OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h" | |
6 | |
7 #include <string> | |
8 | |
9 #include "base/bind.h" | |
10 #include "base/files/file_path.h" | |
11 #include "base/memory/scoped_ptr.h" | |
12 #include "base/message_loop/message_loop.h" | |
13 #include "base/synchronization/waitable_event.h" | |
14 #include "base/threading/thread.h" | |
15 #include "chrome/browser/net/certificate_error_reporter.h" | |
16 #include "content/public/test/test_browser_thread.h" | |
17 #include "net/base/request_priority.h" | |
18 #include "net/base/test_data_directory.h" | |
19 #include "net/cert/x509_certificate.h" | |
20 #include "net/http/transport_security_state.h" | |
21 #include "net/ssl/ssl_info.h" | |
22 #include "net/test/cert_test_util.h" | |
23 #include "net/url_request/fraudulent_certificate_reporter.h" | |
24 #include "net/url_request/url_request.h" | |
25 #include "net/url_request/url_request_context.h" | |
26 #include "net/url_request/url_request_test_util.h" | |
27 #include "testing/gtest/include/gtest/gtest.h" | |
28 | |
29 using content::BrowserThread; | |
30 using net::SSLInfo; | |
31 | |
32 namespace chrome_browser_net { | |
33 | |
34 // Builds an SSLInfo from an invalid cert chain. In this case, the cert is | |
35 // expired; what matters is that the cert would not pass even a normal | |
36 // sanity check. We test that we DO NOT send a fraudulent certificate report | |
37 // in this case. | |
38 static SSLInfo GetBadSSLInfo() { | |
39 SSLInfo info; | |
40 | |
41 info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(), | |
42 "expired_cert.pem"); | |
43 info.cert_status = net::CERT_STATUS_DATE_INVALID; | |
44 info.is_issued_by_known_root = false; | |
45 | |
46 return info; | |
47 } | |
48 | |
49 // Builds an SSLInfo from a "good" cert chain, as defined by IsGoodSSLInfo, | |
50 // but which does not pass DomainState::IsChainOfPublicKeysPermitted. In this | |
51 // case, the certificate is for mail.google.com, signed by our Chrome test | |
52 // CA. During testing, Chrome believes this CA is part of the root system | |
53 // store. But, this CA is not in the pin list; we test that we DO send a | |
54 // fraudulent certicate report in this case. | |
55 static SSLInfo GetGoodSSLInfo() { | |
56 SSLInfo info; | |
57 | |
58 info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(), | |
59 "test_mail_google_com.pem"); | |
60 info.is_issued_by_known_root = true; | |
61 | |
62 return info; | |
63 } | |
64 | |
65 // Checks that |info| is good as required by the SSL checks performed in | |
66 // URLRequestHttpJob::OnStartCompleted, which are enough to trigger pin | |
67 // checking but not sufficient to pass | |
68 // DomainState::IsChainOfPublicKeysPermitted. | |
69 static bool IsGoodSSLInfo(const SSLInfo& info) { | |
70 return info.is_valid() && info.is_issued_by_known_root; | |
71 } | |
72 | |
73 class TestReporter : public ChromeFraudulentCertificateReporter { | |
74 public: | |
75 explicit TestReporter(net::URLRequestContext* request_context) | |
76 : ChromeFraudulentCertificateReporter(request_context) {} | |
77 }; | |
78 | |
79 class SendingTestReporter : public TestReporter { | |
80 public: | |
81 explicit SendingTestReporter(net::URLRequestContext* request_context) | |
82 : TestReporter(request_context), passed_(false) {} | |
83 | |
84 // Passes if invoked with a good SSLInfo and for a hostname that is a Google | |
85 // pinned property. | |
86 void SendReport(const std::string& hostname, | |
87 const SSLInfo& ssl_info) override { | |
88 EXPECT_TRUE(IsGoodSSLInfo(ssl_info)); | |
89 EXPECT_TRUE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); | |
90 passed_ = true; | |
91 } | |
92 | |
93 ~SendingTestReporter() override { | |
94 // If the object is destroyed without having its SendReport method invoked, | |
95 // we failed. | |
96 EXPECT_TRUE(passed_); | |
97 } | |
98 | |
99 bool passed_; | |
100 }; | |
101 | |
102 class NotSendingTestReporter : public TestReporter { | |
103 public: | |
104 explicit NotSendingTestReporter(net::URLRequestContext* request_context) | |
105 : TestReporter(request_context) {} | |
106 | |
107 // Passes if invoked with a bad SSLInfo and for a hostname that is not a | |
108 // Google pinned property. | |
109 void SendReport(const std::string& hostname, | |
110 const SSLInfo& ssl_info) override { | |
111 EXPECT_FALSE(IsGoodSSLInfo(ssl_info)); | |
112 EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname)); | |
113 } | |
114 }; | |
115 | |
116 // A CertificateErrorReporter that uses a MockURLRequest, but is | |
117 // otherwise normal: reports are constructed and sent in the usual way. | |
118 class MockReporter : public CertificateErrorReporter { | |
119 public: | |
120 explicit MockReporter(net::URLRequestContext* request_context) | |
121 : CertificateErrorReporter( | |
122 request_context, | |
123 GURL("http://example.com"), | |
124 CertificateErrorReporter::DO_NOT_SEND_COOKIES) {} | |
125 | |
126 void SendReport(ReportType type, | |
127 const std::string& hostname, | |
128 const net::SSLInfo& ssl_info) override { | |
129 EXPECT_EQ(type, REPORT_TYPE_PINNING_VIOLATION); | |
130 EXPECT_FALSE(hostname.empty()); | |
131 EXPECT_TRUE(ssl_info.is_valid()); | |
132 CertificateErrorReporter::SendReport(type, hostname, ssl_info); | |
133 } | |
134 | |
135 private: | |
136 scoped_ptr<net::URLRequest> CreateURLRequest( | |
137 net::URLRequestContext* context) override { | |
138 return context->CreateRequest(GURL(std::string()), | |
139 net::DEFAULT_PRIORITY, | |
140 NULL); | |
141 } | |
142 }; | |
143 | |
144 static void DoReportIsSent() { | |
145 net::TestURLRequestContext context; | |
146 SendingTestReporter reporter(&context); | |
147 SSLInfo info = GetGoodSSLInfo(); | |
148 reporter.SendReport("mail.google.com", info); | |
149 } | |
150 | |
151 static void DoReportIsNotSent() { | |
152 net::TestURLRequestContext context; | |
153 NotSendingTestReporter reporter(&context); | |
154 SSLInfo info = GetBadSSLInfo(); | |
155 reporter.SendReport("www.example.com", info); | |
156 } | |
157 | |
158 static void DoMockReportIsSent() { | |
159 net::TestURLRequestContext context; | |
160 scoped_ptr<MockReporter> error_reporter(new MockReporter(&context)); | |
161 ChromeFraudulentCertificateReporter reporter(error_reporter.Pass()); | |
162 SSLInfo info = GetGoodSSLInfo(); | |
163 reporter.SendReport("mail.google.com", info); | |
164 } | |
165 | |
166 TEST(ChromeFraudulentCertificateReporterTest, GoodBadInfo) { | |
167 SSLInfo good = GetGoodSSLInfo(); | |
168 EXPECT_TRUE(IsGoodSSLInfo(good)); | |
169 | |
170 SSLInfo bad = GetBadSSLInfo(); | |
171 EXPECT_FALSE(IsGoodSSLInfo(bad)); | |
172 } | |
173 | |
174 TEST(ChromeFraudulentCertificateReporterTest, ReportIsSent) { | |
175 base::MessageLoopForIO loop; | |
176 content::TestBrowserThread io_thread(BrowserThread::IO, &loop); | |
177 loop.PostTask(FROM_HERE, base::Bind(&DoReportIsSent)); | |
178 loop.RunUntilIdle(); | |
179 } | |
180 | |
181 TEST(ChromeFraudulentCertificateReporterTest, MockReportIsSent) { | |
182 base::MessageLoopForIO loop; | |
183 content::TestBrowserThread io_thread(BrowserThread::IO, &loop); | |
184 loop.PostTask(FROM_HERE, base::Bind(&DoMockReportIsSent)); | |
185 loop.RunUntilIdle(); | |
186 } | |
187 | |
188 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) { | |
189 base::MessageLoopForIO loop; | |
190 content::TestBrowserThread io_thread(BrowserThread::IO, &loop); | |
191 loop.PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent)); | |
192 loop.RunUntilIdle(); | |
193 } | |
194 | |
195 } // namespace chrome_browser_net | |
OLD | NEW |