net/http/http_security_headers_unittest.cc - Issue 86043003: net: don't duplicate HPKP hashes when parsing the header.

Side by Side Diff: net/http/http_security_headers_unittest.cc

Issue 86043003: net: don't duplicate HPKP hashes when parsing the header. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include <algorithm>	5 #include <algorithm>

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "base/sha1.h"	8 #include "base/sha1.h"

9 #include "base/strings/string_piece.h"	9 #include "base/strings/string_piece.h"

10 #include "crypto/sha2.h"	10 #include "crypto/sha2.h"

(...skipping 398 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
409 EXPECT_EQ(expect_max_age, max_age);	409 EXPECT_EQ(expect_max_age, max_age);

410 EXPECT_TRUE(include_subdomains);	410 EXPECT_TRUE(include_subdomains);

411	411

412 EXPECT_TRUE(ParseHPKPHeader(	412 EXPECT_TRUE(ParseHPKPHeader(

413 " max-age=999999999999999999999999999999999999999999999 ; " +	413 " max-age=999999999999999999999999999999999999999999999 ; " +

414 backup_pin + ";" + good_pin + "; ",	414 backup_pin + ";" + good_pin + "; ",

415 chain_hashes, &max_age, &include_subdomains, &hashes));	415 chain_hashes, &max_age, &include_subdomains, &hashes));

416 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs);	416 expect_max_age = base::TimeDelta::FromSeconds(kMaxHSTSAgeSecs);

417 EXPECT_EQ(expect_max_age, max_age);	417 EXPECT_EQ(expect_max_age, max_age);

418 EXPECT_FALSE(include_subdomains);	418 EXPECT_FALSE(include_subdomains);

	419

	420 // Test that parsing the same header twice doesn't duplicate the recorded

	421 // hashes.

	422 hashes.clear();

	423 EXPECT_TRUE(ParseHPKPHeader(

	424 " max-age=999; " +

	425 backup_pin + ";" + good_pin + "; ",

	426 chain_hashes, &max_age, &include_subdomains, &hashes));

	427 EXPECT_EQ(2u, hashes.size());

	428 EXPECT_TRUE(ParseHPKPHeader(

	429 " max-age=999; " +

	430 backup_pin + ";" + good_pin + "; ",

	431 chain_hashes, &max_age, &include_subdomains, &hashes));

	432 EXPECT_EQ(2u, hashes.size());

419 }	433 }

420	434

421 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) {	435 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA1) {

422 TestBogusPinsHeaders(HASH_VALUE_SHA1);	436 TestBogusPinsHeaders(HASH_VALUE_SHA1);

423 }	437 }

424	438

425 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) {	439 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) {

426 TestBogusPinsHeaders(HASH_VALUE_SHA256);	440 TestBogusPinsHeaders(HASH_VALUE_SHA256);

427 }	441 }

428	442

(...skipping 67 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
496 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);	510 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);

497	511

498 hash = std::find_if(	512 hash = std::find_if(

499 domain_state.dynamic_spki_hashes.begin(),	513 domain_state.dynamic_spki_hashes.begin(),

500 domain_state.dynamic_spki_hashes.end(),	514 domain_state.dynamic_spki_hashes.end(),

501 HashValuesEqual(backup_hash));	515 HashValuesEqual(backup_hash));

502 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);	516 EXPECT_NE(domain_state.dynamic_spki_hashes.end(), hash);

503 }	517 }

504	518

505 }; // namespace net	519 }; // namespace net

OLD	NEW

« no previous file with comments | « net/http/http_security_headers.cc ('k') | no next file » | no next file with comments »