Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_security_headers_unittest.cc

Issue 826423009: Treat HSTS and HPKP state independently. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rsleevi comments Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/http_security_headers.cc ('k') | net/http/transport_security_state.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <algorithm> 5 #include <algorithm>
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/sha1.h" 8 #include "base/sha1.h"
9 #include "base/strings/string_piece.h" 9 #include "base/strings/string_piece.h"
10 #include "crypto/sha2.h" 10 #include "crypto/sha2.h"
(...skipping 373 matching lines...) Expand 10 before | Expand all | Expand 10 after
384 HashValueVector hashes; 384 HashValueVector hashes;
385 HashValueVector chain_hashes; 385 HashValueVector chain_hashes;
386 386
387 // Set some fake "chain" hashes into chain_hashes 387 // Set some fake "chain" hashes into chain_hashes
388 chain_hashes.push_back(GetTestHashValue(1, tag)); 388 chain_hashes.push_back(GetTestHashValue(1, tag));
389 chain_hashes.push_back(GetTestHashValue(2, tag)); 389 chain_hashes.push_back(GetTestHashValue(2, tag));
390 chain_hashes.push_back(GetTestHashValue(3, tag)); 390 chain_hashes.push_back(GetTestHashValue(3, tag));
391 391
392 // The good pin must be in the chain, the backup pin must not be 392 // The good pin must be in the chain, the backup pin must not be
393 std::string good_pin = GetTestPin(2, tag); 393 std::string good_pin = GetTestPin(2, tag);
394 std::string good_pin2 = GetTestPin(3, tag);
394 std::string backup_pin = GetTestPin(4, tag); 395 std::string backup_pin = GetTestPin(4, tag);
395 396
396 EXPECT_TRUE(ParseHPKPHeader( 397 EXPECT_TRUE(ParseHPKPHeader(
397 "max-age=243; " + good_pin + ";" + backup_pin, 398 "max-age=243; " + good_pin + ";" + backup_pin,
398 chain_hashes, &max_age, &include_subdomains, &hashes)); 399 chain_hashes, &max_age, &include_subdomains, &hashes));
399 expect_max_age = base::TimeDelta::FromSeconds(243); 400 expect_max_age = base::TimeDelta::FromSeconds(243);
400 EXPECT_EQ(expect_max_age, max_age); 401 EXPECT_EQ(expect_max_age, max_age);
401 EXPECT_FALSE(include_subdomains); 402 EXPECT_FALSE(include_subdomains);
402 403
403 EXPECT_TRUE(ParseHPKPHeader( 404 EXPECT_TRUE(ParseHPKPHeader(
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
461 EXPECT_TRUE(include_subdomains); 462 EXPECT_TRUE(include_subdomains);
462 463
463 EXPECT_TRUE(ParseHPKPHeader( 464 EXPECT_TRUE(ParseHPKPHeader(
464 " max-age=999999999999999999999999999999999999999999999 ; " + 465 " max-age=999999999999999999999999999999999999999999999 ; " +
465 backup_pin + ";" + good_pin + "; ", 466 backup_pin + ";" + good_pin + "; ",
466 chain_hashes, &max_age, &include_subdomains, &hashes)); 467 chain_hashes, &max_age, &include_subdomains, &hashes));
467 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs); 468 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs);
468 EXPECT_EQ(expect_max_age, max_age); 469 EXPECT_EQ(expect_max_age, max_age);
469 EXPECT_FALSE(include_subdomains); 470 EXPECT_FALSE(include_subdomains);
470 471
471 // Test that parsing the same header twice doesn't duplicate the recorded 472 // Test that parsing a different header resets the hashes.
472 // hashes.
473 hashes.clear(); 473 hashes.clear();
474 EXPECT_TRUE(ParseHPKPHeader( 474 EXPECT_TRUE(ParseHPKPHeader(
475 " max-age=999; " + 475 " max-age=999; " +
476 backup_pin + ";" + good_pin + "; ", 476 backup_pin + ";" + good_pin + "; ",
477 chain_hashes, &max_age, &include_subdomains, &hashes)); 477 chain_hashes, &max_age, &include_subdomains, &hashes));
478 EXPECT_EQ(2u, hashes.size()); 478 EXPECT_EQ(2u, hashes.size());
479 EXPECT_TRUE(ParseHPKPHeader( 479 EXPECT_TRUE(ParseHPKPHeader(
480 " max-age=999; " + 480 " max-age=999; " + backup_pin + ";" + good_pin2 + "; ", chain_hashes,
481 backup_pin + ";" + good_pin + "; ", 481 &max_age, &include_subdomains, &hashes));
482 chain_hashes, &max_age, &include_subdomains, &hashes));
483 EXPECT_EQ(2u, hashes.size()); 482 EXPECT_EQ(2u, hashes.size());
484 } 483 }
485 484
486 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) { 485 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) {
487 TestBogusPinsHeaders(HASH_VALUE_SHA1); 486 TestBogusPinsHeaders(HASH_VALUE_SHA1);
488 } 487 }
489 488
490 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) { 489 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) {
491 TestBogusPinsHeaders(HASH_VALUE_SHA256); 490 TestBogusPinsHeaders(HASH_VALUE_SHA256);
492 } 491 }
(...skipping 215 matching lines...) Expand 10 before | Expand all | Expand 10 after
708 EXPECT_TRUE(domain_state.ShouldUpgradeToSSL()); 707 EXPECT_TRUE(domain_state.ShouldUpgradeToSSL());
709 EXPECT_TRUE(state.ShouldUpgradeToSSL(domain)); 708 EXPECT_TRUE(state.ShouldUpgradeToSSL(domain));
710 // The dynamic pins, which do not match |saved_hashes|, should take 709 // The dynamic pins, which do not match |saved_hashes|, should take
711 // precedence over the static pins and cause the check to fail. 710 // precedence over the static pins and cause the check to fail.
712 EXPECT_FALSE(state.CheckPublicKeyPins(domain, 711 EXPECT_FALSE(state.CheckPublicKeyPins(domain,
713 is_issued_by_known_root, 712 is_issued_by_known_root,
714 saved_hashes, 713 saved_hashes,
715 &failure_log)); 714 &failure_log));
716 } 715 }
717 716
717 // Tests that seeing an invalid HPKP header leaves the existing one alone.
718 TEST_F(HttpSecurityHeadersTest, IgnoreInvalidHeaders) {
719 TransportSecurityState state;
720
721 HashValue good_hash = GetTestHashValue(1, HASH_VALUE_SHA256);
722 std::string good_pin = GetTestPin(1, HASH_VALUE_SHA256);
723 std::string bad_pin = GetTestPin(2, HASH_VALUE_SHA256);
724 std::string backup_pin = GetTestPin(3, HASH_VALUE_SHA256);
725
726 SSLInfo ssl_info;
727 ssl_info.public_key_hashes.push_back(good_hash);
728
729 // Add a valid HPKP header.
730 EXPECT_TRUE(state.AddHPKPHeader(
731 "example.com", "max-age = 10000; " + good_pin + "; " + backup_pin,
732 ssl_info));
733
734 // Check the insertion was valid.
735 EXPECT_TRUE(state.HasPublicKeyPins("example.com"));
736 std::string failure_log;
737 bool is_issued_by_known_root = true;
738 EXPECT_TRUE(state.CheckPublicKeyPins("example.com", is_issued_by_known_root,
739 ssl_info.public_key_hashes,
740 &failure_log));
741
742 // Now assert an invalid one. This should fail.
743 EXPECT_FALSE(state.AddHPKPHeader(
744 "example.com", "max-age = 10000; " + bad_pin + "; " + backup_pin,
745 ssl_info));
746
747 // The old pins must still exist.
748 EXPECT_TRUE(state.HasPublicKeyPins("example.com"));
749 EXPECT_TRUE(state.CheckPublicKeyPins("example.com", is_issued_by_known_root,
750 ssl_info.public_key_hashes,
751 &failure_log));
752 }
753
718 }; // namespace net 754 }; // namespace net
OLDNEW
« no previous file with comments | « net/http/http_security_headers.cc ('k') | net/http/transport_security_state.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698