net/cert/multi_log_ct_verifier_unittest.cc - Issue 1100003006: Certificate Transparency: Fetching of Signed Tree Heads (DRAFT)

Side by Side Diff: net/cert/multi_log_ct_verifier_unittest.cc

Issue 1100003006: Certificate Transparency: Fetching of Signed Tree Heads (DRAFT) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Revised design, addressed some comments Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/multi_log_ct_verifier.h"	5 #include "net/cert/multi_log_ct_verifier.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "base/files/file_path.h"	9 #include "base/files/file_path.h"

10 #include "base/files/file_util.h"	10 #include "base/files/file_util.h"

(...skipping 24 matching lines...) Expand all Loading...
35 const char kLogDescription[] = "somelog";	35 const char kLogDescription[] = "somelog";

36 const char kSCTCountHistogram[] =	36 const char kSCTCountHistogram[] =

37 "Net.CertificateTransparency.SCTsPerConnection";	37 "Net.CertificateTransparency.SCTsPerConnection";

38	38

39 class MultiLogCTVerifierTest : public ::testing::Test {	39 class MultiLogCTVerifierTest : public ::testing::Test {

40 public:	40 public:

41 void SetUp() override {	41 void SetUp() override {

42 scoped_ptr<CTLogVerifier> log(CTLogVerifier::Create(	42 scoped_ptr<CTLogVerifier> log(CTLogVerifier::Create(

43 ct::GetTestPublicKey(), kLogDescription, "https://ct.example.com"));	43 ct::GetTestPublicKey(), kLogDescription, "https://ct.example.com"));

44 ASSERT_TRUE(log);	44 ASSERT_TRUE(log);

	45 log_verifiers_.clear();

	46 log_verifiers_.push_back(linked_ptr<CTLogVerifier>(log.release()));

45	47

46 verifier_.reset(new MultiLogCTVerifier());	48 verifier_.reset(new MultiLogCTVerifier());

47 verifier_->AddLog(log.Pass());	49 verifier_->AddLogs(log_verifiers_);

48 std::string der_test_cert(ct::GetDerEncodedX509Cert());	50 std::string der_test_cert(ct::GetDerEncodedX509Cert());

49 chain_ = X509Certificate::CreateFromBytes(	51 chain_ = X509Certificate::CreateFromBytes(

50 der_test_cert.data(),	52 der_test_cert.data(),

51 der_test_cert.length());	53 der_test_cert.length());

52 ASSERT_TRUE(chain_.get());	54 ASSERT_TRUE(chain_.get());

53	55

54 embedded_sct_chain_ =	56 embedded_sct_chain_ =

55 CreateCertificateChainFromFile(GetTestCertsDirectory(),	57 CreateCertificateChainFromFile(GetTestCertsDirectory(),

56 "ct-test-embedded-cert.pem",	58 "ct-test-embedded-cert.pem",

57 X509Certificate::FORMAT_AUTO);	59 X509Certificate::FORMAT_AUTO);

(...skipping 128 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
186	188

187 int NumValidSCTsInStatusHistogram() {	189 int NumValidSCTsInStatusHistogram() {

188 return GetValueFromHistogram("Net.CertificateTransparency.SCTStatus",	190 return GetValueFromHistogram("Net.CertificateTransparency.SCTStatus",

189 ct::SCT_STATUS_OK);	191 ct::SCT_STATUS_OK);

190 }	192 }

191	193

192 protected:	194 protected:

193 scoped_ptr<MultiLogCTVerifier> verifier_;	195 scoped_ptr<MultiLogCTVerifier> verifier_;

194 scoped_refptr<X509Certificate> chain_;	196 scoped_refptr<X509Certificate> chain_;

195 scoped_refptr<X509Certificate> embedded_sct_chain_;	197 scoped_refptr<X509Certificate> embedded_sct_chain_;

	198 std::vector<linked_ptr<CTLogVerifier>> log_verifiers_;

196 };	199 };

197	200

198 TEST_F(MultiLogCTVerifierTest, VerifiesEmbeddedSCT) {	201 TEST_F(MultiLogCTVerifierTest, VerifiesEmbeddedSCT) {

199 ASSERT_TRUE(CheckPrecertificateVerification(embedded_sct_chain_));	202 ASSERT_TRUE(CheckPrecertificateVerification(embedded_sct_chain_));

200 }	203 }

201	204

202 TEST_F(MultiLogCTVerifierTest, VerifiesEmbeddedSCTWithPreCA) {	205 TEST_F(MultiLogCTVerifierTest, VerifiesEmbeddedSCTWithPreCA) {

203 scoped_refptr<X509Certificate> chain(	206 scoped_refptr<X509Certificate> chain(

204 CreateCertificateChainFromFile(GetTestCertsDirectory(),	207 CreateCertificateChainFromFile(GetTestCertsDirectory(),

205 "ct-test-embedded-with-preca-chain.pem",	208 "ct-test-embedded-with-preca-chain.pem",

(...skipping 89 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
295 TEST_F(MultiLogCTVerifierTest, CountsZeroSCTsCorrectly) {	298 TEST_F(MultiLogCTVerifierTest, CountsZeroSCTsCorrectly) {

296 int connections_without_scts = GetValueFromHistogram(kSCTCountHistogram, 0);	299 int connections_without_scts = GetValueFromHistogram(kSCTCountHistogram, 0);

297 EXPECT_FALSE(VerifySinglePrecertificateChain(chain_));	300 EXPECT_FALSE(VerifySinglePrecertificateChain(chain_));

298 ASSERT_EQ(connections_without_scts + 1,	301 ASSERT_EQ(connections_without_scts + 1,

299 GetValueFromHistogram(kSCTCountHistogram, 0));	302 GetValueFromHistogram(kSCTCountHistogram, 0));

300 }	303 }

301	304

302 } // namespace	305 } // namespace

303	306

304 } // namespace net	307 } // namespace net

OLD	NEW

« net/cert/ct_verifier.h ('K') | « net/cert/multi_log_ct_verifier.cc ('k') | net/net.gypi » ('j') | no next file with comments »