search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Switch global error menu icon to vectorized MD asset
[chromium-blink-merge.git] / chrome / browser / ssl / certificate_error_report_unittest.cc
blob5c712ee3a81c70ca9f988757121d99e38813c5d4
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/ssl/certificate_error_report.h"
6
7 #include <set>
8 #include <string>
9
10 #include "base/files/file_path.h"
11 #include "base/files/file_util.h"
12 #include "base/path_service.h"
13 #include "chrome/browser/ssl/cert_logger.pb.h"
14 #include "chrome/common/chrome_paths.h"
15 #include "net/base/test_data_directory.h"
16 #include "net/cert/cert_status_flags.h"
17 #include "net/ssl/ssl_info.h"
18 #include "net/test/cert_test_util.h"
19 #include "testing/gmock/include/gmock/gmock.h"
20 #include "testing/gtest/include/gtest/gtest.h"
21
22 using net::SSLInfo;
23 using testing::UnorderedElementsAre;
24
25 namespace {
26
27 const char kDummyHostname[] = "dummy.hostname.com";
28 const char kDummyFailureLog[] = "dummy failure log";
29 const char kTestCertFilename[] = "test_mail_google_com.pem";
30
31 const net::CertStatus kCertStatus =
32 net::CERT_STATUS_COMMON_NAME_INVALID | net::CERT_STATUS_REVOKED;
33
34 const CertLoggerRequest::CertError kFirstReportedCertError =
35 CertLoggerRequest::ERR_CERT_COMMON_NAME_INVALID;
36 const CertLoggerRequest::CertError kSecondReportedCertError =
37 CertLoggerRequest::ERR_CERT_REVOKED;
38
39 // Whether to include an unverified certificate chain in the test
40 // SSLInfo. In production code, an unverified cert chain will not be
41 // present if the resource was loaded from cache.
42 enum UnverifiedCertChainStatus {
43 INCLUDE_UNVERIFIED_CERT_CHAIN,
44 EXCLUDE_UNVERIFIED_CERT_CHAIN
45 };
46
47 SSLInfo GetTestSSLInfo(UnverifiedCertChainStatus unverified_cert_chain_status) {
48 SSLInfo info;
49 info.cert =
50 net::ImportCertFromFile(net::GetTestCertsDirectory(), kTestCertFilename);
51 if (unverified_cert_chain_status == INCLUDE_UNVERIFIED_CERT_CHAIN) {
52 info.unverified_cert = net::ImportCertFromFile(net::GetTestCertsDirectory(),
53 kTestCertFilename);
54 }
55 info.is_issued_by_known_root = true;
56 info.cert_status = kCertStatus;
57 info.pinning_failure_log = kDummyFailureLog;
58 return info;
59 }
60
61 std::string GetPEMEncodedChain() {
62 base::FilePath cert_path =
63 net::GetTestCertsDirectory().AppendASCII(kTestCertFilename);
64 std::string cert_data;
65 EXPECT_TRUE(base::ReadFileToString(cert_path, &cert_data));
66 return cert_data;
67 }
68
69 // Test that a serialized CertificateErrorReport can be deserialized as
70 // a CertLoggerRequest protobuf (which is the format that the receiving
71 // server expects it in) with the right data in it.
72 TEST(CertificateErrorReportTest, SerializedReportAsProtobuf) {
73 std::string serialized_report;
74 CertificateErrorReport report(kDummyHostname,
75 GetTestSSLInfo(INCLUDE_UNVERIFIED_CERT_CHAIN));
76 ASSERT_TRUE(report.Serialize(&serialized_report));
77
78 CertLoggerRequest deserialized_report;
79 ASSERT_TRUE(deserialized_report.ParseFromString(serialized_report));
80 EXPECT_EQ(kDummyHostname, deserialized_report.hostname());
81 EXPECT_EQ(GetPEMEncodedChain(), deserialized_report.cert_chain());
82 EXPECT_EQ(GetPEMEncodedChain(), deserialized_report.unverified_cert_chain());
83 EXPECT_EQ(1, deserialized_report.pin().size());
84 EXPECT_EQ(kDummyFailureLog, deserialized_report.pin().Get(0));
85
86 EXPECT_THAT(
87 deserialized_report.cert_error(),
88 UnorderedElementsAre(kFirstReportedCertError, kSecondReportedCertError));
89 }
90
91 TEST(CertificateErrorReportTest,
92 SerializedReportAsProtobufWithInterstitialInfo) {
93 std::string serialized_report;
94 // Use EXCLUDE_UNVERIFIED_CERT_CHAIN here to exercise the code path
95 // where SSLInfo does not contain the unverified cert chain. (The test
96 // above exercises the path where it does.)
97 CertificateErrorReport report(kDummyHostname,
98 GetTestSSLInfo(EXCLUDE_UNVERIFIED_CERT_CHAIN));
99
100 report.SetInterstitialInfo(CertificateErrorReport::INTERSTITIAL_CLOCK,
101 CertificateErrorReport::USER_PROCEEDED,
102 CertificateErrorReport::INTERSTITIAL_OVERRIDABLE);
103
104 ASSERT_TRUE(report.Serialize(&serialized_report));
105
106 CertLoggerRequest deserialized_report;
107 ASSERT_TRUE(deserialized_report.ParseFromString(serialized_report));
108 EXPECT_EQ(kDummyHostname, deserialized_report.hostname());
109 EXPECT_EQ(GetPEMEncodedChain(), deserialized_report.cert_chain());
110 EXPECT_EQ(std::string(), deserialized_report.unverified_cert_chain());
111 EXPECT_EQ(1, deserialized_report.pin().size());
112 EXPECT_EQ(kDummyFailureLog, deserialized_report.pin().Get(0));
113
114 EXPECT_EQ(CertLoggerInterstitialInfo::INTERSTITIAL_CLOCK,
115 deserialized_report.interstitial_info().interstitial_reason());
116 EXPECT_EQ(true, deserialized_report.interstitial_info().user_proceeded());
117 EXPECT_EQ(true, deserialized_report.interstitial_info().overridable());
118
119 EXPECT_THAT(
120 deserialized_report.cert_error(),
121 UnorderedElementsAre(kFirstReportedCertError, kSecondReportedCertError));
122 }
123
124 // Test that a serialized report can be parsed.
125 TEST(CertificateErrorReportTest, ParseSerializedReport) {
126 std::string serialized_report;
127 CertificateErrorReport report(kDummyHostname,
128 GetTestSSLInfo(EXCLUDE_UNVERIFIED_CERT_CHAIN));
129 EXPECT_EQ(kDummyHostname, report.hostname());
130 ASSERT_TRUE(report.Serialize(&serialized_report));
131
132 CertificateErrorReport parsed;
133 ASSERT_TRUE(parsed.InitializeFromString(serialized_report));
134 EXPECT_EQ(report.hostname(), parsed.hostname());
135 }
136
137 } // namespace