diff options
| author | ekasper@google.com <ekasper@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-11-28 13:43:26 +0000 |
|---|---|---|
| committer | ekasper@google.com <ekasper@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-11-28 13:43:26 +0000 |
| commit | 4e72ee50e8f859f1b7dc9a8904d41462c107277e (patch) | |
| tree | 3f36a9f06c3f7b01407de9bea103f8c6442d159c /net/test | |
| parent | 560e2f57c9f16b8c54a4fba8dc241a228dd6f049 (diff) | |
| download | chromium_src-4e72ee50e8f859f1b7dc9a8904d41462c107277e.zip chromium_src-4e72ee50e8f859f1b7dc9a8904d41462c107277e.tar.gz chromium_src-4e72ee50e8f859f1b7dc9a8904d41462c107277e.tar.bz2 | |
Add support for fetching Certificate Transparency SCTs over a TLS extension
BUG=309578
Review URL: https://codereview.chromium.org/83333003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@237775 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/test')
| -rw-r--r-- | net/test/spawned_test_server/base_test_server.cc | 6 | ||||
| -rw-r--r-- | net/test/spawned_test_server/base_test_server.h | 9 |
2 files changed, 14 insertions, 1 deletions
diff --git a/net/test/spawned_test_server/base_test_server.cc b/net/test/spawned_test_server/base_test_server.cc index b8697d4..775341b 100644 --- a/net/test/spawned_test_server/base_test_server.cc +++ b/net/test/spawned_test_server/base_test_server.cc @@ -398,6 +398,12 @@ bool BaseTestServer::GenerateArguments(base::DictionaryValue* arguments) const { arguments->Set("tls-intolerant", new base::FundamentalValue(ssl_options_.tls_intolerant)); } + if (!ssl_options_.signed_cert_timestamps.empty()) { + std::string b64_scts; + if (!base::Base64Encode(ssl_options_.signed_cert_timestamps, &b64_scts)) + return false; + arguments->SetString("signed-cert-timestamps", b64_scts); + } } return GenerateAdditionalArguments(arguments); diff --git a/net/test/spawned_test_server/base_test_server.h b/net/test/spawned_test_server/base_test_server.h index ff395c5..9d5cda8 100644 --- a/net/test/spawned_test_server/base_test_server.h +++ b/net/test/spawned_test_server/base_test_server.h @@ -147,6 +147,14 @@ class BaseTestServer { // If not TLS_INTOLERANT_NONE, the server will abort any handshake that // negotiates an intolerant TLS version in order to test version fallback. TLSIntolerantLevel tls_intolerant; + + // (Fake) SignedCertificateTimestampList (as a raw binary string) to send in + // a TLS extension. + // Temporary glue for testing: validation of SCTs is application-controlled + // and can be appropriately mocked out, so sending fake data here does not + // affect handshaking behaviour. + // TODO(ekasper): replace with valid SCT files for test certs. + std::string signed_cert_timestamps; }; // Pass as the 'host' parameter during construction to server on 127.0.0.1 @@ -260,4 +268,3 @@ class BaseTestServer { } // namespace net #endif // NET_TEST_SPAWNED_TEST_SERVER_BASE_TEST_SERVER_H_ - |