1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/net/certificate_error_reporter.h"
10 #include "base/bind.h"
11 #include "base/bind_helpers.h"
12 #include "base/macros.h"
13 #include "base/message_loop/message_loop.h"
14 #include "base/run_loop.h"
15 #include "base/thread_task_runner_handle.h"
16 #include "chrome/browser/net/encrypted_cert_logger.pb.h"
17 #include "chrome/common/chrome_paths.h"
18 #include "content/public/browser/browser_thread.h"
19 #include "crypto/curve25519.h"
20 #include "net/base/load_flags.h"
21 #include "net/base/network_delegate_impl.h"
22 #include "net/base/upload_bytes_element_reader.h"
23 #include "net/base/upload_data_stream.h"
24 #include "net/base/upload_element_reader.h"
25 #include "net/test/url_request/url_request_failed_job.h"
26 #include "net/test/url_request/url_request_mock_data_job.h"
27 #include "net/url_request/url_request_filter.h"
28 #include "net/url_request/url_request_test_util.h"
29 #include "testing/gtest/include/gtest/gtest.h"
31 using chrome_browser_net::CertificateErrorReporter
;
32 using content::BrowserThread
;
33 using net::CertStatus
;
34 using net::CompletionCallback
;
35 using net::NetworkDelegateImpl
;
36 using net::TestURLRequestContext
;
37 using net::URLRequest
;
41 const char kDummyReport
[] = "test.mail.google.com";
42 const char kSecondDummyReport
[] = "test2.mail.google.com";
43 const uint32 kServerPublicKeyVersion
= 1;
45 void EnableUrlRequestMocks(bool enable
) {
46 net::URLRequestFilter::GetInstance()->ClearHandlers();
50 net::URLRequestFailedJob::AddUrlHandler();
51 net::URLRequestMockDataJob::AddUrlHandler();
54 // Check that data uploaded in the request matches the test report
55 // data. The sent reports will be erased from |expect_reports|.
56 void CheckUploadData(URLRequest
* request
,
57 std::set
<std::string
>* expect_reports
,
59 const uint8
* server_private_key
) {
60 const net::UploadDataStream
* upload
= request
->get_upload();
62 ASSERT_TRUE(upload
->GetElementReaders());
63 EXPECT_EQ(1u, upload
->GetElementReaders()->size());
65 const net::UploadBytesElementReader
* reader
=
66 (*upload
->GetElementReaders())[0]->AsBytesReader();
68 std::string
upload_data(reader
->bytes(), reader
->length());
70 std::string uploaded_report
;
71 #if defined(USE_OPENSSL)
73 chrome_browser_net::EncryptedCertLoggerRequest encrypted_request
;
74 ASSERT_TRUE(encrypted_request
.ParseFromString(upload_data
));
75 EXPECT_EQ(kServerPublicKeyVersion
,
76 encrypted_request
.server_public_key_version());
77 EXPECT_EQ(chrome_browser_net::EncryptedCertLoggerRequest::
78 AEAD_ECDH_AES_128_CTR_HMAC_SHA256
,
79 encrypted_request
.algorithm());
80 ASSERT_TRUE(CertificateErrorReporter::DecryptCertificateErrorReport(
81 server_private_key
, encrypted_request
, &uploaded_report
));
83 uploaded_report
= upload_data
;
86 uploaded_report
= upload_data
;
89 EXPECT_EQ(1u, expect_reports
->count(uploaded_report
));
90 expect_reports
->erase(uploaded_report
);
93 // A network delegate that lets tests check that a certificate error
94 // report was sent. It counts the number of requests and lets tests
95 // register a callback to run when the request is destroyed. It also
96 // checks that the uploaded data is as expected.
97 class TestCertificateErrorReporterNetworkDelegate
: public NetworkDelegateImpl
{
99 TestCertificateErrorReporterNetworkDelegate()
100 : url_request_destroyed_callback_(base::Bind(&base::DoNothing
)),
101 all_url_requests_destroyed_callback_(base::Bind(&base::DoNothing
)),
103 expect_cookies_(false),
104 expect_request_encrypted_(false) {
105 memset(server_private_key_
, 1, sizeof(server_private_key_
));
106 crypto::curve25519::ScalarBaseMult(server_private_key_
, server_public_key_
);
109 ~TestCertificateErrorReporterNetworkDelegate() override
{}
111 void ExpectReport(const std::string
& report
) {
112 expect_reports_
.insert(report
);
115 void set_all_url_requests_destroyed_callback(
116 const base::Closure
& all_url_requests_destroyed_callback
) {
117 all_url_requests_destroyed_callback_
= all_url_requests_destroyed_callback
;
120 void set_url_request_destroyed_callback(
121 const base::Closure
& url_request_destroyed_callback
) {
122 url_request_destroyed_callback_
= url_request_destroyed_callback
;
125 void set_expect_url(const GURL
& expect_url
) { expect_url_
= expect_url
; }
127 int num_requests() const { return num_requests_
; }
129 // Sets whether cookies are expected to be sent on requests. If set to
130 // true, then |OnHeadersReceived| will expect a cookie
131 // "cookie_name=cookie_value".
132 void set_expect_cookies(bool expect_cookies
) {
133 expect_cookies_
= expect_cookies
;
136 void set_expect_request_encrypted(bool expect_request_encrypted
) {
137 expect_request_encrypted_
= expect_request_encrypted
;
140 // NetworkDelegateImpl implementation
141 int OnBeforeURLRequest(URLRequest
* request
,
142 const CompletionCallback
& callback
,
143 GURL
* new_url
) override
{
145 EXPECT_EQ(expect_url_
, request
->url());
146 EXPECT_EQ("POST", request
->method());
148 if (expect_cookies_
) {
149 EXPECT_FALSE(request
->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES
);
150 EXPECT_FALSE(request
->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES
);
152 EXPECT_TRUE(request
->load_flags() & net::LOAD_DO_NOT_SEND_COOKIES
);
153 EXPECT_TRUE(request
->load_flags() & net::LOAD_DO_NOT_SAVE_COOKIES
);
156 CheckUploadData(request
, &expect_reports_
, expect_request_encrypted_
,
157 server_private_key_
);
161 void OnURLRequestDestroyed(URLRequest
* request
) override
{
162 url_request_destroyed_callback_
.Run();
163 if (expect_reports_
.empty())
164 all_url_requests_destroyed_callback_
.Run();
167 const uint8
* server_public_key() { return server_public_key_
; }
168 const uint8
* server_private_key() { return server_private_key_
; }
171 base::Closure url_request_destroyed_callback_
;
172 base::Closure all_url_requests_destroyed_callback_
;
175 std::set
<std::string
> expect_reports_
;
176 bool expect_cookies_
;
177 bool expect_request_encrypted_
;
179 uint8 server_public_key_
[32];
180 uint8 server_private_key_
[32];
182 DISALLOW_COPY_AND_ASSIGN(TestCertificateErrorReporterNetworkDelegate
);
185 class CertificateErrorReporterTest
: public ::testing::Test
{
187 CertificateErrorReporterTest() : context_(true) {
188 EnableUrlRequestMocks(true);
189 context_
.set_network_delegate(&network_delegate_
);
193 ~CertificateErrorReporterTest() override
{ EnableUrlRequestMocks(false); }
195 TestCertificateErrorReporterNetworkDelegate
* network_delegate() {
196 return &network_delegate_
;
199 TestURLRequestContext
* context() { return &context_
; }
202 base::MessageLoop message_loop_
;
203 TestCertificateErrorReporterNetworkDelegate network_delegate_
;
204 TestURLRequestContext context_
;
207 void SendReport(CertificateErrorReporter
* reporter
,
208 TestCertificateErrorReporterNetworkDelegate
* network_delegate
,
209 const std::string
& report
,
211 int request_sequence_number
,
212 CertificateErrorReporter::ReportType type
) {
213 base::RunLoop run_loop
;
214 network_delegate
->set_url_request_destroyed_callback(run_loop
.QuitClosure());
216 network_delegate
->set_expect_url(url
);
217 network_delegate
->ExpectReport(report
);
219 EXPECT_EQ(request_sequence_number
, network_delegate
->num_requests());
221 reporter
->SendReport(type
, report
);
224 EXPECT_EQ(request_sequence_number
+ 1, network_delegate
->num_requests());
227 // Test that CertificateErrorReporter::SendReport creates a URLRequest
228 // for the endpoint and sends the expected data.
229 TEST_F(CertificateErrorReporterTest
, PinningViolationSendReportSendsRequest
) {
230 GURL url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
231 CertificateErrorReporter
reporter(
232 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
233 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 0,
234 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
237 TEST_F(CertificateErrorReporterTest
, ExtendedReportingSendReportSendsRequest
) {
238 // Data should not be encrypted when sent to an HTTPS URL.
239 GURL https_url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
240 CertificateErrorReporter
https_reporter(
241 context(), https_url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
242 network_delegate()->set_expect_request_encrypted(false);
243 SendReport(&https_reporter
, network_delegate(), kDummyReport
, https_url
, 0,
244 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING
);
246 // Data should be encrypted when sent to an HTTP URL.
247 if (CertificateErrorReporter::IsHttpUploadUrlSupported()) {
248 GURL http_url
= net::URLRequestMockDataJob::GetMockHttpUrl("dummy data", 1);
249 CertificateErrorReporter
http_reporter(
250 context(), http_url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
,
251 network_delegate()->server_public_key(), kServerPublicKeyVersion
);
252 network_delegate()->set_expect_request_encrypted(true);
253 SendReport(&http_reporter
, network_delegate(), kDummyReport
, http_url
, 1,
254 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING
);
258 TEST_F(CertificateErrorReporterTest
, SendMultipleReportsSequentially
) {
259 GURL url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
260 CertificateErrorReporter
reporter(
261 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
262 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 0,
263 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
264 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 1,
265 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
268 TEST_F(CertificateErrorReporterTest
, SendMultipleReportsSimultaneously
) {
269 base::RunLoop run_loop
;
270 network_delegate()->set_all_url_requests_destroyed_callback(
271 run_loop
.QuitClosure());
273 GURL url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
274 network_delegate()->set_expect_url(url
);
275 network_delegate()->ExpectReport(kDummyReport
);
276 network_delegate()->ExpectReport(kSecondDummyReport
);
278 CertificateErrorReporter
reporter(
279 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
281 EXPECT_EQ(0, network_delegate()->num_requests());
283 reporter
.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
,
285 reporter
.SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
,
290 EXPECT_EQ(2, network_delegate()->num_requests());
293 // Test that pending URLRequests get cleaned up when the reporter is
295 TEST_F(CertificateErrorReporterTest
, PendingRequestGetsDeleted
) {
296 base::RunLoop run_loop
;
297 network_delegate()->set_url_request_destroyed_callback(
298 run_loop
.QuitClosure());
300 GURL url
= net::URLRequestFailedJob::GetMockHttpUrlWithFailurePhase(
301 net::URLRequestFailedJob::START
, net::ERR_IO_PENDING
);
302 network_delegate()->set_expect_url(url
);
303 network_delegate()->ExpectReport(kDummyReport
);
305 EXPECT_EQ(0, network_delegate()->num_requests());
307 scoped_ptr
<CertificateErrorReporter
> reporter(new CertificateErrorReporter(
308 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
));
309 reporter
->SendReport(CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
,
315 EXPECT_EQ(1, network_delegate()->num_requests());
318 // Test that a request that returns an error gets cleaned up.
319 TEST_F(CertificateErrorReporterTest
, ErroredRequestGetsDeleted
) {
320 GURL url
= net::URLRequestFailedJob::GetMockHttpsUrl(net::ERR_FAILED
);
321 CertificateErrorReporter
reporter(
322 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
323 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 0,
324 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
327 // Test that cookies are sent or not sent according to the error
328 // reporter's cookies preference.
330 TEST_F(CertificateErrorReporterTest
, SendCookiesPreference
) {
331 GURL url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
332 CertificateErrorReporter
reporter(context(), url
,
333 CertificateErrorReporter::SEND_COOKIES
);
335 network_delegate()->set_expect_cookies(true);
336 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 0,
337 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
340 TEST_F(CertificateErrorReporterTest
, DoNotSendCookiesPreference
) {
341 GURL url
= net::URLRequestMockDataJob::GetMockHttpsUrl("dummy data", 1);
342 CertificateErrorReporter
reporter(
343 context(), url
, CertificateErrorReporter::DO_NOT_SEND_COOKIES
);
345 network_delegate()->set_expect_cookies(false);
346 SendReport(&reporter
, network_delegate(), kDummyReport
, url
, 0,
347 CertificateErrorReporter::REPORT_TYPE_PINNING_VIOLATION
);
350 #if defined(USE_OPENSSL)
351 // This test decrypts a "known gold" report. It's intentionally brittle
352 // in order to catch changes in report encryption that could cause the
353 // server to no longer be able to decrypt reports that it receives from
355 TEST_F(CertificateErrorReporterTest
, DecryptExampleReport
) {
356 // This data should not be changed without also changing the
357 // corresponding server-side test.
358 const unsigned char kSerializedEncryptedReport
[] = {
359 0x0A, 0xFB, 0x0C, 0xD5, 0x44, 0x21, 0x36, 0x4D, 0xFC, 0x29, 0x56, 0xBD,
360 0x47, 0x18, 0xB1, 0x6F, 0x97, 0xF1, 0xF0, 0x3C, 0x31, 0x31, 0x1D, 0xD7,
361 0xAB, 0x81, 0xCC, 0xBC, 0x56, 0x2B, 0xD4, 0x50, 0xF4, 0xF6, 0x28, 0x3A,
362 0x36, 0x8C, 0x4A, 0x67, 0x4E, 0xF2, 0x51, 0xA3, 0x7D, 0x02, 0xA8, 0x4D,
363 0xE9, 0xBE, 0x72, 0x5A, 0x8A, 0x62, 0xE0, 0x61, 0xA4, 0x87, 0x62, 0xBA,
364 0x6A, 0x5C, 0x4B, 0x07, 0x04, 0xE6, 0xCD, 0xE1, 0xD6, 0x12, 0x02, 0xC1,
365 0xF3, 0x5C, 0x7D, 0xFB, 0x61, 0xC3, 0x8D, 0xBE, 0x47, 0x50, 0xC4, 0xAC,
366 0x33, 0xA6, 0x2B, 0x6A, 0x4D, 0x5F, 0x22, 0x4B, 0x21, 0xAB, 0xFD, 0x66,
367 0x9C, 0xEF, 0x81, 0x06, 0xEB, 0xC0, 0x96, 0x87, 0x4E, 0xD6, 0x16, 0x5F,
368 0x0B, 0x2E, 0xF0, 0x3C, 0xA3, 0xBF, 0x75, 0x77, 0x3A, 0x91, 0xD2, 0xF5,
369 0xCC, 0x22, 0xE2, 0xB0, 0xCC, 0x28, 0xC0, 0xE2, 0xDB, 0x61, 0x5D, 0xEF,
370 0x3F, 0xA9, 0x23, 0x71, 0xA1, 0xF3, 0x59, 0x4F, 0xAF, 0xBE, 0x4F, 0x2C,
371 0xF6, 0xFC, 0xCB, 0x46, 0x2D, 0x48, 0x24, 0x84, 0xEC, 0x73, 0xCB, 0x83,
372 0x3D, 0x2A, 0x0B, 0x9C, 0x57, 0xDC, 0xC5, 0xD9, 0xB9, 0xA2, 0x69, 0xD9,
373 0x2B, 0xCF, 0xFB, 0xEB, 0xBA, 0xBC, 0x55, 0x5C, 0xF3, 0x9A, 0x66, 0x56,
374 0xD2, 0x06, 0xBF, 0x07, 0x34, 0x7F, 0x84, 0x53, 0xB4, 0xB2, 0xE3, 0x52,
375 0xA6, 0x97, 0x2A, 0xFD, 0x43, 0xC8, 0x33, 0xDC, 0x7F, 0xC1, 0x0E, 0xE9,
376 0xA6, 0xFF, 0x88, 0x63, 0x07, 0x38, 0x2D, 0xDF, 0x36, 0x83, 0xF1, 0x42,
377 0x15, 0x61, 0x05, 0x43, 0x94, 0x59, 0x67, 0x04, 0xB3, 0x8A, 0xF6, 0xFE,
378 0x73, 0x03, 0xE2, 0x89, 0x20, 0xC1, 0x63, 0x49, 0x67, 0x4E, 0xAF, 0xBF,
379 0xAE, 0xAC, 0xA3, 0x16, 0x8F, 0x6D, 0x2D, 0x79, 0xEA, 0x99, 0x79, 0x95,
380 0x03, 0xC8, 0x05, 0x1B, 0x3E, 0x66, 0x99, 0x1E, 0xC5, 0x05, 0x34, 0xD0,
381 0x99, 0xED, 0xDD, 0xFB, 0x7C, 0x9B, 0x00, 0x3B, 0x5C, 0x78, 0xD5, 0x30,
382 0x76, 0x3C, 0x37, 0xED, 0x4F, 0x6A, 0xAD, 0x75, 0xA7, 0x86, 0xC4, 0x0B,
383 0xD5, 0x0F, 0xE8, 0xC3, 0x4D, 0x1F, 0xAF, 0x62, 0xD8, 0xD4, 0x74, 0x02,
384 0xBE, 0xD3, 0x01, 0x2F, 0x18, 0x44, 0xFB, 0xA3, 0x46, 0x5B, 0x6F, 0x4C,
385 0x86, 0xD9, 0x2D, 0xE3, 0x32, 0x7F, 0xCA, 0x91, 0xFD, 0xED, 0x6A, 0xAC,
386 0x1D, 0x01, 0x75, 0xFC, 0x1E, 0x36, 0x81, 0xF3, 0x66, 0x2A, 0x21, 0x0F,
387 0x0F, 0x69, 0x29, 0x7B, 0x15, 0xDE, 0xE2, 0x90, 0xF1, 0x64, 0x1F, 0xF3,
388 0xEC, 0x90, 0x8A, 0xFC, 0x83, 0x39, 0x7D, 0x19, 0x31, 0x7F, 0x01, 0xA0,
389 0x43, 0xF9, 0x24, 0x8C, 0xDD, 0xC0, 0x15, 0x9E, 0x6A, 0x92, 0x8F, 0x65,
390 0xDD, 0x60, 0x34, 0x9D, 0x73, 0x46, 0xB5, 0x31, 0xF8, 0x92, 0x79, 0xC3,
391 0x59, 0x1D, 0xEB, 0xC8, 0x12, 0x92, 0xB6, 0x24, 0xA2, 0x3A, 0xA1, 0xA2,
392 0xEE, 0x8E, 0x34, 0x23, 0xB2, 0x0F, 0x34, 0xA8, 0x29, 0x26, 0x1C, 0xC0,
393 0xEE, 0x8C, 0xA7, 0x87, 0x9D, 0x3E, 0x74, 0x21, 0x06, 0xDA, 0xF3, 0x9E,
394 0x01, 0xC3, 0xBD, 0x68, 0x40, 0x6B, 0x61, 0xA9, 0xB7, 0xC1, 0xFD, 0x56,
395 0xFF, 0x99, 0x11, 0x42, 0x81, 0xFB, 0xE0, 0x9A, 0x1D, 0xD9, 0xB8, 0x1D,
396 0x2D, 0x85, 0x74, 0xC1, 0xBC, 0x36, 0x8F, 0x31, 0xE5, 0x01, 0x79, 0xF5,
397 0x04, 0xC5, 0x96, 0x1B, 0x5F, 0xAD, 0x86, 0x52, 0x00, 0xF0, 0xCC, 0x7B,
398 0x8D, 0x1B, 0xEA, 0x6B, 0xA8, 0xF8, 0xA4, 0x8F, 0x13, 0x51, 0x3D, 0xB8,
399 0x4D, 0x99, 0x22, 0x9B, 0x31, 0xB7, 0xBC, 0xF7, 0x2D, 0x76, 0x19, 0x90,
400 0xAB, 0xDA, 0xD2, 0x25, 0xE7, 0x4E, 0xDF, 0x96, 0x66, 0x90, 0xD7, 0x4E,
401 0xE7, 0x21, 0x96, 0xEF, 0xD0, 0xA7, 0x00, 0x2E, 0x9B, 0x2C, 0xE3, 0x87,
402 0x45, 0xA4, 0x3C, 0x24, 0x5A, 0xFA, 0x3D, 0x2D, 0xAD, 0x3E, 0xD3, 0xB5,
403 0x07, 0xAB, 0x72, 0x6D, 0xD1, 0x83, 0x17, 0x11, 0xD8, 0x37, 0x7D, 0x69,
404 0xE1, 0x4D, 0xF6, 0x34, 0x72, 0x54, 0xCD, 0x65, 0xC0, 0x2C, 0x36, 0xA1,
405 0x0A, 0x4B, 0x28, 0x24, 0x50, 0x1D, 0x36, 0x15, 0xF3, 0xD4, 0xFB, 0x75,
406 0x2C, 0x72, 0xA9, 0x92, 0x34, 0xB5, 0xEF, 0x50, 0x29, 0x8D, 0x78, 0x75,
407 0xB8, 0x19, 0x58, 0xC2, 0x9D, 0xD3, 0x09, 0xDC, 0xB6, 0xB6, 0x86, 0xE8,
408 0xF7, 0x79, 0xBF, 0xFB, 0x7E, 0xF4, 0xD5, 0x99, 0xFF, 0xE5, 0x72, 0x1A,
409 0x15, 0x9E, 0x37, 0x6A, 0x7A, 0xD1, 0xD3, 0x3D, 0xC8, 0xDC, 0x37, 0x98,
410 0xE4, 0x74, 0x0B, 0x8D, 0x9D, 0x38, 0x7E, 0xA8, 0x24, 0x76, 0xA4, 0x7F,
411 0x28, 0x34, 0xA9, 0xC5, 0x5F, 0xD2, 0x0C, 0xDE, 0xD0, 0x34, 0x2D, 0xF9,
412 0x25, 0xE0, 0x60, 0xB2, 0x1D, 0xA8, 0x7F, 0xDB, 0x03, 0x44, 0x88, 0xA2,
413 0x33, 0x75, 0x9B, 0x06, 0xAB, 0x28, 0x82, 0x74, 0x9F, 0x7F, 0xA7, 0xA6,
414 0x38, 0x27, 0xFA, 0xCE, 0x75, 0xC8, 0x91, 0xE1, 0x15, 0xDD, 0x2F, 0x34,
415 0xF5, 0x64, 0xFA, 0x77, 0x6D, 0x1F, 0xE7, 0x42, 0x41, 0xB5, 0xF4, 0x71,
416 0x8E, 0x0A, 0x8B, 0x06, 0x00, 0xB6, 0xCB, 0xBE, 0x23, 0xC2, 0x8C, 0x83,
417 0x27, 0x23, 0x8F, 0xF7, 0xA1, 0xCF, 0x5C, 0x76, 0x16, 0x9C, 0x17, 0xD1,
418 0x7D, 0xA5, 0xA0, 0x55, 0xC2, 0xF7, 0x5B, 0x8B, 0x7E, 0xD7, 0x36, 0xC0,
419 0x3B, 0x52, 0xF4, 0x5D, 0x96, 0x99, 0x61, 0x16, 0xFF, 0x01, 0x1D, 0x2F,
420 0xC4, 0xE6, 0x3D, 0x6E, 0x1F, 0xB3, 0x2B, 0x4B, 0x9E, 0xC4, 0xD8, 0x7F,
421 0x74, 0x6B, 0x5F, 0x78, 0x36, 0xE6, 0x2E, 0x46, 0xF1, 0xCF, 0x9E, 0x19,
422 0xA3, 0xE1, 0x5C, 0xC8, 0x4F, 0xE5, 0x36, 0x21, 0x06, 0x1A, 0x9D, 0x7D,
423 0x14, 0xBE, 0xCB, 0x1F, 0xB7, 0x8E, 0xC4, 0x98, 0xEA, 0xDC, 0xEC, 0x59,
424 0xA1, 0xC6, 0x77, 0xCF, 0x2D, 0x47, 0x69, 0x29, 0x8C, 0xC3, 0xBF, 0x72,
425 0xA3, 0x3F, 0x40, 0xFB, 0x11, 0xDA, 0x0C, 0x0B, 0xB4, 0x66, 0xD3, 0xDD,
426 0x12, 0x7B, 0xB1, 0x6A, 0xC3, 0xF6, 0x5F, 0x0F, 0xFB, 0x6D, 0x43, 0x6B,
427 0xED, 0xF9, 0x48, 0x4E, 0xAF, 0x98, 0x55, 0x1B, 0x37, 0x16, 0x2D, 0xF3,
428 0x75, 0xB5, 0xAC, 0xB8, 0xF1, 0x37, 0xE8, 0xA9, 0x99, 0x35, 0x04, 0x8E,
429 0x51, 0x7B, 0x29, 0x4B, 0x7A, 0xA1, 0xD2, 0x1D, 0x25, 0x62, 0xFD, 0xAF,
430 0x7A, 0xBA, 0xB6, 0x05, 0x75, 0x5D, 0x94, 0x72, 0xE7, 0x02, 0x77, 0x02,
431 0xAC, 0x7B, 0x91, 0x6F, 0x8C, 0x32, 0xF6, 0x38, 0x67, 0xF6, 0xF2, 0xC1,
432 0x58, 0xCE, 0x01, 0x39, 0xED, 0x76, 0x52, 0x1F, 0xA2, 0x49, 0x0B, 0x72,
433 0x73, 0xD9, 0x00, 0x12, 0xDC, 0xC5, 0x27, 0x8F, 0x38, 0x08, 0x31, 0x7F,
434 0x08, 0xFC, 0xA8, 0x74, 0xD2, 0xED, 0xED, 0xC7, 0x37, 0xC8, 0xAF, 0xB1,
435 0x2C, 0x9D, 0x33, 0x2C, 0xE1, 0x2D, 0x72, 0x59, 0xCF, 0x55, 0x1E, 0x04,
436 0x51, 0x08, 0xBF, 0x98, 0x16, 0xEC, 0x1F, 0x76, 0x54, 0x5F, 0x8B, 0xD1,
437 0x00, 0x07, 0x25, 0x7A, 0x0A, 0x2A, 0xD1, 0xAE, 0xC8, 0x77, 0xDF, 0xDD,
438 0x14, 0xB2, 0xA6, 0xC5, 0x2E, 0xFB, 0xC7, 0x4E, 0x56, 0x01, 0xDE, 0x5B,
439 0x86, 0xAC, 0xB7, 0xBB, 0x6E, 0x41, 0xFF, 0xFD, 0x29, 0x29, 0x0D, 0x95,
440 0x13, 0x1E, 0x31, 0xA0, 0xFF, 0xC2, 0x2C, 0x31, 0x6B, 0xF5, 0x0D, 0x16,
441 0x1E, 0x56, 0xC5, 0x1F, 0xB1, 0xB1, 0x33, 0x3D, 0xA9, 0xD4, 0x8D, 0x2A,
442 0xFA, 0x9F, 0x9A, 0xA7, 0x51, 0xDC, 0x77, 0xBB, 0xD6, 0xDC, 0xAE, 0x3D,
443 0xA3, 0x2F, 0xDD, 0x55, 0x52, 0xAB, 0x35, 0x61, 0x7C, 0xA8, 0x5E, 0x57,
444 0xAD, 0x8D, 0xF5, 0x02, 0xA1, 0x60, 0x33, 0x9E, 0xEC, 0xD0, 0x48, 0x5C,
445 0x3F, 0xDF, 0xF2, 0x33, 0xC1, 0x3A, 0x99, 0xFE, 0x37, 0x2E, 0xF8, 0xFF,
446 0x49, 0x11, 0xFF, 0x8B, 0x18, 0xCF, 0x37, 0xBC, 0x50, 0xD0, 0xFB, 0x9E,
447 0xFB, 0x16, 0x6D, 0xC6, 0xAC, 0x79, 0xDD, 0xE8, 0xE7, 0x69, 0x62, 0xB7,
448 0x23, 0xDF, 0xA6, 0x93, 0x6E, 0x65, 0x49, 0xE5, 0x61, 0x60, 0x89, 0xDC,
449 0x45, 0xC8, 0xD2, 0x4F, 0x03, 0xAA, 0x1E, 0x06, 0x19, 0x4B, 0x14, 0x12,
450 0x02, 0xB9, 0xA2, 0x66, 0x02, 0xFE, 0x80, 0x03, 0xC7, 0xEF, 0x3C, 0xC9,
451 0x0D, 0x85, 0xD8, 0x94, 0xF2, 0x3B, 0xC6, 0x9E, 0xB7, 0x4D, 0x19, 0x85,
452 0x1A, 0xA6, 0x89, 0x12, 0x24, 0xC2, 0x16, 0x3A, 0x17, 0x1E, 0x64, 0x32,
453 0x6D, 0xDA, 0x6B, 0xE0, 0x3C, 0xE9, 0xCC, 0xE1, 0xFC, 0x16, 0x9B, 0xBF,
454 0x75, 0x01, 0xA4, 0x17, 0x5F, 0x49, 0xD3, 0xF7, 0xE3, 0xEF, 0x1B, 0x4D,
455 0x90, 0xB1, 0x43, 0x54, 0x97, 0x57, 0xE3, 0x4B, 0x66, 0x77, 0xAA, 0x1C,
456 0xA4, 0xC1, 0x6C, 0x44, 0x34, 0x93, 0x42, 0xDD, 0xC6, 0xA2, 0xBD, 0x95,
457 0x84, 0x1C, 0xB5, 0xE0, 0xEC, 0x24, 0x6E, 0x64, 0x5C, 0x94, 0x81, 0x50,
458 0x7E, 0x97, 0x16, 0xA8, 0x7C, 0xF3, 0x6D, 0x5A, 0x7C, 0x55, 0x71, 0x2D,
459 0x3D, 0x8A, 0xCD, 0xA2, 0x9B, 0x04, 0x10, 0xEE, 0xE2, 0x2C, 0x4D, 0x50,
460 0x93, 0x1F, 0xD2, 0x36, 0x05, 0x25, 0x21, 0xA6, 0x69, 0x99, 0xC8, 0x76,
461 0x1B, 0x01, 0xDE, 0x9F, 0xEE, 0xE0, 0xFF, 0xAF, 0x3C, 0x0F, 0x0D, 0xF1,
462 0x49, 0x83, 0x17, 0x1A, 0x88, 0x31, 0xC6, 0x10, 0xFB, 0x5C, 0xBC, 0xC7,
463 0x8F, 0x71, 0x37, 0x17, 0xA7, 0xF0, 0xDE, 0x1A, 0x89, 0xBB, 0x62, 0x28,
464 0x07, 0xFF, 0xB2, 0xFA, 0x6F, 0x91, 0x30, 0xEC, 0x90, 0x84, 0xF6, 0xE3,
465 0xA7, 0x78, 0x81, 0x13, 0x6C, 0xC7, 0x1F, 0x57, 0xB1, 0x27, 0x4F, 0x43,
466 0xAB, 0x58, 0x92, 0x48, 0xCD, 0x94, 0x7B, 0xEA, 0xEC, 0x1F, 0xE6, 0x65,
467 0x3E, 0xD8, 0x14, 0x1B, 0x96, 0x09, 0xD1, 0x05, 0xCC, 0xDD, 0xB7, 0xBC,
468 0x69, 0xF5, 0x33, 0x58, 0x0C, 0x32, 0x27, 0xA2, 0xF5, 0xE4, 0x28, 0x1C,
469 0xD2, 0xC0, 0xF8, 0x67, 0xD4, 0x58, 0xC4, 0xA4, 0x12, 0x30, 0x0E, 0x4D,
470 0xD7, 0x7E, 0x2B, 0x01, 0xC5, 0xD3, 0xA7, 0xF9, 0xEA, 0xFE, 0x3D, 0x04,
471 0x9E, 0xE8, 0x39, 0x9E, 0xC7, 0xE5, 0xF1, 0xCC, 0x72, 0xB7, 0x5E, 0x5B,
472 0xFC, 0xAB, 0xF4, 0x42, 0x3E, 0x7A, 0xBE, 0x8C, 0x03, 0xB1, 0x11, 0x4E,
473 0x19, 0xFE, 0xB2, 0xFD, 0xF9, 0x9A, 0xE0, 0xC7, 0x1A, 0xCA, 0xFF, 0xD7,
474 0x31, 0x40, 0x43, 0x2A, 0xD1, 0x1D, 0xF7, 0x5A, 0x9A, 0x3B, 0xB9, 0x3C,
475 0x12, 0x48, 0xB3, 0x7D, 0xC3, 0xE7, 0x64, 0x97, 0x55, 0x5E, 0x70, 0x9B,
476 0x75, 0xD6, 0xC5, 0x73, 0x4E, 0xFA, 0xB1, 0x2F, 0xDF, 0x3F, 0x8E, 0x97,
477 0xA6, 0x67, 0xFE, 0x4D, 0x3F, 0x5C, 0x09, 0x9B, 0x98, 0xBA, 0xF8, 0xA5,
478 0x6D, 0x18, 0x80, 0x61, 0xE9, 0x17, 0x4A, 0xDD, 0x95, 0x92, 0x4F, 0xD4,
479 0x57, 0xD0, 0x40, 0xE0, 0x21, 0xC4, 0x76, 0xE2, 0x1A, 0x1E, 0x1F, 0x29,
480 0x0A, 0x98, 0xC9, 0x93, 0xA8, 0x6A, 0x55, 0x26, 0x67, 0xAA, 0x14, 0x18,
481 0x6A, 0x38, 0x91, 0xEB, 0x13, 0xD0, 0xA8, 0x00, 0x4B, 0x13, 0xB7, 0x3B,
482 0x13, 0x74, 0x34, 0xB1, 0xEA, 0x1F, 0x59, 0x4C, 0x1C, 0x7F, 0x73, 0xE8,
483 0xF0, 0xE1, 0x10, 0x23, 0xA2, 0x77, 0x35, 0xCA, 0x57, 0x9F, 0x43, 0xE7,
484 0xCA, 0xF2, 0xD2, 0xB1, 0x38, 0x27, 0x4D, 0x52, 0xEE, 0x82, 0xB6, 0x3E,
485 0xF4, 0xB0, 0x51, 0x82, 0x9E, 0xDB, 0xB9, 0xAE, 0xCC, 0xFD, 0x97, 0x60,
486 0x1E, 0x67, 0x5B, 0x5A, 0x6A, 0x9A, 0xEA, 0x0F, 0x90, 0x36, 0xA1, 0xD0,
487 0x7D, 0x5E, 0xC3, 0x90, 0x3D, 0x7E, 0xD4, 0xEF, 0xCF, 0xD2, 0x38, 0x67,
488 0xBB, 0x1F, 0x58, 0xD4, 0x1B, 0xF2, 0xF0, 0x6A, 0x25, 0x68, 0x82, 0x19,
489 0x78, 0xB2, 0xC1, 0x34, 0x1D, 0xFA, 0xD5, 0x24, 0x1C, 0x81, 0x21, 0x74,
490 0xB1, 0xE8, 0x59, 0xD7, 0xA1, 0xB7, 0x61, 0xF5, 0x4F, 0x41, 0xEC, 0x27,
491 0xE5, 0x30, 0xC2, 0xFB, 0x69, 0xCC, 0x69, 0xF5, 0x0F, 0xF2, 0x0D, 0x2E,
492 0xDE, 0x43, 0xC5, 0xA2, 0xA6, 0x99, 0x1F, 0x00, 0x06, 0xD7, 0x93, 0xA5,
493 0xD7, 0xAD, 0xD0, 0x6A, 0x61, 0x37, 0xF4, 0xAA, 0xB8, 0xA9, 0x3B, 0x7E,
494 0xFC, 0xF7, 0x30, 0xE6, 0xA8, 0x75, 0x65, 0xBA, 0xDD, 0x1D, 0x30, 0x73,
495 0x04, 0x5A, 0x37, 0x64, 0xE3, 0x51, 0xFD, 0x36, 0x4D, 0xF1, 0x8F, 0x7E,
496 0x38, 0x18, 0xA0, 0x43, 0xE3, 0x9F, 0x03, 0x70, 0x53, 0x08, 0xF1, 0xE1,
497 0x13, 0x84, 0x7C, 0x5F, 0x1F, 0xDE, 0x10, 0x01, 0x1A, 0x20, 0xCC, 0x49,
498 0xFB, 0xD4, 0xE1, 0x04, 0x42, 0x0D, 0x2C, 0x41, 0x84, 0xDD, 0xFB, 0xC7,
499 0xA6, 0x2D, 0x00, 0xCC, 0xB5, 0x3B, 0x31, 0x2E, 0xB4, 0x30, 0xA5, 0x08,
500 0x1A, 0x7D, 0x19, 0x81, 0xF0, 0x4D, 0x20, 0x01};
502 chrome_browser_net::EncryptedCertLoggerRequest encrypted_request
;
503 std::string decrypted_serialized_report
;
504 ASSERT_TRUE(encrypted_request
.ParseFromString(
505 std::string(reinterpret_cast<const char*>(kSerializedEncryptedReport
),
506 sizeof(kSerializedEncryptedReport
))));
507 ASSERT_TRUE(chrome_browser_net::CertificateErrorReporter::
508 DecryptCertificateErrorReport(
509 network_delegate()->server_private_key(),
510 encrypted_request
, &decrypted_serialized_report
));
