| // Copyright 2015 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "content/common/ssl_status_serialization.h" |
| |
| #include "net/ssl/ssl_connection_status_flags.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| |
| namespace content { |
| |
| // Test that a valid serialized SSLStatus returns true on |
| // deserialization and deserializes correctly. |
| TEST(SSLStatusSerializationTest, DeserializeSerializedStatus) { |
| // Serialize dummy data and test that it deserializes properly. |
| SSLStatus status; |
| status.security_style = SECURITY_STYLE_AUTHENTICATED; |
| status.cert_id = 1; |
| status.cert_status = net::CERT_STATUS_DATE_INVALID; |
| status.security_bits = 80; |
| status.connection_status = net::SSL_CONNECTION_VERSION_TLS1_2; |
| SignedCertificateTimestampIDAndStatus sct(1, net::ct::SCT_STATUS_OK); |
| status.signed_certificate_timestamp_ids.push_back(sct); |
| |
| std::string serialized = SerializeSecurityInfo(status); |
| |
| SSLStatus deserialized; |
| ASSERT_TRUE(DeserializeSecurityInfo(serialized, &deserialized)); |
| EXPECT_EQ(status.security_style, deserialized.security_style); |
| EXPECT_EQ(status.cert_id, deserialized.cert_id); |
| EXPECT_EQ(status.cert_status, deserialized.cert_status); |
| EXPECT_EQ(status.security_bits, deserialized.security_bits); |
| EXPECT_EQ(status.connection_status, deserialized.connection_status); |
| EXPECT_EQ(status.signed_certificate_timestamp_ids.size(), |
| deserialized.signed_certificate_timestamp_ids.size()); |
| EXPECT_EQ(sct, deserialized.signed_certificate_timestamp_ids[0]); |
| // Test that |content_status| has the default (initialized) value. |
| EXPECT_EQ(SSLStatus::NORMAL_CONTENT, deserialized.content_status); |
| } |
| |
| // Test that an invalid serialized SSLStatus returns false on |
| // deserialization. |
| TEST(SSLStatusSerializationTest, DeserializeBogusStatus) { |
| // Test that a failure to deserialize returns false and returns |
| // initialized, default data. |
| SSLStatus invalid_deserialized; |
| ASSERT_FALSE( |
| DeserializeSecurityInfo("not an SSLStatus", &invalid_deserialized)); |
| |
| SSLStatus default_ssl_status; |
| EXPECT_EQ(default_ssl_status.security_style, |
| invalid_deserialized.security_style); |
| EXPECT_EQ(default_ssl_status.cert_id, invalid_deserialized.cert_id); |
| EXPECT_EQ(default_ssl_status.cert_status, invalid_deserialized.cert_status); |
| EXPECT_EQ(default_ssl_status.security_bits, |
| invalid_deserialized.security_bits); |
| EXPECT_EQ(default_ssl_status.connection_status, |
| invalid_deserialized.connection_status); |
| EXPECT_EQ(default_ssl_status.content_status, |
| invalid_deserialized.content_status); |
| EXPECT_EQ(0u, invalid_deserialized.signed_certificate_timestamp_ids.size()); |
| |
| // Serialize a status with a bad |security_bits| value and test that |
| // deserializing it fails. |
| SSLStatus status; |
| status.security_style = SECURITY_STYLE_AUTHENTICATED; |
| status.cert_id = 1; |
| status.cert_status = net::CERT_STATUS_DATE_INVALID; |
| // |security_bits| must be <-1. (-1 means the strength is unknown, and |
| // |0 means the connection is not encrypted). |
| status.security_bits = -5; |
| status.connection_status = net::SSL_CONNECTION_VERSION_TLS1_2; |
| SignedCertificateTimestampIDAndStatus sct(1, net::ct::SCT_STATUS_OK); |
| status.signed_certificate_timestamp_ids.push_back(sct); |
| |
| std::string serialized = SerializeSecurityInfo(status); |
| ASSERT_FALSE(DeserializeSecurityInfo(serialized, &invalid_deserialized)); |
| |
| EXPECT_EQ(default_ssl_status.security_style, |
| invalid_deserialized.security_style); |
| EXPECT_EQ(default_ssl_status.cert_id, invalid_deserialized.cert_id); |
| EXPECT_EQ(default_ssl_status.cert_status, invalid_deserialized.cert_status); |
| EXPECT_EQ(default_ssl_status.security_bits, |
| invalid_deserialized.security_bits); |
| EXPECT_EQ(default_ssl_status.connection_status, |
| invalid_deserialized.connection_status); |
| EXPECT_EQ(default_ssl_status.content_status, |
| invalid_deserialized.content_status); |
| EXPECT_EQ(0u, invalid_deserialized.signed_certificate_timestamp_ids.size()); |
| |
| // Now serialize a status with a bad |security_style| value and test |
| // that deserializing fails. |
| status.security_bits = 128; |
| status.security_style = static_cast<SecurityStyle>(100); |
| serialized = SerializeSecurityInfo(status); |
| ASSERT_FALSE(DeserializeSecurityInfo(serialized, &invalid_deserialized)); |
| |
| EXPECT_EQ(default_ssl_status.security_style, |
| invalid_deserialized.security_style); |
| EXPECT_EQ(default_ssl_status.cert_id, invalid_deserialized.cert_id); |
| EXPECT_EQ(default_ssl_status.cert_status, invalid_deserialized.cert_status); |
| EXPECT_EQ(default_ssl_status.security_bits, |
| invalid_deserialized.security_bits); |
| EXPECT_EQ(default_ssl_status.connection_status, |
| invalid_deserialized.connection_status); |
| EXPECT_EQ(default_ssl_status.content_status, |
| invalid_deserialized.content_status); |
| EXPECT_EQ(0u, invalid_deserialized.signed_certificate_timestamp_ids.size()); |
| } |
| |
| } // namespace |