains); | 402 EXPECT_FALSE(include_subdomains); |
402 | 403 |
403 EXPECT_TRUE(ParseHPKPHeader( | 404 EXPECT_TRUE(ParseHPKPHeader( |
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
461 EXPECT_TRUE(include_subdomains); | 462 EXPECT_TRUE(include_subdomains); |
462 | 463 |
463 EXPECT_TRUE(ParseHPKPHeader( | 464 EXPECT_TRUE(ParseHPKPHeader( |
464 " max-age=999999999999999999999999999999999999999999999 ; " + | 465 " max-age=999999999999999999999999999999999999999999999 ; " + |
465 backup_pin + ";" + good_pin + "; ", | 466 backup_pin + ";" + good_pin + "; ", |
466 chain_hashes, &max_age, &include_subdomains, &hashes)); | 467 chain_hashes, &max_age, &include_subdomains, &hashes)); |
467 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs); | 468 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs); |
468 EXPECT_EQ(expect_max_age, max_age); | 469 EXPECT_EQ(expect_max_age, max_age); |
469 EXPECT_FALSE(include_subdomains); | 470 EXPECT_FALSE(include_subdomains); |
470 | 471 |
471 // Test that parsing the same header twice doesn't duplicate the recorded | 472 // Test that parsing a different header resets the hashes. |
472 // hashes. | |
473 hashes.clear(); | 473 hashes.clear(); |
474 EXPECT_TRUE(ParseHPKPHeader( | 474 EXPECT_TRUE(ParseHPKPHeader( |
475 " max-age=999; " + | 475 " max-age=999; " + |
476 backup_pin + ";" + good_pin + "; ", | 476 backup_pin + ";" + good_pin + "; ", |
477 chain_hashes, &max_age, &include_subdomains, &hashes)); | 477 chain_hashes, &max_age, &include_subdomains, &hashes)); |
478 EXPECT_EQ(2u, hashes.size()); | 478 EXPECT_EQ(2u, hashes.size()); |
479 EXPECT_TRUE(ParseHPKPHeader( | 479 EXPECT_TRUE(ParseHPKPHeader( |
480 " max-age=999; " + | 480 " max-age=999; " + backup_pin + ";" + good_pin2 + "; ", chain_hashes, |
481 backup_pin + ";" + good_pin + "; ", | 481 &max_age, &include_subdomains, &hashes)); |
482 chain_hashes, &max_age, &include_subdomains, &hashes)); | |
483 EXPECT_EQ(2u, hashes.size()); | 482 EXPECT_EQ(2u, hashes.size()); |
484 } | 483 } |
485 | 484 |
486 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) { | 485 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) { |
487 TestBogusPinsHeaders(HASH_VALUE_SHA1); | 486 TestBogusPinsHeaders(HASH_VALUE_SHA1); |
488 } | 487 } |
489 | 488 |
490 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) { | 489 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) { |
491 TestBogusPinsHeaders(HASH_VALUE_SHA256); | 490 TestBogusPinsHeaders(HASH_VALUE_SHA256); |
492 } | 491 } |
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
708 EXPECT_TRUE(domain_state.ShouldUpgradeToSSL()); | 707 EXPECT_TRUE(domain_state.ShouldUpgradeToSSL()); |
709 EXPECT_TRUE(state.ShouldUpgradeToSSL(domain)); | 708 EXPECT_TRUE(state.ShouldUpgradeToSSL(domain)); |
710 // The dynamic pins, which do not match |saved_hashes|, should take | 709 // The dynamic pins, which do not match |saved_hashes|, should take |
711 // precedence over the static pins and cause the check to fail. | 710 // precedence over the static pins and cause the check to fail. |
712 EXPECT_FALSE(state.CheckPublicKeyPins(domain, | 711 EXPECT_FALSE(state.CheckPublicKeyPins(domain, |
713 is_issued_by_known_root, | 712 is_issued_by_known_root, |
714 saved_hashes, | 713 saved_hashes, |
715 &failure_log)); | 714 &failure_log)); |
716 } | 715 } |
717 | 716 |
| 717 // Tests that seeing an invalid HPKP header leaves the existing one alone. |
| 718 TEST_F(HttpSecurityHeadersTest, IgnoreInvalidHeaders) { |
| 719 TransportSecurityState state; |
| 720 |
| 721 HashValue good_hash = GetTestHashValue(1, HASH_VALUE_SHA256); |
| 722 std::string good_pin = GetTestPin(1, HASH_VALUE_SHA256); |
| 723 std::string bad_pin = GetTestPin(2, HASH_VALUE_SHA256); |
| 724 std::string backup_pin = GetTestPin(3, HASH_VALUE_SHA256); |
| 725 |
| 726 SSLInfo ssl_info; |
| 727 ssl_info.public_key_hashes.push_back(good_hash); |
| 728 |
| 729 // Add a valid HPKP header. |
| 730 EXPECT_TRUE(state.AddHPKPHeader( |
| 731 "example.com", "max-age = 10000; " + good_pin + "; " + backup_pin, |
| 732 ssl_info)); |
| 733 |
| 734 // Check the insertion was valid. |
| 735 EXPECT_TRUE(state.HasPublicKeyPins("example.com")); |
| 736 std::string failure_log; |
| 737 bool is_issued_by_known_root = true; |
| 738 EXPECT_TRUE(state.CheckPublicKeyPins("example.com", is_issued_by_known_root, |
| 739 ssl_info.public_key_hashes, |
| 740 &failure_log)); |
| 741 |
| 742 // Now assert an invalid one. This should fail. |
| 743 EXPECT_FALSE(state.AddHPKPHeader( |
| 744 "example.com", "max-age = 10000; " + bad_pin + "; " + backup_pin, |
| 745 ssl_info)); |
| 746 |
| 747 // The old pins must still exist. |
| 748 EXPECT_TRUE(state.HasPublicKeyPins("example.com")); |
| 749 EXPECT_TRUE(state.CheckPublicKeyPins("example.com", is_issued_by_known_root, |
| 750 ssl_info.public_key_hashes, |
| 751 &failure_log)); |
| 752 } |
| 753 |
718 }; // namespace net | 754 }; // namespace net |
OLD | NEW |