chrome/browser/net/chrome_fraudulent_certificate_reporter_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h"
   6
   7 #include <string>
   8
   9 #include "base/bind.h"
  10 #include "base/files/file_path.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/message_loop/message_loop.h"
  13 #include "base/synchronization/waitable_event.h"
  14 #include "base/threading/thread.h"
  15 #include "chrome/browser/net/certificate_error_reporter.h"
  16 #include "content/public/test/test_browser_thread.h"
  17 #include "net/base/request_priority.h"
  18 #include "net/base/test_data_directory.h"
  19 #include "net/cert/x509_certificate.h"
  20 #include "net/http/transport_security_state.h"
  21 #include "net/ssl/ssl_info.h"
  22 #include "net/test/cert_test_util.h"
  23 #include "net/url_request/fraudulent_certificate_reporter.h"
  24 #include "net/url_request/url_request.h"
  25 #include "net/url_request/url_request_context.h"
  26 #include "net/url_request/url_request_test_util.h"
  27 #include "testing/gtest/include/gtest/gtest.h"
  28
  29 using content::BrowserThread;
  30 using net::SSLInfo;
  31
  32 namespace chrome_browser_net {
  33
  34 // Builds an SSLInfo from an invalid cert chain. In this case, the cert is
  35 // expired; what matters is that the cert would not pass even a normal
  36 // sanity check. We test that we DO NOT send a fraudulent certificate report
  37 // in this case.
  38 static SSLInfo GetBadSSLInfo() {
  39   SSLInfo info;
  40
  41   info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(),
  42                                       "expired_cert.pem");
  43   info.cert_status = net::CERT_STATUS_DATE_INVALID;
  44   info.is_issued_by_known_root = false;
  45
  46   return info;
  47 }
  48
  49 // Builds an SSLInfo from a "good" cert chain, as defined by IsGoodSSLInfo,
  50 // but which does not pass DomainState::IsChainOfPublicKeysPermitted. In this
  51 // case, the certificate is for mail.google.com, signed by our Chrome test
  52 // CA. During testing, Chrome believes this CA is part of the root system
  53 // store. But, this CA is not in the pin list; we test that we DO send a
  54 // fraudulent certicate report in this case.
  55 static SSLInfo GetGoodSSLInfo() {
  56   SSLInfo info;
  57
  58   info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(),
  59                                       "test_mail_google_com.pem");
  60   info.is_issued_by_known_root = true;
  61
  62   return info;
  63 }
  64
  65 // Checks that |info| is good as required by the SSL checks performed in
  66 // URLRequestHttpJob::OnStartCompleted, which are enough to trigger pin
  67 // checking but not sufficient to pass
  68 // DomainState::IsChainOfPublicKeysPermitted.
  69 static bool IsGoodSSLInfo(const SSLInfo& info) {
  70   return info.is_valid() && info.is_issued_by_known_root;
  71 }
  72
  73 class TestReporter : public ChromeFraudulentCertificateReporter {
  74  public:
  75   explicit TestReporter(net::URLRequestContext* request_context)
  76       : ChromeFraudulentCertificateReporter(request_context) {}
  77 };
  78
  79 class SendingTestReporter : public TestReporter {
  80  public:
  81   explicit SendingTestReporter(net::URLRequestContext* request_context)
  82       : TestReporter(request_context), passed_(false) {}
  83
  84   // Passes if invoked with a good SSLInfo and for a hostname that is a Google
  85   // pinned property.
  86   void SendReport(const std::string& hostname,
  87                   const SSLInfo& ssl_info) override {
  88     EXPECT_TRUE(IsGoodSSLInfo(ssl_info));
  89     EXPECT_TRUE(net::TransportSecurityState::IsGooglePinnedProperty(hostname));
  90     passed_ = true;
  91   }
  92
  93   ~SendingTestReporter() override {
  94     // If the object is destroyed without having its SendReport method invoked,
  95     // we failed.
  96     EXPECT_TRUE(passed_);
  97   }
  98
  99   bool passed_;
 100 };
 101
 102 class NotSendingTestReporter : public TestReporter {
 103  public:
 104   explicit NotSendingTestReporter(net::URLRequestContext* request_context)
 105       : TestReporter(request_context) {}
 106
 107   // Passes if invoked with a bad SSLInfo and for a hostname that is not a
 108   // Google pinned property.
 109   void SendReport(const std::string& hostname,
 110                   const SSLInfo& ssl_info) override {
 111     EXPECT_FALSE(IsGoodSSLInfo(ssl_info));
 112     EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname));
 113   }
 114 };
 115
 116 // A CertificateErrorReporter that uses a MockURLRequest, but is
 117 // otherwise normal: reports are constructed and sent in the usual way.
 118 class MockReporter : public CertificateErrorReporter {
 119  public:
 120   explicit MockReporter(net::URLRequestContext* request_context)
 121       : CertificateErrorReporter(request_context, GURL("http://example.com")) {}
 122
 123   void SendReport(ReportType type,
 124                   const std::string& hostname,
 125                   const net::SSLInfo& ssl_info) override {
 126     EXPECT_EQ(type, REPORT_TYPE_PINNING_VIOLATION);
 127     EXPECT_FALSE(hostname.empty());
 128     EXPECT_TRUE(ssl_info.is_valid());
 129     CertificateErrorReporter::SendReport(type, hostname, ssl_info);
 130   }
 131
 132  private:
 133   scoped_ptr<net::URLRequest> CreateURLRequest(
 134       net::URLRequestContext* context) override {
 135     return context->CreateRequest(GURL(std::string()),
 136                                   net::DEFAULT_PRIORITY,
 137                                   NULL);
 138   }
 139 };
 140
 141 static void DoReportIsSent() {
 142   net::TestURLRequestContext context;
 143   SendingTestReporter reporter(&context);
 144   SSLInfo info = GetGoodSSLInfo();
 145   reporter.SendReport("mail.google.com", info);
 146 }
 147
 148 static void DoReportIsNotSent() {
 149   net::TestURLRequestContext context;
 150   NotSendingTestReporter reporter(&context);
 151   SSLInfo info = GetBadSSLInfo();
 152   reporter.SendReport("www.example.com", info);
 153 }
 154
 155 static void DoMockReportIsSent() {
 156   net::TestURLRequestContext context;
 157   scoped_ptr<MockReporter> error_reporter(new MockReporter(&context));
 158   ChromeFraudulentCertificateReporter reporter(error_reporter.Pass());
 159   SSLInfo info = GetGoodSSLInfo();
 160   reporter.SendReport("mail.google.com", info);
 161 }
 162
 163 TEST(ChromeFraudulentCertificateReporterTest, GoodBadInfo) {
 164   SSLInfo good = GetGoodSSLInfo();
 165   EXPECT_TRUE(IsGoodSSLInfo(good));
 166
 167   SSLInfo bad = GetBadSSLInfo();
 168   EXPECT_FALSE(IsGoodSSLInfo(bad));
 169 }
 170
 171 TEST(ChromeFraudulentCertificateReporterTest, ReportIsSent) {
 172   base::MessageLoopForIO loop;
 173   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 174   loop.PostTask(FROM_HERE, base::Bind(&DoReportIsSent));
 175   loop.RunUntilIdle();
 176 }
 177
 178 TEST(ChromeFraudulentCertificateReporterTest, MockReportIsSent) {
 179   base::MessageLoopForIO loop;
 180   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 181   loop.PostTask(FROM_HERE, base::Bind(&DoMockReportIsSent));
 182   loop.RunUntilIdle();
 183 }
 184
 185 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) {
 186   base::MessageLoopForIO loop;
 187   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 188   loop.PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent));
 189   loop.RunUntilIdle();
 190 }
 191
 192 }  // namespace chrome_browser_net