components/proximity_auth/cryptauth/base64url_unittest.cc - Issue 1170363002: [Proximity auth] Disallow '+' and '/' in incoming base64-encoded strings.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: components/proximity_auth/cryptauth/base64url_unittest.cc

Issue 1170363002: [Proximity auth] Disallow '+' and '/' in incoming base64-encoded strings. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "components/proximity_auth/cryptauth/base64url.h"	5 #include "components/proximity_auth/cryptauth/base64url.h"

6	6

7 #include "base/base64.h"	7 #include "base/base64.h"

8 #include "testing/gtest/include/gtest/gtest.h"	8 #include "testing/gtest/include/gtest/gtest.h"

9	9

10 namespace proximity_auth {	10 namespace proximity_auth {

(...skipping 46 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
57 std::string decoded;	57 std::string decoded;

58 ASSERT_TRUE(Base64UrlDecode(encoded, &decoded));	58 ASSERT_TRUE(Base64UrlDecode(encoded, &decoded));

59	59

60 // Decoded strings that encode to special characters are non-printable, so,	60 // Decoded strings that encode to special characters are non-printable, so,

61 // for ease of testing, just compare the web-safe and non-web-safe encodings.	61 // for ease of testing, just compare the web-safe and non-web-safe encodings.

62 std::string non_web_safe_encoded;	62 std::string non_web_safe_encoded;

63 base::Base64Encode(decoded, &non_web_safe_encoded);	63 base::Base64Encode(decoded, &non_web_safe_encoded);

64 EXPECT_EQ("/+Y=", non_web_safe_encoded);	64 EXPECT_EQ("/+Y=", non_web_safe_encoded);

65 }	65 }

66	66

	67 TEST(ProximityAuthBase64UrlTest, DecodeBailsOnPlus) {

	68 const std::string encoded = "_+Y=";

	69 std::string decoded;

	70 EXPECT_FALSE(Base64UrlDecode(encoded, &decoded));

	71 }

	72

	73 TEST(ProximityAuthBase64UrlTest, DecodeBailsOnSlash) {

	74 const std::string encoded = "/-Y=";
	Ryan Sleevi 2015/06/09 22:39:48 Just to confirm: Are these valid b64strings otherw Just to confirm: Are these valid b64strings otherwise? That is, is "/+Y=" valid? It may help to add a comment to these tests to indicate what the encoded value is, just so it's clear to not just stuff "any" value in here but it needs to be one that would be easily confused if doing a 'dumb' search/replace Ilya Sherman 2015/06/09 23:08:40 Done. "/+Y=" is the string that's tested above; b Show quoted text On 2015/06/09 22:39:48, Ryan Sleevi wrote: > Just to confirm: Are these valid b64strings otherwise? That is, is "/+Y=" valid? > > It may help to add a comment to these tests to indicate what the encoded value > is, just so it's clear to not just stuff "any" value in here but it needs to be > one that would be easily confused if doing a 'dumb' search/replace Done. "/+Y=" is the string that's tested above; but I've now added explicit comments to make this even clearer.
	75 std::string decoded;

	76 EXPECT_FALSE(Base64UrlDecode(encoded, &decoded));

	77 }

	78

67 } // namespace proximity_auth	79 } // namespace proximity_auth

OLD	NEW

« no previous file with comments | « components/proximity_auth/cryptauth/base64url.cc ('k') | no next file » | no next file with comments »