search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Run canExecute before executing delete command.
[chromium-blink-merge.git] / chrome / browser / ssl / ssl_error_classification_unittest.cc
blob593afdebff5bdf1b56b4511ba33f93ee512b5e0c
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/ssl/ssl_error_classification.h"
6
7 #include "base/files/file_path.h"
8 #include "base/strings/string_split.h"
9 #include "base/time/time.h"
10 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
11 #include "content/public/browser/web_contents.h"
12 #include "net/base/net_errors.h"
13 #include "net/base/test_data_directory.h"
14 #include "net/cert/x509_cert_types.h"
15 #include "net/cert/x509_certificate.h"
16 #include "net/test/cert_test_util.h"
17 #include "net/test/test_certificate_data.h"
18 #include "testing/gtest/include/gtest/gtest.h"
19 #include "url/gurl.h"
20
21 using base::Time;
22 using content::WebContents;
23
24 class SSLErrorClassificationTest : public ChromeRenderViewHostTestHarness {
25 public:
26 SSLErrorClassificationTest() {
27 SetThreadBundleOptions(content::TestBrowserThreadBundle::REAL_IO_THREAD);
28 }
29 };
30
31 TEST_F(SSLErrorClassificationTest, TestNameMismatch) {
32 scoped_refptr<net::X509Certificate> google_cert(
33 net::X509Certificate::CreateFromBytes(
34 reinterpret_cast<const char*>(google_der), sizeof(google_der)));
35 ASSERT_NE(static_cast<net::X509Certificate*>(NULL), google_cert.get());
36 base::Time time = base::Time::NowFromSystemTime();
37 std::vector<std::string> dns_names_google;
38 dns_names_google.push_back("www");
39 dns_names_google.push_back("google");
40 dns_names_google.push_back("com");
41 std::vector<std::vector<std::string>> dns_name_tokens_google;
42 dns_name_tokens_google.push_back(dns_names_google);
43 int cert_error = net::ERR_CERT_COMMON_NAME_INVALID;
44 WebContents* contents = web_contents();
45 {
46 GURL origin("https://google.com");
47 std::string host_name = origin.host();
48 std::vector<std::string> host_name_tokens;
49 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
50 SSLErrorClassification ssl_error(contents,
51 time,
52 origin,
53 cert_error,
54 *google_cert);
55 EXPECT_TRUE(ssl_error.IsWWWSubDomainMatch());
56 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
57 dns_name_tokens_google));
58 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
59 host_name_tokens));
60 EXPECT_FALSE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
61 EXPECT_FALSE(ssl_error.IsCertLikelyFromMultiTenantHosting());
62 }
63
64 {
65 GURL origin("https://foo.blah.google.com");
66 std::string host_name = origin.host();
67 std::vector<std::string> host_name_tokens;
68 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
69 SSLErrorClassification ssl_error(contents,
70 time,
71 origin,
72 cert_error,
73 *google_cert);
74 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
75 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
76 dns_name_tokens_google));
77 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
78 host_name_tokens));
79 }
80
81 {
82 GURL origin("https://foo.www.google.com");
83 std::string host_name = origin.host();
84 std::vector<std::string> host_name_tokens;
85 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
86 SSLErrorClassification ssl_error(contents,
87 time,
88 origin,
89 cert_error,
90 *google_cert);
91 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
92 EXPECT_TRUE(ssl_error.NameUnderAnyNames(host_name_tokens,
93 dns_name_tokens_google));
94 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
95 host_name_tokens));
96 }
97
98 {
99 GURL origin("https://www.google.com.foo");
100 std::string host_name = origin.host();
101 std::vector<std::string> host_name_tokens;
102 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
103 SSLErrorClassification ssl_error(contents,
104 time,
105 origin,
106 cert_error,
107 *google_cert);
108 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
109 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
110 dns_name_tokens_google));
111 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
112 host_name_tokens));
113 }
114
115 {
116 GURL origin("https://www.foogoogle.com.");
117 std::string host_name = origin.host();
118 std::vector<std::string> host_name_tokens;
119 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
120 SSLErrorClassification ssl_error(contents,
121 time,
122 origin,
123 cert_error,
124 *google_cert);
125 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
126 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
127 dns_name_tokens_google));
128 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_google,
129 host_name_tokens));
130 }
131
132 scoped_refptr<net::X509Certificate> webkit_cert(
133 net::X509Certificate::CreateFromBytes(
134 reinterpret_cast<const char*>(webkit_der), sizeof(webkit_der)));
135 ASSERT_NE(static_cast<net::X509Certificate*>(NULL), webkit_cert.get());
136 std::vector<std::string> dns_names_webkit;
137 dns_names_webkit.push_back("webkit");
138 dns_names_webkit.push_back("org");
139 std::vector<std::vector<std::string>> dns_name_tokens_webkit;
140 dns_name_tokens_webkit.push_back(dns_names_webkit);
141 {
142 GURL origin("https://a.b.webkit.org");
143 std::string host_name = origin.host();
144 std::vector<std::string> host_name_tokens;
145 base::SplitStringDontTrim(host_name, '.', &host_name_tokens);
146 SSLErrorClassification ssl_error(contents,
147 time,
148 origin,
149 cert_error,
150 *webkit_cert);
151 EXPECT_FALSE(ssl_error.IsWWWSubDomainMatch());
152 EXPECT_FALSE(ssl_error.NameUnderAnyNames(host_name_tokens,
153 dns_name_tokens_webkit));
154 EXPECT_FALSE(ssl_error.AnyNamesUnderName(dns_name_tokens_webkit,
155 host_name_tokens));
156 EXPECT_TRUE(ssl_error.IsSubDomainOutsideWildcard(host_name_tokens));
157 EXPECT_FALSE(ssl_error.IsCertLikelyFromMultiTenantHosting());
158 }
159 }
160
161 TEST_F(SSLErrorClassificationTest, TestHostNameHasKnownTLD) {
162 EXPECT_TRUE(SSLErrorClassification::IsHostNameKnownTLD("www.google.com"));
163 EXPECT_TRUE(SSLErrorClassification::IsHostNameKnownTLD("b.appspot.com"));
164 EXPECT_FALSE(SSLErrorClassification::IsHostNameKnownTLD("a.private"));
165 }
166
167 TEST_F(SSLErrorClassificationTest, TestPrivateURL) {
168 EXPECT_FALSE(SSLErrorClassification::IsHostnameNonUniqueOrDotless(
169 "www.foogoogle.com."));
170 EXPECT_TRUE(SSLErrorClassification::IsHostnameNonUniqueOrDotless("go"));
171 EXPECT_TRUE(
172 SSLErrorClassification::IsHostnameNonUniqueOrDotless("172.17.108.108"));
173 EXPECT_TRUE(SSLErrorClassification::IsHostnameNonUniqueOrDotless("foo.blah"));
174 }