chrome/browser/net/chrome_fraudulent_certificate_reporter_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/net/chrome_fraudulent_certificate_reporter.h"
   6
   7 #include <string>
   8
   9 #include "base/bind.h"
  10 #include "base/files/file_path.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/message_loop/message_loop.h"
  13 #include "base/synchronization/waitable_event.h"
  14 #include "base/threading/thread.h"
  15 #include "content/public/test/test_browser_thread.h"
  16 #include "net/base/request_priority.h"
  17 #include "net/base/test_data_directory.h"
  18 #include "net/cert/x509_certificate.h"
  19 #include "net/http/transport_security_state.h"
  20 #include "net/ssl/ssl_info.h"
  21 #include "net/test/cert_test_util.h"
  22 #include "net/url_request/fraudulent_certificate_reporter.h"
  23 #include "net/url_request/url_request.h"
  24 #include "net/url_request/url_request_context.h"
  25 #include "net/url_request/url_request_test_util.h"
  26 #include "testing/gtest/include/gtest/gtest.h"
  27
  28 using content::BrowserThread;
  29 using net::SSLInfo;
  30
  31 namespace chrome_browser_net {
  32
  33 // Builds an SSLInfo from an invalid cert chain. In this case, the cert is
  34 // expired; what matters is that the cert would not pass even a normal
  35 // sanity check. We test that we DO NOT send a fraudulent certificate report
  36 // in this case.
  37 static SSLInfo GetBadSSLInfo() {
  38   SSLInfo info;
  39
  40   info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(),
  41                                       "expired_cert.pem");
  42   info.cert_status = net::CERT_STATUS_DATE_INVALID;
  43   info.is_issued_by_known_root = false;
  44
  45   return info;
  46 }
  47
  48 // Builds an SSLInfo from a "good" cert chain, as defined by IsGoodSSLInfo,
  49 // but which does not pass DomainState::IsChainOfPublicKeysPermitted. In this
  50 // case, the certificate is for mail.google.com, signed by our Chrome test
  51 // CA. During testing, Chrome believes this CA is part of the root system
  52 // store. But, this CA is not in the pin list; we test that we DO send a
  53 // fraudulent certicate report in this case.
  54 static SSLInfo GetGoodSSLInfo() {
  55   SSLInfo info;
  56
  57   info.cert = net::ImportCertFromFile(net::GetTestCertsDirectory(),
  58                                       "test_mail_google_com.pem");
  59   info.is_issued_by_known_root = true;
  60
  61   return info;
  62 }
  63
  64 // Checks that |info| is good as required by the SSL checks performed in
  65 // URLRequestHttpJob::OnStartCompleted, which are enough to trigger pin
  66 // checking but not sufficient to pass
  67 // DomainState::IsChainOfPublicKeysPermitted.
  68 static bool IsGoodSSLInfo(const SSLInfo& info) {
  69   return info.is_valid() && info.is_issued_by_known_root;
  70 }
  71
  72 class TestReporter : public ChromeFraudulentCertificateReporter {
  73  public:
  74   explicit TestReporter(net::URLRequestContext* request_context)
  75       : ChromeFraudulentCertificateReporter(request_context) {}
  76 };
  77
  78 class SendingTestReporter : public TestReporter {
  79  public:
  80   explicit SendingTestReporter(net::URLRequestContext* request_context)
  81       : TestReporter(request_context), passed_(false) {}
  82
  83   // Passes if invoked with a good SSLInfo and for a hostname that is a Google
  84   // pinned property.
  85   virtual void SendReport(const std::string& hostname,
  86                           const SSLInfo& ssl_info) override {
  87     EXPECT_TRUE(IsGoodSSLInfo(ssl_info));
  88     EXPECT_TRUE(net::TransportSecurityState::IsGooglePinnedProperty(hostname));
  89     passed_ = true;
  90   }
  91
  92   virtual ~SendingTestReporter() {
  93     // If the object is destroyed without having its SendReport method invoked,
  94     // we failed.
  95     EXPECT_TRUE(passed_);
  96   }
  97
  98   bool passed_;
  99 };
 100
 101 class NotSendingTestReporter : public TestReporter {
 102  public:
 103   explicit NotSendingTestReporter(net::URLRequestContext* request_context)
 104       : TestReporter(request_context) {}
 105
 106   // Passes if invoked with a bad SSLInfo and for a hostname that is not a
 107   // Google pinned property.
 108   virtual void SendReport(const std::string& hostname,
 109                           const SSLInfo& ssl_info) override {
 110     EXPECT_FALSE(IsGoodSSLInfo(ssl_info));
 111     EXPECT_FALSE(net::TransportSecurityState::IsGooglePinnedProperty(hostname));
 112   }
 113 };
 114
 115 // A ChromeFraudulentCertificateReporter that uses a MockURLRequest, but is
 116 // otherwise normal: reports are constructed and sent in the usual way.
 117 class MockReporter : public ChromeFraudulentCertificateReporter {
 118  public:
 119   explicit MockReporter(net::URLRequestContext* request_context)
 120     : ChromeFraudulentCertificateReporter(request_context) {}
 121
 122   virtual scoped_ptr<net::URLRequest> CreateURLRequest(
 123       net::URLRequestContext* context) override {
 124     return context->CreateRequest(GURL(std::string()),
 125                                   net::DEFAULT_PRIORITY,
 126                                   NULL,
 127                                   NULL);
 128   }
 129
 130   virtual void SendReport(
 131       const std::string& hostname,
 132       const net::SSLInfo& ssl_info) override {
 133     DCHECK(!hostname.empty());
 134     DCHECK(ssl_info.is_valid());
 135     ChromeFraudulentCertificateReporter::SendReport(hostname, ssl_info);
 136   }
 137 };
 138
 139 static void DoReportIsSent() {
 140   net::TestURLRequestContext context;
 141   SendingTestReporter reporter(&context);
 142   SSLInfo info = GetGoodSSLInfo();
 143   reporter.SendReport("mail.google.com", info);
 144 }
 145
 146 static void DoReportIsNotSent() {
 147   net::TestURLRequestContext context;
 148   NotSendingTestReporter reporter(&context);
 149   SSLInfo info = GetBadSSLInfo();
 150   reporter.SendReport("www.example.com", info);
 151 }
 152
 153 static void DoMockReportIsSent() {
 154   net::TestURLRequestContext context;
 155   MockReporter reporter(&context);
 156   SSLInfo info = GetGoodSSLInfo();
 157   reporter.SendReport("mail.google.com", info);
 158 }
 159
 160 TEST(ChromeFraudulentCertificateReporterTest, GoodBadInfo) {
 161   SSLInfo good = GetGoodSSLInfo();
 162   EXPECT_TRUE(IsGoodSSLInfo(good));
 163
 164   SSLInfo bad = GetBadSSLInfo();
 165   EXPECT_FALSE(IsGoodSSLInfo(bad));
 166 }
 167
 168 TEST(ChromeFraudulentCertificateReporterTest, ReportIsSent) {
 169   base::MessageLoopForIO loop;
 170   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 171   loop.PostTask(FROM_HERE, base::Bind(&DoReportIsSent));
 172   loop.RunUntilIdle();
 173 }
 174
 175 TEST(ChromeFraudulentCertificateReporterTest, MockReportIsSent) {
 176   base::MessageLoopForIO loop;
 177   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 178   loop.PostTask(FROM_HERE, base::Bind(&DoMockReportIsSent));
 179   loop.RunUntilIdle();
 180 }
 181
 182 TEST(ChromeFraudulentCertificateReporterTest, ReportIsNotSent) {
 183   base::MessageLoopForIO loop;
 184   content::TestBrowserThread io_thread(BrowserThread::IO, &loop);
 185   loop.PostTask(FROM_HERE, base::Bind(&DoReportIsNotSent));
 186   loop.RunUntilIdle();
 187 }
 188
 189 }  // namespace chrome_browser_net