OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/certificate_transparency/log_proof_fetcher.h" | 5 #include "components/certificate_transparency/log_proof_fetcher.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
10 #include "components/safe_json/testing_json_parser.h" | 10 #include "components/safe_json/testing_json_parser.h" |
11 #include "net/base/net_errors.h" | 11 #include "net/base/net_errors.h" |
12 #include "net/base/network_delegate.h" | 12 #include "net/base/network_delegate.h" |
13 #include "net/cert/signed_tree_head.h" | 13 #include "net/cert/signed_tree_head.h" |
14 #include "net/http/http_status_code.h" | 14 #include "net/http/http_status_code.h" |
15 #include "net/test/ct_test_util.h" | 15 #include "net/test/ct_test_util.h" |
16 #include "net/url_request/url_request_context.h" | 16 #include "net/url_request/url_request_context.h" |
17 #include "net/url_request/url_request_filter.h" | 17 #include "net/url_request/url_request_filter.h" |
18 #include "net/url_request/url_request_interceptor.h" | 18 #include "net/url_request/url_request_interceptor.h" |
19 #include "net/url_request/url_request_job.h" | 19 #include "net/url_request/url_request_job.h" |
20 #include "net/url_request/url_request_test_job.h" | 20 #include "net/url_request/url_request_test_job.h" |
21 #include "net/url_request/url_request_test_util.h" | 21 #include "net/url_request/url_request_test_util.h" |
22 #include "testing/gtest/include/gtest/gtest.h" | 22 #include "testing/gtest/include/gtest/gtest.h" |
23 | 23 |
24 namespace certificate_transparency { | 24 namespace certificate_transparency { |
25 | 25 |
26 namespace { | 26 namespace { |
27 | 27 |
28 const char kGetSTHHeaders[] = | 28 const char kGetResponseHeaders[] = |
29 "HTTP/1.1 200 OK\n" | 29 "HTTP/1.1 200 OK\n" |
30 "Content-Type: application/json; charset=ISO-8859-1\n"; | 30 "Content-Type: application/json; charset=ISO-8859-1\n"; |
31 | 31 |
32 const char kGetSTHNotFoundHeaders[] = | 32 const char kGetResponseNotFoundHeaders[] = |
33 "HTTP/1.1 404 Not Found\n" | 33 "HTTP/1.1 404 Not Found\n" |
34 "Content-Type: text/html; charset=iso-8859-1\n"; | 34 "Content-Type: text/html; charset=iso-8859-1\n"; |
35 | 35 |
36 const char kLogSchema[] = "https"; | 36 const char kLogSchema[] = "https"; |
37 const char kLogHost[] = "ct.log.example.com"; | 37 const char kLogHost[] = "ct.log.example.com"; |
38 const char kLogPathPrefix[] = "somelog"; | 38 const char kLogPathPrefix[] = "somelog"; |
39 const char kLogID[] = "some_id"; | 39 const char kLogID[] = "some_id"; |
40 | 40 |
41 class FetchSTHTestJob : public net::URLRequestTestJob { | 41 // Node returned will be chr(node_id) * 32. |
42 std::string GetDummyConsistencyProofNode(size_t node_id) { | |
43 return std::string(32, static_cast<char>(node_id)); | |
44 } | |
45 | |
46 const size_t kDummyConsistencyProofLength = 4; | |
47 | |
48 class LogFetchTestJob : public net::URLRequestTestJob { | |
42 public: | 49 public: |
43 FetchSTHTestJob(const std::string& get_sth_data, | 50 LogFetchTestJob(const std::string& get_log_data, |
44 const std::string& get_sth_headers, | 51 const std::string& get_log_headers, |
45 net::URLRequest* request, | 52 net::URLRequest* request, |
46 net::NetworkDelegate* network_delegate) | 53 net::NetworkDelegate* network_delegate) |
47 : URLRequestTestJob(request, | 54 : URLRequestTestJob(request, |
48 network_delegate, | 55 network_delegate, |
49 get_sth_headers, | 56 get_log_headers, |
50 get_sth_data, | 57 get_log_data, |
51 true), | 58 true), |
52 async_io_(false) {} | 59 async_io_(false) {} |
53 | 60 |
54 void set_async_io(bool async_io) { async_io_ = async_io; } | 61 void set_async_io(bool async_io) { async_io_ = async_io; } |
55 | 62 |
56 private: | 63 private: |
57 ~FetchSTHTestJob() override {} | 64 ~LogFetchTestJob() override {} |
58 | 65 |
59 bool NextReadAsync() override { | 66 bool NextReadAsync() override { |
60 // Response with indication of async IO only once, otherwise the final | 67 // Response with indication of async IO only once, otherwise the final |
61 // Read would (incorrectly) be classified as async, causing the | 68 // Read would (incorrectly) be classified as async, causing the |
62 // URLRequestJob to try reading another time and failing on a CHECK | 69 // URLRequestJob to try reading another time and failing on a CHECK |
63 // that the raw_read_buffer_ is not null. | 70 // that the raw_read_buffer_ is not null. |
64 // According to mmenke@, this is a bug in the URLRequestTestJob code. | 71 // According to mmenke@, this is a bug in the URLRequestTestJob code. |
65 // TODO(eranm): Once said bug is fixed, switch most tests to using async | 72 // TODO(eranm): Once said bug is fixed, switch most tests to using async |
66 // IO. | 73 // IO. |
67 if (async_io_) { | 74 if (async_io_) { |
68 async_io_ = false; | 75 async_io_ = false; |
69 return true; | 76 return true; |
70 } | 77 } |
71 return false; | 78 return false; |
72 } | 79 } |
73 | 80 |
74 bool async_io_; | 81 bool async_io_; |
75 | 82 |
76 DISALLOW_COPY_AND_ASSIGN(FetchSTHTestJob); | 83 DISALLOW_COPY_AND_ASSIGN(LogFetchTestJob); |
77 }; | 84 }; |
78 | 85 |
79 class GetSTHResponseHandler : public net::URLRequestInterceptor { | 86 class LogGetResponseHandler : public net::URLRequestInterceptor { |
80 public: | 87 public: |
81 GetSTHResponseHandler() | 88 LogGetResponseHandler() |
82 : async_io_(false), | 89 : async_io_(false), |
83 response_body_(""), | 90 response_body_(""), |
mmenke
2015/11/18 19:25:16
nit: Not needed (Know it was like that before)
Eran Messeri
2015/11/24 22:53:38
Done.
| |
84 response_headers_( | 91 response_headers_( |
85 std::string(kGetSTHHeaders, arraysize(kGetSTHHeaders))) {} | 92 std::string(kGetResponseHeaders, arraysize(kGetResponseHeaders))), |
86 ~GetSTHResponseHandler() override {} | 93 expected_old_tree_size_(0), |
94 expected_new_tree_size_(0) {} | |
95 ~LogGetResponseHandler() override {} | |
87 | 96 |
88 // URLRequestInterceptor implementation: | 97 // URLRequestInterceptor implementation: |
89 net::URLRequestJob* MaybeInterceptRequest( | 98 net::URLRequestJob* MaybeInterceptRequest( |
90 net::URLRequest* request, | 99 net::URLRequest* request, |
91 net::NetworkDelegate* network_delegate) const override { | 100 net::NetworkDelegate* network_delegate) const override { |
92 std::string expected_url = base::StringPrintf( | 101 std::string base_expected_url = base::StringPrintf( |
93 "%s://%s/%s/ct/v1/get-sth", kLogSchema, kLogHost, kLogPathPrefix); | 102 "%s://%s/%s/ct/v1/", kLogSchema, kLogHost, kLogPathPrefix); |
mmenke
2015/11/18 19:25:16
I don't think we want logic in here that matches t
Eran Messeri
2015/11/24 22:53:38
Done - by adding a setter, as the MaybeInterceptRe
mmenke
2015/11/25 17:40:28
You can always use mutable. Anyhow, fine as-is.
Eran Messeri
2015/11/26 22:07:12
Acknowledged.
| |
103 | |
104 std::string expected_url; | |
105 if (expected_old_tree_size_ == 0 && expected_new_tree_size_ == 0) { | |
106 // Expecting get-sth | |
107 expected_url = base_expected_url + std::string("get-sth"); | |
108 } else { | |
109 // Expecting get-consistency-proof | |
110 expected_url = base_expected_url + | |
111 base::StringPrintf( | |
112 "get-sth-consistency?first=%lu&second=%lu", | |
113 static_cast<unsigned long>(expected_old_tree_size_), | |
114 static_cast<unsigned long>(expected_new_tree_size_)); | |
115 } | |
94 EXPECT_EQ(GURL(expected_url), request->url()); | 116 EXPECT_EQ(GURL(expected_url), request->url()); |
95 FetchSTHTestJob* job = new FetchSTHTestJob( | 117 LogFetchTestJob* job = new LogFetchTestJob( |
96 response_body_, response_headers_, request, network_delegate); | 118 response_body_, response_headers_, request, network_delegate); |
97 job->set_async_io(async_io_); | 119 job->set_async_io(async_io_); |
98 return job; | 120 return job; |
99 } | 121 } |
100 | 122 |
101 void set_response_body(const std::string& response_body) { | 123 void set_response_body(const std::string& response_body) { |
102 response_body_ = response_body; | 124 response_body_ = response_body; |
103 } | 125 } |
104 | 126 |
105 void set_response_headers(const std::string& response_headers) { | 127 void set_response_headers(const std::string& response_headers) { |
106 response_headers_ = response_headers; | 128 response_headers_ = response_headers; |
107 } | 129 } |
108 | 130 |
131 void set_expect_get_consistency_proof(size_t expected_old_tree_size, | |
132 size_t expected_new_tree_size) { | |
133 expected_old_tree_size_ = expected_old_tree_size; | |
134 expected_new_tree_size_ = expected_new_tree_size; | |
135 } | |
136 | |
109 void set_async_io(bool async_io) { async_io_ = async_io; } | 137 void set_async_io(bool async_io) { async_io_ = async_io; } |
110 | 138 |
111 private: | 139 private: |
112 bool async_io_; | 140 bool async_io_; |
113 std::string response_body_; | 141 std::string response_body_; |
114 std::string response_headers_; | 142 std::string response_headers_; |
115 | 143 |
116 DISALLOW_COPY_AND_ASSIGN(GetSTHResponseHandler); | 144 size_t expected_old_tree_size_; |
145 size_t expected_new_tree_size_; | |
146 | |
147 DISALLOW_COPY_AND_ASSIGN(LogGetResponseHandler); | |
117 }; | 148 }; |
118 | 149 |
119 class RecordFetchCallbackInvocations { | 150 class RecordFetchCallbackInvocations { |
120 public: | 151 public: |
121 RecordFetchCallbackInvocations(bool expect_success) | 152 RecordFetchCallbackInvocations(bool expect_success) |
122 : expect_success_(expect_success), | 153 : expect_success_(expect_success), |
123 invoked_(false), | 154 invoked_(false), |
124 net_error_(net::OK), | 155 net_error_(net::OK), |
125 http_response_code_(-1) {} | 156 http_response_code_(-1) {} |
126 | 157 |
(...skipping 12 matching lines...) Expand all Loading... | |
139 EXPECT_EQ(expected_sth.tree_size, sth.tree_size); | 170 EXPECT_EQ(expected_sth.tree_size, sth.tree_size); |
140 EXPECT_STREQ(expected_sth.sha256_root_hash, sth.sha256_root_hash); | 171 EXPECT_STREQ(expected_sth.sha256_root_hash, sth.sha256_root_hash); |
141 EXPECT_EQ(expected_sth.signature.hash_algorithm, | 172 EXPECT_EQ(expected_sth.signature.hash_algorithm, |
142 sth.signature.hash_algorithm); | 173 sth.signature.hash_algorithm); |
143 EXPECT_EQ(expected_sth.signature.signature_algorithm, | 174 EXPECT_EQ(expected_sth.signature.signature_algorithm, |
144 sth.signature.signature_algorithm); | 175 sth.signature.signature_algorithm); |
145 EXPECT_EQ(expected_sth.signature.signature_data, | 176 EXPECT_EQ(expected_sth.signature.signature_data, |
146 sth.signature.signature_data); | 177 sth.signature.signature_data); |
147 } | 178 } |
148 | 179 |
180 void ConsistencyProofFetched( | |
181 const std::string& log_id, | |
182 const std::vector<std::string>& consistency_proof) { | |
183 ASSERT_TRUE(expect_success_); | |
184 ASSERT_FALSE(invoked_); | |
185 invoked_ = true; | |
mmenke
2015/11/18 19:25:15
Record which method was invoked?
Eran Messeri
2015/11/24 22:53:38
Done - that made the invoked_ field obsolete so I'
| |
186 EXPECT_EQ(kDummyConsistencyProofLength, consistency_proof.size()); | |
187 for (size_t i = 0; i < kDummyConsistencyProofLength; ++i) { | |
188 EXPECT_EQ(GetDummyConsistencyProofNode(i), consistency_proof[i]) | |
189 << " node: " << i; | |
mmenke
2015/11/18 19:25:16
Again, think it's cleaner to store these in the te
Eran Messeri
2015/11/24 22:53:38
Done - both for the consistency proof and the STH
| |
190 } | |
191 } | |
192 | |
149 void FetchingFailed(const std::string& log_id, | 193 void FetchingFailed(const std::string& log_id, |
150 int net_error, | 194 int net_error, |
151 int http_response_code) { | 195 int http_response_code) { |
152 ASSERT_FALSE(expect_success_); | 196 ASSERT_FALSE(expect_success_); |
153 ASSERT_FALSE(invoked_); | 197 ASSERT_FALSE(invoked_); |
154 invoked_ = true; | 198 invoked_ = true; |
155 net_error_ = net_error; | 199 net_error_ = net_error; |
156 http_response_code_ = http_response_code; | 200 http_response_code_ = http_response_code; |
157 if (net_error_ == net::OK) { | 201 if (net_error_ == net::OK) { |
158 EXPECT_NE(net::HTTP_OK, http_response_code_); | 202 EXPECT_NE(net::HTTP_OK, http_response_code_); |
(...skipping 13 matching lines...) Expand all Loading... | |
172 int http_response_code_; | 216 int http_response_code_; |
173 }; | 217 }; |
174 | 218 |
175 class LogProofFetcherTest : public ::testing::Test { | 219 class LogProofFetcherTest : public ::testing::Test { |
176 public: | 220 public: |
177 LogProofFetcherTest() | 221 LogProofFetcherTest() |
178 : log_url_(base::StringPrintf("%s://%s/%s/", | 222 : log_url_(base::StringPrintf("%s://%s/%s/", |
179 kLogSchema, | 223 kLogSchema, |
180 kLogHost, | 224 kLogHost, |
181 kLogPathPrefix)) { | 225 kLogPathPrefix)) { |
182 scoped_ptr<GetSTHResponseHandler> handler(new GetSTHResponseHandler()); | 226 scoped_ptr<LogGetResponseHandler> handler(new LogGetResponseHandler()); |
183 handler_ = handler.get(); | 227 handler_ = handler.get(); |
184 | 228 |
185 net::URLRequestFilter::GetInstance()->AddHostnameInterceptor( | 229 net::URLRequestFilter::GetInstance()->AddHostnameInterceptor( |
186 kLogSchema, kLogHost, handler.Pass()); | 230 kLogSchema, kLogHost, handler.Pass()); |
187 | 231 |
188 fetcher_.reset(new LogProofFetcher(&context_)); | 232 fetcher_.reset(new LogProofFetcher(&context_)); |
189 } | 233 } |
190 | 234 |
191 ~LogProofFetcherTest() override { | 235 ~LogProofFetcherTest() override { |
192 net::URLRequestFilter::GetInstance()->RemoveHostnameHandler(kLogSchema, | 236 net::URLRequestFilter::GetInstance()->RemoveHostnameHandler(kLogSchema, |
193 kLogHost); | 237 kLogHost); |
194 } | 238 } |
195 | 239 |
196 protected: | 240 protected: |
197 void SetValidSTHJSONResponse() { | 241 void SetValidSTHJSONResponse() { |
198 std::string sth_json_reply_data = net::ct::GetSampleSTHAsJson(); | 242 std::string sth_json_reply_data = net::ct::GetSampleSTHAsJson(); |
199 handler_->set_response_body(sth_json_reply_data); | 243 handler_->set_response_body(sth_json_reply_data); |
200 } | 244 } |
201 | 245 |
202 void RunFetcherWithCallback(RecordFetchCallbackInvocations* callback) { | 246 void RunFetcherWithCallback(RecordFetchCallbackInvocations* callback) { |
203 fetcher_->FetchSignedTreeHead( | 247 fetcher_->FetchSignedTreeHead( |
204 log_url_, kLogID, | 248 log_url_, kLogID, |
205 base::Bind(&RecordFetchCallbackInvocations::STHFetched, | 249 base::Bind(&RecordFetchCallbackInvocations::STHFetched, |
206 base::Unretained(callback)), | 250 base::Unretained(callback)), |
207 base::Bind(&RecordFetchCallbackInvocations::FetchingFailed, | 251 base::Bind(&RecordFetchCallbackInvocations::FetchingFailed, |
208 base::Unretained(callback))); | 252 base::Unretained(callback))); |
209 message_loop_.RunUntilIdle(); | 253 message_loop_.RunUntilIdle(); |
mmenke
2015/11/18 19:25:16
optional: I did sign off on this before...But thi
Eran Messeri
2015/11/24 22:53:38
IIRC there was a problem with the async_io case -
| |
210 } | 254 } |
211 | 255 |
256 void RunGetConsistencyFetcherWithCallback( | |
257 RecordFetchCallbackInvocations* callback) { | |
258 const size_t kOldTree = 5; | |
259 const size_t kNewTree = 8; | |
260 handler_->set_expect_get_consistency_proof(kOldTree, kNewTree); | |
261 fetcher_->FetchConsistencyProof( | |
262 log_url_, kLogID, kOldTree, kNewTree, | |
263 base::Bind(&RecordFetchCallbackInvocations::ConsistencyProofFetched, | |
264 base::Unretained(callback)), | |
265 base::Bind(&RecordFetchCallbackInvocations::FetchingFailed, | |
266 base::Unretained(callback))); | |
267 message_loop_.RunUntilIdle(); | |
268 } | |
269 | |
212 base::MessageLoopForIO message_loop_; | 270 base::MessageLoopForIO message_loop_; |
213 net::TestURLRequestContext context_; | 271 net::TestURLRequestContext context_; |
214 safe_json::TestingJsonParser::ScopedFactoryOverride factory_override_; | 272 safe_json::TestingJsonParser::ScopedFactoryOverride factory_override_; |
215 scoped_ptr<LogProofFetcher> fetcher_; | 273 scoped_ptr<LogProofFetcher> fetcher_; |
216 const GURL log_url_; | 274 const GURL log_url_; |
217 GetSTHResponseHandler* handler_; | 275 LogGetResponseHandler* handler_; |
218 }; | 276 }; |
219 | 277 |
220 TEST_F(LogProofFetcherTest, TestValidGetReply) { | 278 TEST_F(LogProofFetcherTest, TestValidGetReply) { |
221 SetValidSTHJSONResponse(); | 279 SetValidSTHJSONResponse(); |
222 | 280 |
223 RecordFetchCallbackInvocations callback(true); | 281 RecordFetchCallbackInvocations callback(true); |
224 | 282 |
225 RunFetcherWithCallback(&callback); | 283 RunFetcherWithCallback(&callback); |
226 | 284 |
227 ASSERT_TRUE(callback.invoked()); | 285 ASSERT_TRUE(callback.invoked()); |
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
284 ' ')); | 342 ' ')); |
285 handler_->set_response_body(sth_json_reply_data); | 343 handler_->set_response_body(sth_json_reply_data); |
286 | 344 |
287 RecordFetchCallbackInvocations callback(true); | 345 RecordFetchCallbackInvocations callback(true); |
288 RunFetcherWithCallback(&callback); | 346 RunFetcherWithCallback(&callback); |
289 | 347 |
290 ASSERT_TRUE(callback.invoked()); | 348 ASSERT_TRUE(callback.invoked()); |
291 } | 349 } |
292 | 350 |
293 TEST_F(LogProofFetcherTest, TestLogRepliesWithHttpError) { | 351 TEST_F(LogProofFetcherTest, TestLogRepliesWithHttpError) { |
294 handler_->set_response_headers( | 352 handler_->set_response_headers(std::string( |
295 std::string(kGetSTHNotFoundHeaders, arraysize(kGetSTHNotFoundHeaders))); | 353 kGetResponseNotFoundHeaders, arraysize(kGetResponseNotFoundHeaders))); |
296 | 354 |
297 RecordFetchCallbackInvocations callback(false); | 355 RecordFetchCallbackInvocations callback(false); |
298 RunFetcherWithCallback(&callback); | 356 RunFetcherWithCallback(&callback); |
299 | 357 |
300 ASSERT_TRUE(callback.invoked()); | 358 ASSERT_TRUE(callback.invoked()); |
301 EXPECT_EQ(net::OK, callback.net_error()); | 359 EXPECT_EQ(net::OK, callback.net_error()); |
302 EXPECT_EQ(net::HTTP_NOT_FOUND, callback.http_response_code()); | 360 EXPECT_EQ(net::HTTP_NOT_FOUND, callback.http_response_code()); |
303 } | 361 } |
304 | 362 |
363 TEST_F(LogProofFetcherTest, TestValidGetConsistencyValidReply) { | |
364 std::vector<std::string> proof; | |
365 for (size_t i = 0; i < kDummyConsistencyProofLength; ++i) | |
366 proof.push_back(GetDummyConsistencyProofNode(i)); | |
367 | |
368 std::string consistency_proof_reply_data = | |
369 net::ct::CreateConsistencyProofJsonString(proof); | |
370 handler_->set_response_body(consistency_proof_reply_data); | |
371 | |
372 RecordFetchCallbackInvocations callback(true); | |
373 RunGetConsistencyFetcherWithCallback(&callback); | |
374 | |
375 ASSERT_TRUE(callback.invoked()); | |
376 } | |
377 | |
378 TEST_F(LogProofFetcherTest, TestInvalidGetConsistencyReplyInvalidJSON) { | |
379 std::string consistency_proof_reply_data = "{\"consistency\": [1,2]}"; | |
380 handler_->set_response_body(consistency_proof_reply_data); | |
381 | |
382 RecordFetchCallbackInvocations callback(false); | |
383 RunGetConsistencyFetcherWithCallback(&callback); | |
384 | |
385 ASSERT_TRUE(callback.invoked()); | |
386 EXPECT_EQ(net::ERR_CT_CONSISTENCY_PROOF_PARSING_FAILED, callback.net_error()); | |
387 EXPECT_EQ(net::HTTP_OK, callback.http_response_code()); | |
388 } | |
389 | |
305 } // namespace | 390 } // namespace |
306 | 391 |
307 } // namespace certificate_transparency | 392 } // namespace certificate_transparency |
OLD | NEW |