| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/certificate_reporting/error_reporter.h" | 5 #include "components/certificate_reporting/error_reporter.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include <set> | 10 #include <set> |
| 11 #include <string> | 11 #include <string> |
| 12 | 12 |
| 13 #include "base/bind.h" | 13 #include "base/bind.h" |
| 14 #include "base/bind_helpers.h" | 14 #include "base/bind_helpers.h" |
| 15 #include "base/macros.h" | 15 #include "base/macros.h" |
| 16 #include "base/memory/ptr_util.h" | 16 #include "base/memory/ptr_util.h" |
| 17 #include "base/run_loop.h" |
| 18 #include "base/test/histogram_tester.h" |
| 17 #include "components/certificate_reporting/encrypted_cert_logger.pb.h" | 19 #include "components/certificate_reporting/encrypted_cert_logger.pb.h" |
| 20 #include "content/public/test/test_browser_thread_bundle.h" |
| 18 #include "crypto/curve25519.h" | 21 #include "crypto/curve25519.h" |
| 22 #include "net/test/url_request/url_request_failed_job.h" |
| 19 #include "net/url_request/report_sender.h" | 23 #include "net/url_request/report_sender.h" |
| 24 #include "net/url_request/url_request_test_util.h" |
| 20 #include "testing/gtest/include/gtest/gtest.h" | 25 #include "testing/gtest/include/gtest/gtest.h" |
| 21 | 26 |
| 22 namespace certificate_reporting { | 27 namespace certificate_reporting { |
| 23 | 28 |
| 24 namespace { | 29 namespace { |
| 25 | 30 |
| 26 const char kDummyHttpReportUri[] = "http://example.test"; | 31 const char kDummyHttpReportUri[] = "http://example.test"; |
| 27 const char kDummyHttpsReportUri[] = "https://example.test"; | 32 const char kDummyHttpsReportUri[] = "https://example.test"; |
| 28 const char kDummyReport[] = "a dummy report"; | 33 const char kDummyReport[] = "a dummy report"; |
| 29 const uint32_t kServerPublicKeyTestVersion = 16; | 34 const uint32_t kServerPublicKeyTestVersion = 16; |
| 35 const char kFailureHistogramName[] = "SSL.CertificateErrorReportFailure"; |
| 30 | 36 |
| 31 // A mock ReportSender that keeps track of the last report | 37 // A mock ReportSender that keeps track of the last report |
| 32 // sent. | 38 // sent. |
| 33 class MockCertificateReportSender : public net::ReportSender { | 39 class MockCertificateReportSender : public net::ReportSender { |
| 34 public: | 40 public: |
| 35 MockCertificateReportSender() | 41 MockCertificateReportSender() |
| 36 : net::ReportSender(nullptr, DO_NOT_SEND_COOKIES) {} | 42 : net::ReportSender(nullptr, DO_NOT_SEND_COOKIES) {} |
| 37 ~MockCertificateReportSender() override {} | 43 ~MockCertificateReportSender() override {} |
| 38 | 44 |
| 39 void Send(const GURL& report_uri, const std::string& report) override { | 45 void Send(const GURL& report_uri, const std::string& report) override { |
| 40 latest_report_uri_ = report_uri; | 46 latest_report_uri_ = report_uri; |
| 41 latest_report_ = report; | 47 latest_report_ = report; |
| 42 } | 48 } |
| 43 | 49 |
| 44 const GURL& latest_report_uri() { return latest_report_uri_; } | 50 const GURL& latest_report_uri() { return latest_report_uri_; } |
| 45 | 51 |
| 46 const std::string& latest_report() { return latest_report_; } | 52 const std::string& latest_report() { return latest_report_; } |
| 47 | 53 |
| 48 private: | 54 private: |
| 49 GURL latest_report_uri_; | 55 GURL latest_report_uri_; |
| 50 std::string latest_report_; | 56 std::string latest_report_; |
| 51 | 57 |
| 52 DISALLOW_COPY_AND_ASSIGN(MockCertificateReportSender); | 58 DISALLOW_COPY_AND_ASSIGN(MockCertificateReportSender); |
| 53 }; | 59 }; |
| 54 | 60 |
| 61 // A test network delegate that allows the user to specify a callback to |
| 62 // be run whenever a net::URLRequest is destroyed. |
| 63 class TestCertificateReporterNetworkDelegate : public net::NetworkDelegateImpl { |
| 64 public: |
| 65 TestCertificateReporterNetworkDelegate() |
| 66 : url_request_destroyed_callback_(base::Bind(&base::DoNothing)) {} |
| 67 |
| 68 void set_url_request_destroyed_callback(const base::Closure& callback) { |
| 69 url_request_destroyed_callback_ = callback; |
| 70 } |
| 71 |
| 72 // net::NetworkDelegateImpl: |
| 73 void OnURLRequestDestroyed(net::URLRequest* request) override { |
| 74 url_request_destroyed_callback_.Run(); |
| 75 } |
| 76 |
| 77 private: |
| 78 base::Closure url_request_destroyed_callback_; |
| 79 |
| 80 DISALLOW_COPY_AND_ASSIGN(TestCertificateReporterNetworkDelegate); |
| 81 }; |
| 82 |
| 55 class ErrorReporterTest : public ::testing::Test { | 83 class ErrorReporterTest : public ::testing::Test { |
| 56 public: | 84 public: |
| 57 ErrorReporterTest() { | 85 ErrorReporterTest() |
| 86 : thread_bundle_(content::TestBrowserThreadBundle::IO_MAINLOOP) { |
| 58 memset(server_private_key_, 1, sizeof(server_private_key_)); | 87 memset(server_private_key_, 1, sizeof(server_private_key_)); |
| 59 crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_); | 88 crypto::curve25519::ScalarBaseMult(server_private_key_, server_public_key_); |
| 60 } | 89 } |
| 61 | 90 |
| 62 ~ErrorReporterTest() override {} | 91 ~ErrorReporterTest() override {} |
| 63 | 92 |
| 64 protected: | 93 protected: |
| 94 content::TestBrowserThreadBundle thread_bundle_; |
| 65 uint8_t server_public_key_[32]; | 95 uint8_t server_public_key_[32]; |
| 66 uint8_t server_private_key_[32]; | 96 uint8_t server_private_key_[32]; |
| 97 |
| 98 DISALLOW_COPY_AND_ASSIGN(ErrorReporterTest); |
| 67 }; | 99 }; |
| 68 | 100 |
| 69 // Test that ErrorReporter::SendExtendedReportingReport sends | 101 // Test that ErrorReporter::SendExtendedReportingReport sends |
| 70 // an encrypted or plaintext extended reporting report as appropriate. | 102 // an encrypted or plaintext extended reporting report as appropriate. |
| 71 TEST_F(ErrorReporterTest, ExtendedReportingSendReport) { | 103 TEST_F(ErrorReporterTest, ExtendedReportingSendReport) { |
| 72 // Data should not be encrypted when sent to an HTTPS URL. | 104 // Data should not be encrypted when sent to an HTTPS URL. |
| 73 MockCertificateReportSender* mock_report_sender = | 105 MockCertificateReportSender* mock_report_sender = |
| 74 new MockCertificateReportSender(); | 106 new MockCertificateReportSender(); |
| 75 GURL https_url(kDummyHttpsReportUri); | 107 GURL https_url(kDummyHttpsReportUri); |
| 76 ErrorReporter https_reporter(https_url, server_public_key_, | 108 ErrorReporter https_reporter(https_url, server_public_key_, |
| (...skipping 23 matching lines...) Expand all Loading... |
| 100 encrypted_request.server_public_key_version()); | 132 encrypted_request.server_public_key_version()); |
| 101 EXPECT_EQ(EncryptedCertLoggerRequest::AEAD_ECDH_AES_128_CTR_HMAC_SHA256, | 133 EXPECT_EQ(EncryptedCertLoggerRequest::AEAD_ECDH_AES_128_CTR_HMAC_SHA256, |
| 102 encrypted_request.algorithm()); | 134 encrypted_request.algorithm()); |
| 103 ASSERT_TRUE(ErrorReporter::DecryptErrorReport( | 135 ASSERT_TRUE(ErrorReporter::DecryptErrorReport( |
| 104 server_private_key_, encrypted_request, &uploaded_report)); | 136 server_private_key_, encrypted_request, &uploaded_report)); |
| 105 | 137 |
| 106 EXPECT_EQ(kDummyReport, uploaded_report); | 138 EXPECT_EQ(kDummyReport, uploaded_report); |
| 107 } | 139 } |
| 108 } | 140 } |
| 109 | 141 |
| 142 // Tests that an UMA histogram is recorded if a report fails to send. |
| 143 TEST_F(ErrorReporterTest, UMAOnFailure) { |
| 144 net::URLRequestFailedJob::AddUrlHandler(); |
| 145 |
| 146 base::HistogramTester histograms; |
| 147 histograms.ExpectTotalCount(kFailureHistogramName, 0); |
| 148 |
| 149 base::RunLoop run_loop; |
| 150 net::TestURLRequestContext context(true); |
| 151 TestCertificateReporterNetworkDelegate test_delegate; |
| 152 test_delegate.set_url_request_destroyed_callback(run_loop.QuitClosure()); |
| 153 context.set_network_delegate(&test_delegate); |
| 154 context.Init(); |
| 155 |
| 156 GURL report_uri( |
| 157 net::URLRequestFailedJob::GetMockHttpUrl(net::ERR_CONNECTION_FAILED)); |
| 158 ErrorReporter reporter(&context, report_uri, |
| 159 net::ReportSender::DO_NOT_SEND_COOKIES); |
| 160 reporter.SendExtendedReportingReport(kDummyReport); |
| 161 run_loop.Run(); |
| 162 |
| 163 histograms.ExpectTotalCount(kFailureHistogramName, 1); |
| 164 histograms.ExpectBucketCount(kFailureHistogramName, |
| 165 -net::ERR_CONNECTION_FAILED, 1); |
| 166 } |
| 167 |
| 110 // This test decrypts a "known gold" report. It's intentionally brittle | 168 // This test decrypts a "known gold" report. It's intentionally brittle |
| 111 // in order to catch changes in report encryption that could cause the | 169 // in order to catch changes in report encryption that could cause the |
| 112 // server to no longer be able to decrypt reports that it receives from | 170 // server to no longer be able to decrypt reports that it receives from |
| 113 // Chrome. | 171 // Chrome. |
| 114 TEST_F(ErrorReporterTest, DecryptExampleReport) { | 172 TEST_F(ErrorReporterTest, DecryptExampleReport) { |
| 115 // This data should not be changed without also changing the | 173 // This data should not be changed without also changing the |
| 116 // corresponding server-side test. | 174 // corresponding server-side test. |
| 117 const unsigned char kSerializedEncryptedReport[] = { | 175 const unsigned char kSerializedEncryptedReport[] = { |
| 118 0x0A, 0xFB, 0x0C, 0xD5, 0x44, 0x21, 0x36, 0x4D, 0xFC, 0x29, 0x56, 0xBD, | 176 0x0A, 0xFB, 0x0C, 0xD5, 0x44, 0x21, 0x36, 0x4D, 0xFC, 0x29, 0x56, 0xBD, |
| 119 0x47, 0x18, 0xB1, 0x6F, 0x97, 0xF1, 0xF0, 0x3C, 0x31, 0x31, 0x1D, 0xD7, | 177 0x47, 0x18, 0xB1, 0x6F, 0x97, 0xF1, 0xF0, 0x3C, 0x31, 0x31, 0x1D, 0xD7, |
| (...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 263 ASSERT_TRUE(encrypted_request.ParseFromString( | 321 ASSERT_TRUE(encrypted_request.ParseFromString( |
| 264 std::string(reinterpret_cast<const char*>(kSerializedEncryptedReport), | 322 std::string(reinterpret_cast<const char*>(kSerializedEncryptedReport), |
| 265 sizeof(kSerializedEncryptedReport)))); | 323 sizeof(kSerializedEncryptedReport)))); |
| 266 ASSERT_TRUE(ErrorReporter::DecryptErrorReport( | 324 ASSERT_TRUE(ErrorReporter::DecryptErrorReport( |
| 267 server_private_key_, encrypted_request, &decrypted_serialized_report)); | 325 server_private_key_, encrypted_request, &decrypted_serialized_report)); |
| 268 } | 326 } |
| 269 | 327 |
| 270 } // namespace | 328 } // namespace |
| 271 | 329 |
| 272 } // namespace certificate_reporting | 330 } // namespace certificate_reporting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2120683002:
Fix up certificate error reporting histograms (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master