Initial (partial) implementation of HPKP violation reporting

chrome/browser/ssl/chrome_fraudulent_certificate_reporter_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/chrome_fraudulent_certificate_reporter.h"
 
 #include <string>
 
 #include "base/bind.h"
 #include "base/files/file_path.h"
 #include "base/location.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/single_thread_task_runner.h"
 #include "base/synchronization/waitable_event.h"
 #include "base/threading/thread.h"
 #include "chrome/browser/net/certificate_error_reporter.h"
 #include "content/public/test/test_browser_thread.h"
 #include "net/base/request_priority.h"
 #include "net/base/test_data_directory.h"
 #include "net/cert/x509_certificate.h"
+#include "net/http/certificate_report_sender.h"
+#include "net/http/certificate_report_sender_impl.h"
 #include "net/http/transport_security_state.h"
 #include "net/ssl/ssl_info.h"
 #include "net/test/cert_test_util.h"
 #include "net/url_request/fraudulent_certificate_reporter.h"
 #include "net/url_request/url_request.h"
 #include "net/url_request/url_request_context.h"
 #include "net/url_request/url_request_test_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using chrome_browser_net::CertificateErrorReporter;
 using content::BrowserThread;
 using net::SSLInfo;
 
 namespace {
 
+const uint32 kServerPublicKeyVersion = 1;
+const uint8 kServerPublicKey[32] = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                                    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                                    0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
+
 // Builds an SSLInfo from an invalid cert chain. In this case, the cert is
 // expired; what matters is that the cert would not pass even a normal
 // sanity check. We test that we DO NOT send a fraudulent certificate report
 // in this case.
 static SSLInfo GetBadSSLInfo() {
   SSLInfo info;
 
   info.cert =
       net::ImportCertFromFile(net::GetTestCertsDirectory(), "expired_cert.pem");
   info.cert_status = net::CERT_STATUS_DATE_INVALID;
@@ skipping 62 matching lines @@
 
   // Passes if invoked with a bad SSLInfo and for a hostname that is not a
   // Google pinned property.
   void SendReport(const std::string& hostname,
                   const SSLInfo& ssl_info) override {
     EXPECT_FALSE(IsGoodSSLInfo(ssl_info));
     EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname));
   }
 };
 
+class MockCertificateReportSender : public net::CertificateReportSenderImpl {
+ public:
+  MockCertificateReportSender(
+      net::URLRequestContext* request_context,
+      net::CertificateReportSender::CookiesPreference cookies_preference)
+      : net::CertificateReportSenderImpl(request_context, cookies_preference) {}
+
+ private:
+  scoped_ptr<net::URLRequest> CreateURLRequest(
+      net::URLRequestContext* context,
+      const GURL& report_uri) override {
+    return context->CreateRequest(GURL(std::string()), net::DEFAULT_PRIORITY,
+                                  NULL);
+  }
+};
+
 // A CertificateErrorReporter that uses a MockURLRequest, but is
 // otherwise normal: reports are constructed and sent in the usual way.
 class MockReporter : public CertificateErrorReporter {
  public:
   explicit MockReporter(net::URLRequestContext* request_context)
       : CertificateErrorReporter(
-            request_context,
             GURL("http://example.com"),
-            CertificateErrorReporter::DO_NOT_SEND_COOKIES) {}
+            kServerPublicKey,
+            kServerPublicKeyVersion,
+            scoped_ptr<net::CertificateReportSender>(
+                new MockCertificateReportSender(
+                    request_context,
+                    net::CertificateReportSender::DO_NOT_SEND_COOKIES))) {}
 
   void SendReport(ReportType type,
                   const std::string& serialized_report) override {
     EXPECT_EQ(type, REPORT_TYPE_PINNING_VIOLATION);
     EXPECT_FALSE(serialized_report.empty());
     CertificateErrorReporter::SendReport(type, serialized_report);
   }
-
- private:
-  scoped_ptr<net::URLRequest> CreateURLRequest(
-      net::URLRequestContext* context) override {
-    return context->CreateRequest(GURL(std::string()), net::DEFAULT_PRIORITY,
-                                  NULL);
-  }
 };
 
 static void DoReportIsSent() {
   net::TestURLRequestContext context;
   SendingTestReporter reporter(&context);
   SSLInfo info = GetGoodSSLInfo();
   reporter.SendReport("mail.google.com", info);
 }
 
 static void DoReportIsNotSent() {
@@ skipping 34 matching lines @@
 }
 
 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) {
   base::MessageLoopForIO loop;
   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
   loop.task_runner()->PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent));
   loop.RunUntilIdle();
 }
 
 }  // namespace