Encrypt certificate reports before uploading to HTTP URLs

chrome/browser/net/certificate_error_reporter_unittest.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/net/certificate_error_reporter.h"
 
 #include <set>
 #include <string>
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/macros.h"
 #include "base/message_loop/message_loop.h"
 #include "base/path_service.h"
 #include "base/run_loop.h"
 #include "base/thread_task_runner_handle.h"
 #include "chrome/browser/net/cert_logger.pb.h"
 #include "chrome/common/chrome_paths.h"
 #include "content/public/browser/browser_thread.h"
+#include "crypto/curve25519.h"
 #include "net/base/load_flags.h"
 #include "net/base/network_delegate_impl.h"
 #include "net/base/test_data_directory.h"
 #include "net/base/upload_bytes_element_reader.h"
 #include "net/base/upload_data_stream.h"
 #include "net/base/upload_element_reader.h"
 #include "net/test/cert_test_util.h"
 #include "net/test/url_request/url_request_failed_job.h"
 #include "net/test/url_request/url_request_mock_data_job.h"
 #include "net/test/url_request/url_request_mock_http_job.h"
 #include "net/url_request/url_request_filter.h"
 #include "net/url_request/url_request_test_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using chrome_browser_net::CertificateErrorReporter;
 using content::BrowserThread;
 using net::CompletionCallback;
 using net::SSLInfo;
 using net::NetworkDelegateImpl;
 using net::TestURLRequestContext;
 using net::URLRequest;
 
 namespace {
 
 const char kHostname[] = "test.mail.google.com";
 const char kSecondRequestHostname[] = "test2.mail.google.com";
 const char kDummyFailureLog[] = "dummy failure log";
 const char kTestCertFilename[] = "test_mail_google_com.pem";
+const uint32 kServerPublicKeyVersion = 1;
 
 SSLInfo GetTestSSLInfo() {
   SSLInfo info;
   info.cert =
       net::ImportCertFromFile(net::GetTestCertsDirectory(), kTestCertFilename);
   info.is_issued_by_known_root = true;
   info.pinning_failure_log = kDummyFailureLog;
   return info;
 }
 
@@ skipping 16 matching lines @@
   net::URLRequestMockHTTPJob::AddUrlHandlers(root_http,
                                              BrowserThread::GetBlockingPool());
   net::URLRequestMockDataJob::AddUrlHandler();
 }
 
 // Check that data uploaded in the request matches the test data (an SSL
 // report for one of the given hostnames, with the info returned by
 // |GetTestSSLInfo()|). The hostname sent in the report will be erased
 // from |expect_hostnames|.
 void CheckUploadData(URLRequest* request,
-                     std::set<std::string>* expect_hostnames) {
+                     std::set<std::string>* expect_hostnames,
+                     bool encrypted,
+                     const uint8* server_private_key) {
   const net::UploadDataStream* upload = request->get_upload();
   ASSERT_TRUE(upload);
   ASSERT_TRUE(upload->GetElementReaders());
   EXPECT_EQ(1u, upload->GetElementReaders()->size());
 
   const net::UploadBytesElementReader* reader =
       (*upload->GetElementReaders())[0]->AsBytesReader();
   ASSERT_TRUE(reader);
   std::string upload_data(reader->bytes(), reader->length());
+
   chrome_browser_net::CertLoggerRequest uploaded_request;
-
-  uploaded_request.ParseFromString(upload_data);
+  if (encrypted) {
+    chrome_browser_net::EncryptedCertLoggerRequest encrypted_request;
+    encrypted_request.ParseFromString(upload_data);
+    EXPECT_EQ(kServerPublicKeyVersion,
+              encrypted_request.server_public_key_version());
+    EXPECT_EQ(chrome_browser_net::EncryptedCertLoggerRequest::
+                  AEAD_ECDH_AES_128_CTR_HMAC_SHA256,
+              encrypted_request.algorithm());
+    ASSERT_TRUE(chrome_browser_net::DecryptCertificateErrorReport(
+        server_private_key, encrypted_request, &uploaded_request));
+  } else {
+    uploaded_request.ParseFromString(upload_data);
+  }
 
   EXPECT_EQ(1u, expect_hostnames->count(uploaded_request.hostname()));
   expect_hostnames->erase(uploaded_request.hostname());
 
   EXPECT_EQ(GetPEMEncodedChain(), uploaded_request.cert_chain());
   EXPECT_EQ(1, uploaded_request.pin().size());
   EXPECT_EQ(kDummyFailureLog, uploaded_request.pin().Get(0));
 }
 
 // A network delegate that lets tests check that a certificate error
 // report was sent. It counts the number of requests and lets tests
 // register a callback to run when the request is destroyed. It also
 // checks that the uploaded data is as expected (a report for
 // |kHostname| and |GetTestSSLInfo()|).
 class TestCertificateErrorReporterNetworkDelegate : public NetworkDelegateImpl {
  public:
   TestCertificateErrorReporterNetworkDelegate()
       : url_request_destroyed_callback_(base::Bind(&base::DoNothing)),
         all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing)),
         num_requests_(0),
-        expect_cookies_(false) {}
+        expect_cookies_(false),
+        expect_request_encrypted_(false) {
+    memset(server_private_key_, 1, sizeof(server_private_key_));
+    crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_);
+  }
 
   ~TestCertificateErrorReporterNetworkDelegate() override {}
 
   void ExpectHostname(const std::string& hostname) {
     expect_hostnames_.insert(hostname);
   }
 
   void set_all_url_requests_destroyed_callback(
       const base::Closure& all_url_requests_destroyed_callback) {
     all_url_requests_destroyed_callback_ = all_url_requests_destroyed_callback;
   }
 
   void set_url_request_destroyed_callback(
       const base::Closure& url_request_destroyed_callback) {
     url_request_destroyed_callback_ = url_request_destroyed_callback;
   }
 
   void set_expect_url(const GURL& expect_url) { expect_url_ = expect_url; }
 
   int num_requests() const { return num_requests_; }
 
   // Sets whether cookies are expected to be sent on requests. If set to
   // true, then |OnHeadersReceived| will expect a cookie
   // "cookie_name=cookie_value".
   void set_expect_cookies(bool expect_cookies) {
     expect_cookies_ = expect_cookies;
   }
 
+  void set_expect_request_encrypted(bool expect_request_encrypted) {
+    expect_request_encrypted_ = expect_request_encrypted;
+  }
+
   // NetworkDelegateImpl implementation
   int OnBeforeURLRequest(URLRequest* request,
                          const CompletionCallback& callback,
                          GURL* new_url) override {
     num_requests_++;
     EXPECT_EQ(expect_url_, request->url());
     EXPECT_EQ("POST", request->method());
 
     if (expect_cookies_) {
       EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES);
       EXPECT_FALSE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES);
     } else {
       EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES);
       EXPECT_TRUE(request->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES);
     }
 
     std::string uploaded_request_hostname;
-    CheckUploadData(request, &expect_hostnames_);
+    CheckUploadData(request, &expect_hostnames_, expect_request_encrypted_,
+                    server_private_key_);
     expect_hostnames_.erase(uploaded_request_hostname);
     return net::OK;
   }
 
   void OnURLRequestDestroyed(URLRequest* request) override {
     url_request_destroyed_callback_.Run();
     if (expect_hostnames_.empty())
       all_url_requests_destroyed_callback_.Run();
   }
 
+  const uint8* server_public_key() { return server_public_key_; }
+
  private:
   base::Closure url_request_destroyed_callback_;
   base::Closure all_url_requests_destroyed_callback_;
   int num_requests_;
   GURL expect_url_;
   std::set<std::string> expect_hostnames_;
   bool expect_cookies_;
+  bool expect_request_encrypted_;
+
+  uint8 server_public_key_[32];
+  uint8 server_private_key_[32];
 
   DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate);
 };
 
 class CertificateErrorReporterTest : public ::testing::Test {
  public:
   CertificateErrorReporterTest() : context_(true) {
     EnableUrlRequestMocks(true);
     context_.set_network_delegate(&network_delegate_);
     context_.Init();
@@ skipping 37 matching lines @@
 // for the endpoint and sends the expected data.
 TEST_F(CertificateErrorReporterTest, PinningViolationSendReportSendsRequest) {
   GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
   CertificateErrorReporter reporter(
       context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES);
   SendReport(&reporter, network_delegate(), kHostname, url, 0,
              CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION);
 }
 
 TEST_F(CertificateErrorReporterTest, ExtendedReportingSendReportSendsRequest) {
-  GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
-  CertificateErrorReporter reporter(
-      context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES);
-  SendReport(&reporter, network_delegate(), kHostname, url, 0,
+  // Data should be encrypted when sent to an HTTP URL.
+  GURL http_url = net::URLRequestMockDataJob::GetMockHttpUrl("dummy data", 1);
+  CertificateErrorReporter http_reporter(
+      context(), http_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES,
+      network_delegate()->server_public_key(), kServerPublicKeyVersion);
+  network_delegate()->set_expect_request_encrypted(true);
+  SendReport(&http_reporter, network_delegate(), kHostname, http_url, 0,
+             CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING);
+
+  // Data should not be encrypted when sent to an HTTPS URL.
+  GURL https_url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
+  CertificateErrorReporter https_reporter(
+      context(), https_url, CertificateErrorReporter::DO_NOT_SEND_COOKIES);
+  network_delegate()->set_expect_request_encrypted(false);
+  SendReport(&https_reporter, network_delegate(), kHostname, https_url, 1,
              CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING);
 }
 
 TEST_F(CertificateErrorReporterTest, SendMultipleReportsSequentially) {
   GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
   CertificateErrorReporter reporter(
       context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES);
   SendReport(&reporter, network_delegate(), kHostname, url, 0,
              CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION);
   SendReport(&reporter, network_delegate(), kSecondRequestHostname, url, 1,
@@ skipping 76 matching lines @@
 TEST_F(CertificateErrorReporterTest, DoNotSendCookiesPreference) {
   GURL url = net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
   CertificateErrorReporter reporter(
       context(), url, CertificateErrorReporter::DO_NOT_SEND_COOKIES);
 
   network_delegate()->set_expect_cookies(false);
   SendReport(&reporter, network_delegate(), kHostname, url, 0,
              CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION);
 }
 
+// Test vectors for the AES-CTR-128-HMAC-SHA256 AEAD. (AD not
+// implemented so only test vectors with empty AD are included here.)
+
+const char* keys[] = {
+    "23189bf23bc4b734410d1c7ae321c42e144a25347a8029bb925e3d8ac1b92f4eb97227c1de"
+    "ce86ae9dea7d127eb33f9b",
+    "1ad577d3b47e3fff8528e336a43a7ffef72f811e05b5c69ccfe777b10f29061e289178e394"
+    "a1c87ba483c7f98ea5431d",
+    "84172547d8608bd9e788a7bb60df2982963716e45f8e63f0c5033327d85c920c5e3776e314"
+    "246b1694b739c39abfa29f",
+    "3d9b651e65e9239c9e33aafb091b348161ab797901fd0468aedd014e4d5683c8f3f54f20ea"
+    "6bb07bb25dd258df7bcd5e",
+    "353c3e9f87b40fc0281869c68d9d9bee5c95771dd79998c059bc5ceda71f139fe447cfdf34"
+    "0e9eac57f232b9d230e45d",
+    "1ccec52c77239bdf6ca50e5b702943b23015d08cb1d9bac592b3dec4c96be904110713e52e"
+    "114a8bc294df26530a758a",
+    "0d9322713cd132c339c38ec7a75862860de304c70486b89b0f587095c66bfd1abe56f0b34f"
+    "9ca0dac577fd4262616600",
+};
+
+const char* nonces[] = {
+    "30681944cd5d78f46d36ed8a",
+    "1fcaa4757a9e48ed2cb3be62",
+    "a3f1643bb504b7ce9e5b43c2",
+    "32bcf856a14437114e7814cc",
+    "cc7a4b46b02f4e7f96fd34e3",
+    "38554b7c40027afe9721e14a",
+    "3298d02dd4eb85a98cb935e3",
+};
+
+const char* plaintexts[] = {
+    "59",
+    "46d30dac550103006c292a9ac05d31",
+    "7e76323eb13e64da9b240a57c95c855b",
+    "08a667c2923f87a7db6502478d32280bdc",
+    "44bcb61332930f606276268ddbf3287bcaedb5b25704489cbee63ec839d7a69533dbfb6e95"
+    "fe5b4694eb485beb1437f0777774868ecf45c8a5b3edafa1d62a",
+    "dac91fcdb3768df8d5ae9ddba1fe5917c084a5d9e6b14eee9a609cab2da34ec9f95cf2d10f"
+    "ff77108477e694c76f362e29b9a9287d8b190a748ed0a929967ff8",
+    "5dfedb1d168fe262d35f78d797560b2634f71d40f438c21cdcb8e73cf9884c11570554f55a"
+    "6abd23d0e7775a9ab385ae6c9bbd67f08d1aec57347a8fad5a4b8c7b042b03c25facbffc76"
+    "f0b1ce2e6c07d427eaebe71255d661ac8e8bfe8867e2d947d496ce2318a601d0beed024263"
+    "11ca678d036deb3b4c65b1f89bd644a410",
+};
+
+const char* expected_ciphertexts[] = {
+    "92986aa8438da3cf4a98f478f90d24908c6a4e848f299873e649b256f5499d89d9",
+    "37616eba30c55595fa0ad5d50f91ca5c3ac4010f75adf90f81e775b07ab939e7551a9b8e04"
+    "86ba33766728ed498245",
+    "966487c18f025d67b42a04c30d3ff4c38bb03d893f0ce8ea4a6a47245bc7f20c72acf8caa4"
+    "66edd01365d0f74c929463",
+    "5e8e02cc91c732356bb9f1fc599426a3795449e878d558beff4bc7dfbb5f0195444705cfb2"
+    "59773b4faec524fbaca37ea0",
+    "d038d67b8b690519fafa7467c9fb94135f9bf0bcd8247cd2c30da62ddf37a6d9a3a9bdcf8e"
+    "c081fb4469c0fc2798e2e30afede7cda384438fd01e5d672dcb8db2c685a59cdf304c1fb57"
+    "b66966a5ca1cc3536fe21eb1113c25868428640c7d",
+    "e6bcb38b3bfd0b428a14bb3aca01a4a9e54b0853f10bd7750f5bb58d0e7dd18006f8929d7d"
+    "862e5d6601ef63be8442334b4d51a99219cfedaa31f7ab19028459c4f05d9415840c2325da"
+    "bbcd12dbeda31e47637437514c606dedfb8ce622edd0",
+    "ff09fe27f12a87d5208bf246378ee0740e848262442b8b9c7670c8a73fe6732192cde43c1a"
+    "1246743ed49e15ec63c87dc06eb3e0c92c1f286108b2c7e0754dcf1b9c3fc87efe3683289d"
+    "aabf2db71d8742061f93098788c3c6f26328b86e358507a03af296d2c29009562cad376339"
+    "9e0e2b89ed440f756c16214c8ab7ddfb845076c80fc76c67d6e4f9b9d470cc184db62ea7da"
+    "49cae44cb3ce9e46c2f2ca9e",
+};
+
+void ParseHex(const char* in, std::string* out) {
+  size_t l = strlen(in);
+  for (size_t i = 0; i < l / 2; ++i) {
+    int value;
+    sscanf(in + 2 * i, "%02x", &value);
+    *out += (char)value;
+  }
+}
+
+TEST_F(CertificateErrorReporterTest, Seal) {
+  size_t num_test_vectors = sizeof(keys) / sizeof(char*);
+  for (size_t i = 0; i < num_test_vectors; i++) {
+    std::string key;
+    std::string nonce;
+    std::string plaintext;
+    std::string expected_ciphertext;
+    std::string ciphertext;
+    ParseHex(keys[i], &key);
+    ParseHex(nonces[i], &nonce);
+    ParseHex(plaintexts[i], &plaintext);
+    ParseHex(expected_ciphertexts[i], &expected_ciphertext);
+    ASSERT_TRUE(chrome_browser_net::Seal(key, nonce, plaintext, &ciphertext));
+    EXPECT_EQ(expected_ciphertext, ciphertext);
+  }
+}
+
 }  // namespace