| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 #if defined(USE_OPENSSL) | 35 #if defined(USE_OPENSSL) |
| 36 #include "crypto/openssl_util.h" | 36 #include "crypto/openssl_util.h" |
| 37 #else | 37 #else |
| 38 #include "crypto/nss_util.h" | 38 #include "crypto/nss_util.h" |
| 39 #endif | 39 #endif |
| 40 | 40 |
| 41 namespace net { | 41 namespace net { |
| 42 | 42 |
| 43 namespace { | 43 namespace { |
| 44 | 44 |
| 45 const char kHost[] = "example.test"; |
| 46 const char kSubdomain[] = "foo.example.test"; |
| 47 const uint16_t kPort = 443; |
| 45 const char kReportUri[] = "http://example.test/test"; | 48 const char kReportUri[] = "http://example.test/test"; |
| 46 | 49 |
| 50 // kGoodPath is blog.torproject.org. |
| 51 const char* const kGoodPath[] = { |
| 52 "sha1/m9lHYJYke9k0GtVZ+bXSQYE8nDI=", "sha1/o5OZxATDsgmwgcIfIWIneMJ0jkw=", |
| 53 "sha1/wHqYaI2J+6sFZAwRfap9ZbjKzE4=", NULL, |
| 54 }; |
| 55 |
| 56 const char kGoodPin1[] = "m9lHYJYke9k0GtVZ+bXSQYE8nDI="; |
| 57 const char kGoodPin2[] = "o5OZxATDsgmwgcIfIWIneMJ0jkw="; |
| 58 const char kGoodPin3[] = "wHqYaI2J+6sFZAwRfap9ZbjKzE4="; |
| 59 |
| 60 // kBadPath is plus.google.com via Trustcenter, which is utterly wrong for |
| 61 // torproject.org. |
| 62 const char* const kBadPath[] = { |
| 63 "sha1/4BjDjn8v2lWeUFQnqSs0BgbIcrU=", "sha1/gzuEEAB/bkqdQS3EIjk2by7lW+k=", |
| 64 "sha1/SOZo+SvSspXXR9gjIBBPM5iQn9Q=", NULL, |
| 65 }; |
| 66 |
| 47 // A mock ReportSender that just remembers the latest report | 67 // A mock ReportSender that just remembers the latest report |
| 48 // URI and report to be sent. | 68 // URI and report to be sent. |
| 49 class MockCertificateReportSender | 69 class MockCertificateReportSender |
| 50 : public TransportSecurityState::ReportSender { | 70 : public TransportSecurityState::ReportSender { |
| 51 public: | 71 public: |
| 52 MockCertificateReportSender() {} | 72 MockCertificateReportSender() {} |
| 53 ~MockCertificateReportSender() override {} | 73 ~MockCertificateReportSender() override {} |
| 54 | 74 |
| 55 void Send(const GURL& report_uri, const std::string& report) override { | 75 void Send(const GURL& report_uri, const std::string& report) override { |
| 56 latest_report_uri_ = report_uri; | 76 latest_report_uri_ = report_uri; |
| 57 latest_report_ = report; | 77 latest_report_ = report; |
| 58 } | 78 } |
| 59 | 79 |
| 80 void Clear() { |
| 81 latest_report_uri_ = GURL(); |
| 82 latest_report_ = std::string(); |
| 83 } |
| 84 |
| 60 const GURL& latest_report_uri() { return latest_report_uri_; } | 85 const GURL& latest_report_uri() { return latest_report_uri_; } |
| 61 const std::string& latest_report() { return latest_report_; } | 86 const std::string& latest_report() { return latest_report_; } |
| 62 | 87 |
| 63 private: | 88 private: |
| 64 GURL latest_report_uri_; | 89 GURL latest_report_uri_; |
| 65 std::string latest_report_; | 90 std::string latest_report_; |
| 66 }; | 91 }; |
| 67 | 92 |
| 68 void CompareCertificateChainWithList( | 93 void CompareCertificateChainWithList( |
| 69 const scoped_refptr<X509Certificate>& cert_chain, | 94 const scoped_refptr<X509Certificate>& cert_chain, |
| 70 const base::ListValue* cert_list) { | 95 const base::ListValue* cert_list) { |
| 71 ASSERT_TRUE(cert_chain); | 96 ASSERT_TRUE(cert_chain); |
| 72 std::vector<std::string> pem_encoded_chain; | 97 std::vector<std::string> pem_encoded_chain; |
| 73 cert_chain->GetPEMEncodedChain(&pem_encoded_chain); | 98 cert_chain->GetPEMEncodedChain(&pem_encoded_chain); |
| 74 EXPECT_EQ(pem_encoded_chain.size(), cert_list->GetSize()); | 99 EXPECT_EQ(pem_encoded_chain.size(), cert_list->GetSize()); |
| 75 | 100 |
| 76 for (size_t i = 0; i < pem_encoded_chain.size(); i++) { | 101 for (size_t i = 0; i < pem_encoded_chain.size(); i++) { |
| 77 std::string list_cert; | 102 std::string list_cert; |
| 78 ASSERT_TRUE(cert_list->GetString(i, &list_cert)); | 103 ASSERT_TRUE(cert_list->GetString(i, &list_cert)); |
| 79 EXPECT_EQ(pem_encoded_chain[i], list_cert); | 104 EXPECT_EQ(pem_encoded_chain[i], list_cert); |
| 80 } | 105 } |
| 81 } | 106 } |
| 82 | 107 |
| 83 void CheckHPKPReport( | 108 void CheckHPKPReport( |
| 84 const std::string& report, | 109 const std::string& report, |
| 85 const HostPortPair& host_port_pair, | 110 const HostPortPair& host_port_pair, |
| 86 const base::Time& expiry, | |
| 87 bool include_subdomains, | 111 bool include_subdomains, |
| 88 const std::string& noted_hostname, | 112 const std::string& noted_hostname, |
| 89 const scoped_refptr<X509Certificate>& served_certificate_chain, | 113 const scoped_refptr<X509Certificate>& served_certificate_chain, |
| 90 const scoped_refptr<X509Certificate>& validated_certificate_chain, | 114 const scoped_refptr<X509Certificate>& validated_certificate_chain, |
| 91 const HashValueVector& known_pins) { | 115 const HashValueVector& known_pins) { |
| 92 // TODO(estark): check time in RFC3339 format. | |
| 93 | |
| 94 scoped_ptr<base::Value> value(base::JSONReader::Read(report)); | 116 scoped_ptr<base::Value> value(base::JSONReader::Read(report)); |
| 95 ASSERT_TRUE(value); | 117 ASSERT_TRUE(value); |
| 96 ASSERT_TRUE(value->IsType(base::Value::TYPE_DICTIONARY)); | 118 ASSERT_TRUE(value->IsType(base::Value::TYPE_DICTIONARY)); |
| 97 | 119 |
| 98 base::DictionaryValue* report_dict; | 120 base::DictionaryValue* report_dict; |
| 99 ASSERT_TRUE(value->GetAsDictionary(&report_dict)); | 121 ASSERT_TRUE(value->GetAsDictionary(&report_dict)); |
| 100 | 122 |
| 101 std::string report_hostname; | 123 std::string report_hostname; |
| 102 EXPECT_TRUE(report_dict->GetString("hostname", &report_hostname)); | 124 EXPECT_TRUE(report_dict->GetString("hostname", &report_hostname)); |
| 103 EXPECT_EQ(host_port_pair.host(), report_hostname); | 125 EXPECT_EQ(host_port_pair.host(), report_hostname); |
| 104 | 126 |
| 105 int report_port; | 127 int report_port; |
| 106 EXPECT_TRUE(report_dict->GetInteger("port", &report_port)); | 128 EXPECT_TRUE(report_dict->GetInteger("port", &report_port)); |
| 107 EXPECT_EQ(host_port_pair.port(), report_port); | 129 EXPECT_EQ(host_port_pair.port(), report_port); |
| 108 | 130 |
| 109 bool report_include_subdomains; | 131 bool report_include_subdomains; |
| 110 EXPECT_TRUE(report_dict->GetBoolean("include-subdomains", | 132 EXPECT_TRUE(report_dict->GetBoolean("include-subdomains", |
| 111 &report_include_subdomains)); | 133 &report_include_subdomains)); |
| 112 EXPECT_EQ(include_subdomains, report_include_subdomains); | 134 EXPECT_EQ(include_subdomains, report_include_subdomains); |
| 113 | 135 |
| 114 std::string report_noted_hostname; | 136 std::string report_noted_hostname; |
| 115 EXPECT_TRUE(report_dict->GetString("noted-hostname", &report_noted_hostname)); | 137 EXPECT_TRUE(report_dict->GetString("noted-hostname", &report_noted_hostname)); |
| 116 EXPECT_EQ(noted_hostname, report_noted_hostname); | 138 EXPECT_EQ(noted_hostname, report_noted_hostname); |
| 117 | 139 |
| 140 // TODO(estark): check times in RFC3339 format. |
| 141 |
| 142 std::string report_expiration; |
| 143 EXPECT_TRUE( |
| 144 report_dict->GetString("effective-expiration-date", &report_expiration)); |
| 145 EXPECT_FALSE(report_expiration.empty()); |
| 146 |
| 147 std::string report_date; |
| 148 EXPECT_TRUE(report_dict->GetString("date-time", &report_date)); |
| 149 EXPECT_FALSE(report_date.empty()); |
| 150 |
| 118 base::ListValue* report_served_certificate_chain; | 151 base::ListValue* report_served_certificate_chain; |
| 119 EXPECT_TRUE(report_dict->GetList("served-certificate-chain", | 152 EXPECT_TRUE(report_dict->GetList("served-certificate-chain", |
| 120 &report_served_certificate_chain)); | 153 &report_served_certificate_chain)); |
| 121 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( | 154 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( |
| 122 served_certificate_chain, report_served_certificate_chain)); | 155 served_certificate_chain, report_served_certificate_chain)); |
| 123 | 156 |
| 124 base::ListValue* report_validated_certificate_chain; | 157 base::ListValue* report_validated_certificate_chain; |
| 125 EXPECT_TRUE(report_dict->GetList("validated-certificate-chain", | 158 EXPECT_TRUE(report_dict->GetList("validated-certificate-chain", |
| 126 &report_validated_certificate_chain)); | 159 &report_validated_certificate_chain)); |
| 127 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( | 160 ASSERT_NO_FATAL_FAILURE(CompareCertificateChainWithList( |
| (...skipping 922 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1050 HashValueVector* out) { | 1083 HashValueVector* out) { |
| 1051 HashValue hash; | 1084 HashValue hash; |
| 1052 if (!hash.FromString(type_and_base64)) | 1085 if (!hash.FromString(type_and_base64)) |
| 1053 return false; | 1086 return false; |
| 1054 | 1087 |
| 1055 out->push_back(hash); | 1088 out->push_back(hash); |
| 1056 return true; | 1089 return true; |
| 1057 } | 1090 } |
| 1058 | 1091 |
| 1059 TEST_F(TransportSecurityStateTest, PinValidationWithoutRejectedCerts) { | 1092 TEST_F(TransportSecurityStateTest, PinValidationWithoutRejectedCerts) { |
| 1060 // kGoodPath is blog.torproject.org. | |
| 1061 static const char* const kGoodPath[] = { | |
| 1062 "sha1/m9lHYJYke9k0GtVZ+bXSQYE8nDI=", | |
| 1063 "sha1/o5OZxATDsgmwgcIfIWIneMJ0jkw=", | |
| 1064 "sha1/wHqYaI2J+6sFZAwRfap9ZbjKzE4=", | |
| 1065 NULL, | |
| 1066 }; | |
| 1067 | |
| 1068 // kBadPath is plus.google.com via Trustcenter, which is utterly wrong for | |
| 1069 // torproject.org. | |
| 1070 static const char* const kBadPath[] = { | |
| 1071 "sha1/4BjDjn8v2lWeUFQnqSs0BgbIcrU=", | |
| 1072 "sha1/gzuEEAB/bkqdQS3EIjk2by7lW+k=", | |
| 1073 "sha1/SOZo+SvSspXXR9gjIBBPM5iQn9Q=", | |
| 1074 NULL, | |
| 1075 }; | |
| 1076 | |
| 1077 HashValueVector good_hashes, bad_hashes; | 1093 HashValueVector good_hashes, bad_hashes; |
| 1078 | 1094 |
| 1079 for (size_t i = 0; kGoodPath[i]; i++) { | 1095 for (size_t i = 0; kGoodPath[i]; i++) { |
| 1080 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes)); | 1096 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes)); |
| 1081 } | 1097 } |
| 1082 for (size_t i = 0; kBadPath[i]; i++) { | 1098 for (size_t i = 0; kBadPath[i]; i++) { |
| 1083 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes)); | 1099 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes)); |
| 1084 } | 1100 } |
| 1085 | 1101 |
| 1086 TransportSecurityState state; | 1102 TransportSecurityState state; |
| (...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1193 // These hosts used to only be HSTS when SNI was available. | 1209 // These hosts used to only be HSTS when SNI was available. |
| 1194 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( | 1210 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( |
| 1195 "gmail.com")); | 1211 "gmail.com")); |
| 1196 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( | 1212 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( |
| 1197 "googlegroups.com")); | 1213 "googlegroups.com")); |
| 1198 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( | 1214 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( |
| 1199 "www.googlegroups.com")); | 1215 "www.googlegroups.com")); |
| 1200 } | 1216 } |
| 1201 | 1217 |
| 1202 TEST_F(TransportSecurityStateTest, HPKPReporting) { | 1218 TEST_F(TransportSecurityStateTest, HPKPReporting) { |
| 1203 const char kHost[] = "example.test"; | |
| 1204 const char kSubdomain[] = "foo.example.test"; | |
| 1205 static const uint16_t kPort = 443; | |
| 1206 HostPortPair host_port_pair(kHost, kPort); | 1219 HostPortPair host_port_pair(kHost, kPort); |
| 1207 HostPortPair subdomain_host_port_pair(kSubdomain, kPort); | 1220 HostPortPair subdomain_host_port_pair(kSubdomain, kPort); |
| 1208 GURL report_uri("http://www.example.test/report"); | 1221 GURL report_uri(kReportUri); |
| 1209 // Two dummy certs to use as the server-sent and validated chains. The | 1222 // Two dummy certs to use as the server-sent and validated chains. The |
| 1210 // contents don't matter. | 1223 // contents don't matter. |
| 1211 scoped_refptr<X509Certificate> cert1 = | 1224 scoped_refptr<X509Certificate> cert1 = |
| 1212 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); | 1225 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| 1213 scoped_refptr<X509Certificate> cert2 = | 1226 scoped_refptr<X509Certificate> cert2 = |
| 1214 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); | 1227 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); |
| 1215 ASSERT_TRUE(cert1); | 1228 ASSERT_TRUE(cert1); |
| 1216 ASSERT_TRUE(cert2); | 1229 ASSERT_TRUE(cert2); |
| 1217 | 1230 |
| 1218 // kGoodPath is blog.torproject.org. | |
| 1219 static const char* const kGoodPath[] = { | |
| 1220 "sha1/m9lHYJYke9k0GtVZ+bXSQYE8nDI=", "sha1/o5OZxATDsgmwgcIfIWIneMJ0jkw=", | |
| 1221 "sha1/wHqYaI2J+6sFZAwRfap9ZbjKzE4=", NULL, | |
| 1222 }; | |
| 1223 | |
| 1224 // kBadPath is plus.google.com via Trustcenter, which is utterly wrong for | |
| 1225 // torproject.org. | |
| 1226 static const char* const kBadPath[] = { | |
| 1227 "sha1/4BjDjn8v2lWeUFQnqSs0BgbIcrU=", "sha1/gzuEEAB/bkqdQS3EIjk2by7lW+k=", | |
| 1228 "sha1/SOZo+SvSspXXR9gjIBBPM5iQn9Q=", NULL, | |
| 1229 }; | |
| 1230 | |
| 1231 HashValueVector good_hashes, bad_hashes; | 1231 HashValueVector good_hashes, bad_hashes; |
| 1232 | 1232 |
| 1233 for (size_t i = 0; kGoodPath[i]; i++) | 1233 for (size_t i = 0; kGoodPath[i]; i++) |
| 1234 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes)); | 1234 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes)); |
| 1235 for (size_t i = 0; kBadPath[i]; i++) | 1235 for (size_t i = 0; kBadPath[i]; i++) |
| 1236 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes)); | 1236 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes)); |
| 1237 | 1237 |
| 1238 TransportSecurityState state; | 1238 TransportSecurityState state; |
| 1239 MockCertificateReportSender mock_report_sender; | 1239 MockCertificateReportSender mock_report_sender; |
| 1240 state.SetReportSender(&mock_report_sender); | 1240 state.SetReportSender(&mock_report_sender); |
| (...skipping 25 matching lines...) Expand all Loading... |
| 1266 | 1266 |
| 1267 EXPECT_FALSE(state.CheckPublicKeyPins( | 1267 EXPECT_FALSE(state.CheckPublicKeyPins( |
| 1268 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), | 1268 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), |
| 1269 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); | 1269 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |
| 1270 | 1270 |
| 1271 // Now a report should have been sent. Check that it contains the | 1271 // Now a report should have been sent. Check that it contains the |
| 1272 // right information. | 1272 // right information. |
| 1273 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); | 1273 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); |
| 1274 std::string report = mock_report_sender.latest_report(); | 1274 std::string report = mock_report_sender.latest_report(); |
| 1275 ASSERT_FALSE(report.empty()); | 1275 ASSERT_FALSE(report.empty()); |
| 1276 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, expiry, true, | 1276 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, true, kHost, |
| 1277 kHost, cert1.get(), cert2.get(), | 1277 cert1.get(), cert2.get(), |
| 1278 good_hashes)); | 1278 good_hashes)); |
| 1279 | 1279 mock_report_sender.Clear(); |
| 1280 EXPECT_FALSE(state.CheckPublicKeyPins( | 1280 EXPECT_FALSE(state.CheckPublicKeyPins( |
| 1281 subdomain_host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), | 1281 subdomain_host_port_pair, true, bad_hashes, cert1.get(), cert2.get(), |
| 1282 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); | 1282 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log)); |
| 1283 | 1283 |
| 1284 // Now a report should have been sent for the subdomain. Check that it | 1284 // Now a report should have been sent for the subdomain. Check that it |
| 1285 // contains the right information. | 1285 // contains the right information. |
| 1286 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); | 1286 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); |
| 1287 report = mock_report_sender.latest_report(); | 1287 report = mock_report_sender.latest_report(); |
| 1288 ASSERT_FALSE(report.empty()); | 1288 ASSERT_FALSE(report.empty()); |
| 1289 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, subdomain_host_port_pair, | 1289 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, subdomain_host_port_pair, |
| 1290 expiry, true, kHost, cert1.get(), | 1290 true, kHost, cert1.get(), cert2.get(), |
| 1291 cert2.get(), good_hashes)); | 1291 good_hashes)); |
| 1292 } |
| 1293 |
| 1294 TEST_F(TransportSecurityStateTest, HPKPReportOnly) { |
| 1295 HostPortPair host_port_pair(kHost, kPort); |
| 1296 GURL report_uri(kReportUri); |
| 1297 // Two dummy certs to use as the server-sent and validated chains. The |
| 1298 // contents don't matter. |
| 1299 scoped_refptr<X509Certificate> cert1 = |
| 1300 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| 1301 scoped_refptr<X509Certificate> cert2 = |
| 1302 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); |
| 1303 ASSERT_TRUE(cert1); |
| 1304 ASSERT_TRUE(cert2); |
| 1305 |
| 1306 TransportSecurityState state; |
| 1307 MockCertificateReportSender mock_report_sender; |
| 1308 state.SetReportSender(&mock_report_sender); |
| 1309 |
| 1310 // Check that a report is not sent for a Report-Only header with no |
| 1311 // violation. |
| 1312 std::string header = |
| 1313 "pin-sha1=\"" + std::string(kGoodPin1) + "\";pin-sha1=\"" + |
| 1314 std::string(kGoodPin2) + "\";pin-sha1=\"" + std::string(kGoodPin3) + |
| 1315 "\";report-uri=\"" + report_uri.spec() + "\";includeSubdomains"; |
| 1316 SSLInfo ssl_info; |
| 1317 ssl_info.is_issued_by_known_root = true; |
| 1318 ssl_info.unverified_cert = cert1; |
| 1319 ssl_info.cert = cert2; |
| 1320 for (size_t i = 0; kGoodPath[i]; i++) |
| 1321 EXPECT_TRUE(AddHash(kGoodPath[i], &ssl_info.public_key_hashes)); |
| 1322 |
| 1323 EXPECT_TRUE( |
| 1324 state.ProcessHPKPReportOnlyHeader(header, host_port_pair, ssl_info)); |
| 1325 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); |
| 1326 EXPECT_EQ(std::string(), mock_report_sender.latest_report()); |
| 1327 |
| 1328 // Check that a report is sent for a Report-Only header with a |
| 1329 // violation. |
| 1330 ssl_info.public_key_hashes.clear(); |
| 1331 for (size_t i = 0; kBadPath[i]; i++) |
| 1332 EXPECT_TRUE(AddHash(kBadPath[i], &ssl_info.public_key_hashes)); |
| 1333 |
| 1334 EXPECT_TRUE( |
| 1335 state.ProcessHPKPReportOnlyHeader(header, host_port_pair, ssl_info)); |
| 1336 EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri()); |
| 1337 std::string report = mock_report_sender.latest_report(); |
| 1338 ASSERT_FALSE(report.empty()); |
| 1339 ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, true, kHost, |
| 1340 cert1.get(), cert2.get(), |
| 1341 ssl_info.public_key_hashes)); |
| 1342 } |
| 1343 |
| 1344 // Test that Report-Only reports are not sent on certs that chain to |
| 1345 // local roots. |
| 1346 TEST_F(TransportSecurityStateTest, HPKPReportOnlyOnLocalRoot) { |
| 1347 HostPortPair host_port_pair(kHost, kPort); |
| 1348 GURL report_uri(kReportUri); |
| 1349 // Two dummy certs to use as the server-sent and validated chains. The |
| 1350 // contents don't matter. |
| 1351 scoped_refptr<X509Certificate> cert1 = |
| 1352 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| 1353 scoped_refptr<X509Certificate> cert2 = |
| 1354 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); |
| 1355 ASSERT_TRUE(cert1); |
| 1356 ASSERT_TRUE(cert2); |
| 1357 |
| 1358 std::string header = |
| 1359 "pin-sha1=\"" + std::string(kGoodPin1) + "\";pin-sha1=\"" + |
| 1360 std::string(kGoodPin2) + "\";pin-sha1=\"" + std::string(kGoodPin3) + |
| 1361 "\";report-uri=\"" + report_uri.spec() + "\";includeSubdomains"; |
| 1362 |
| 1363 TransportSecurityState state; |
| 1364 MockCertificateReportSender mock_report_sender; |
| 1365 state.SetReportSender(&mock_report_sender); |
| 1366 |
| 1367 SSLInfo ssl_info; |
| 1368 ssl_info.is_issued_by_known_root = true; |
| 1369 ssl_info.unverified_cert = cert1; |
| 1370 ssl_info.cert = cert2; |
| 1371 for (size_t i = 0; kGoodPath[i]; i++) |
| 1372 EXPECT_TRUE(AddHash(kGoodPath[i], &ssl_info.public_key_hashes)); |
| 1373 ssl_info.is_issued_by_known_root = false; |
| 1374 |
| 1375 EXPECT_TRUE( |
| 1376 state.ProcessHPKPReportOnlyHeader(header, host_port_pair, ssl_info)); |
| 1377 EXPECT_EQ(GURL(), mock_report_sender.latest_report_uri()); |
| 1378 EXPECT_EQ(std::string(), mock_report_sender.latest_report()); |
| 1379 } |
| 1380 |
| 1381 // Test that ProcessHPKPReportOnlyHeader() returns false if a report-uri |
| 1382 // wasn't specified or if the header fails to parse. |
| 1383 TEST_F(TransportSecurityStateTest, HPKPReportOnlyParseErrors) { |
| 1384 HostPortPair host_port_pair(kHost, kPort); |
| 1385 GURL report_uri(kReportUri); |
| 1386 // Two dummy certs to use as the server-sent and validated chains. The |
| 1387 // contents don't matter. |
| 1388 scoped_refptr<X509Certificate> cert1 = |
| 1389 ImportCertFromFile(GetTestCertsDirectory(), "test_mail_google_com.pem"); |
| 1390 scoped_refptr<X509Certificate> cert2 = |
| 1391 ImportCertFromFile(GetTestCertsDirectory(), "expired_cert.pem"); |
| 1392 ASSERT_TRUE(cert1); |
| 1393 ASSERT_TRUE(cert2); |
| 1394 |
| 1395 std::string header = "pin-sha1=\"" + std::string(kGoodPin1) + |
| 1396 "\";pin-sha1=\"" + std::string(kGoodPin2) + |
| 1397 "\";pin-sha1=\"" + std::string(kGoodPin3) + "\""; |
| 1398 |
| 1399 TransportSecurityState state; |
| 1400 MockCertificateReportSender mock_report_sender; |
| 1401 state.SetReportSender(&mock_report_sender); |
| 1402 |
| 1403 SSLInfo ssl_info; |
| 1404 ssl_info.is_issued_by_known_root = true; |
| 1405 ssl_info.unverified_cert = cert1; |
| 1406 ssl_info.cert = cert2; |
| 1407 for (size_t i = 0; kGoodPath[i]; i++) |
| 1408 EXPECT_TRUE(AddHash(kGoodPath[i], &ssl_info.public_key_hashes)); |
| 1409 |
| 1410 EXPECT_FALSE( |
| 1411 state.ProcessHPKPReportOnlyHeader(header, host_port_pair, ssl_info)); |
| 1412 header += ";report-uri=\""; |
| 1413 EXPECT_FALSE( |
| 1414 state.ProcessHPKPReportOnlyHeader(header, host_port_pair, ssl_info)); |
| 1292 } | 1415 } |
| 1293 | 1416 |
| 1294 } // namespace net | 1417 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1266723003:
Process Public-Key-Pin-Report-Only headers (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master