| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/common/origin_trials/trial_token.h" | 5 #include "content/common/origin_trials/trial_token.h" |
| 6 | 6 |
| 7 #include "base/macros.h" | 7 #include "base/macros.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/strings/string_piece.h" |
| 9 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| 10 #include "base/test/simple_test_clock.h" | 11 #include "base/test/simple_test_clock.h" |
| 11 #include "base/time/time.h" | 12 #include "base/time/time.h" |
| 12 #include "testing/gtest/include/gtest/gtest.h" | 13 #include "testing/gtest/include/gtest/gtest.h" |
| 13 | 14 |
| 14 namespace content { | 15 namespace content { |
| 15 | 16 |
| 16 namespace { | 17 namespace { |
| 17 | 18 |
| 18 // This is a sample public key for testing the API. The corresponding private | 19 // This is a sample public key for testing the API. The corresponding private |
| 19 // key (use this to generate new samples for this test file) is: | 20 // key (use this to generate new samples for this test file) is: |
| 20 // | 21 // |
| 21 // 0x83, 0x67, 0xf4, 0xcd, 0x2a, 0x1f, 0x0e, 0x04, 0x0d, 0x43, 0x13, | 22 // 0x83, 0x67, 0xf4, 0xcd, 0x2a, 0x1f, 0x0e, 0x04, 0x0d, 0x43, 0x13, |
| 22 // 0x4c, 0x67, 0xc4, 0xf4, 0x28, 0xc9, 0x90, 0x15, 0x02, 0xe2, 0xba, | 23 // 0x4c, 0x67, 0xc4, 0xf4, 0x28, 0xc9, 0x90, 0x15, 0x02, 0xe2, 0xba, |
| 23 // 0xfd, 0xbb, 0xfa, 0xbc, 0x92, 0x76, 0x8a, 0x2c, 0x4b, 0xc7, 0x75, | 24 // 0xfd, 0xbb, 0xfa, 0xbc, 0x92, 0x76, 0x8a, 0x2c, 0x4b, 0xc7, 0x75, |
| 24 // 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, 0x9a, | 25 // 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, 0x9a, |
| 25 // 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, 0x64, | 26 // 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, 0x64, |
| 26 // 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0 | 27 // 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0 |
| 27 const uint8_t kTestPublicKey[] = { | 28 const uint8_t kTestPublicKey[] = { |
| 28 0x75, 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, | 29 0x75, 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, |
| 29 0x9a, 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, | 30 0x9a, 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, |
| 30 0x64, 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0, | 31 0x64, 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0, |
| 31 }; | 32 }; |
| 32 | 33 |
| 34 // This is a valid, but incorrect, public key for testing signatures against. |
| 35 // The corresponding private key is: |
| 36 // |
| 37 // 0x21, 0xee, 0xfa, 0x81, 0x6a, 0xff, 0xdf, 0xb8, 0xc1, 0xdd, 0x75, |
| 38 // 0x05, 0x04, 0x29, 0x68, 0x67, 0x60, 0x85, 0x91, 0xd0, 0x50, 0x16, |
| 39 // 0x0a, 0xcf, 0xa2, 0x37, 0xa3, 0x2e, 0x11, 0x7a, 0x17, 0x96, 0x50, |
| 40 // 0x07, 0x4d, 0x76, 0x55, 0x56, 0x42, 0x17, 0x2d, 0x8a, 0x9c, 0x47, |
| 41 // 0x96, 0x25, 0xda, 0x70, 0xaa, 0xb9, 0xfd, 0x53, 0x5d, 0x51, 0x3e, |
| 42 // 0x16, 0xab, 0xb4, 0x86, 0xea, 0xf3, 0x35, 0xc6, 0xca |
| 43 const uint8_t kTestPublicKey2[] = { |
| 44 0x50, 0x07, 0x4d, 0x76, 0x55, 0x56, 0x42, 0x17, 0x2d, 0x8a, 0x9c, |
| 45 0x47, 0x96, 0x25, 0xda, 0x70, 0xaa, 0xb9, 0xfd, 0x53, 0x5d, 0x51, |
| 46 0x3e, 0x16, 0xab, 0xb4, 0x86, 0xea, 0xf3, 0x35, 0xc6, 0xca, |
| 47 }; |
| 48 |
| 33 // This is a good trial token, signed with the above test private key. | 49 // This is a good trial token, signed with the above test private key. |
| 34 const char* kSampleToken = | 50 const char* kSampleToken = |
| 35 "UsEO0cNxoUtBnHDJdGPWTlXuLENjXcEIPL7Bs7sbvicPCcvAtyqhQuTJ9h/u1R3VZpWigtI+S" | 51 "UsEO0cNxoUtBnHDJdGPWTlXuLENjXcEIPL7Bs7sbvicPCcvAtyqhQuTJ9h/u1R3VZpWigtI+S" |
| 36 "dUwk7Dyk/qbDw==|https://valid.example.com|Frobulate|1458766277"; | 52 "dUwk7Dyk/qbDw==|https://valid.example.com|Frobulate|1458766277"; |
| 37 const char* kExpectedSignature = | 53 const char* kExpectedSignature = |
| 38 "UsEO0cNxoUtBnHDJdGPWTlXuLENjXcEIPL7Bs7sbvicPCcvAtyqhQuTJ9h/u1R3VZpWigtI+S" | 54 "UsEO0cNxoUtBnHDJdGPWTlXuLENjXcEIPL7Bs7sbvicPCcvAtyqhQuTJ9h/u1R3VZpWigtI+S" |
| 39 "dUwk7Dyk/qbDw=="; | 55 "dUwk7Dyk/qbDw=="; |
| 40 const char* kExpectedData = "https://valid.example.com|Frobulate|1458766277"; | 56 const char* kExpectedData = "https://valid.example.com|Frobulate|1458766277"; |
| 41 const char* kExpectedFeatureName = "Frobulate"; | 57 const char* kExpectedFeatureName = "Frobulate"; |
| 42 const char* kExpectedOrigin = "https://valid.example.com"; | 58 const char* kExpectedOrigin = "https://valid.example.com"; |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 80 "Signature|abcdef|FeatureName|1458766277", | 96 "Signature|abcdef|FeatureName|1458766277", |
| 81 "Signature|data:text/plain,abcdef|FeatureName|1458766277", | 97 "Signature|data:text/plain,abcdef|FeatureName|1458766277", |
| 82 "Signature|javascript:alert(1)|FeatureName|1458766277"}; | 98 "Signature|javascript:alert(1)|FeatureName|1458766277"}; |
| 83 const size_t kNumInvalidTokens = arraysize(kInvalidTokens); | 99 const size_t kNumInvalidTokens = arraysize(kInvalidTokens); |
| 84 | 100 |
| 85 } // namespace | 101 } // namespace |
| 86 | 102 |
| 87 class TrialTokenTest : public testing::Test { | 103 class TrialTokenTest : public testing::Test { |
| 88 public: | 104 public: |
| 89 TrialTokenTest() | 105 TrialTokenTest() |
| 90 : public_key_( | 106 : correct_public_key_( |
| 91 base::StringPiece(reinterpret_cast<const char*>(kTestPublicKey), | 107 base::StringPiece(reinterpret_cast<const char*>(kTestPublicKey), |
| 92 arraysize(kTestPublicKey))) {} | 108 arraysize(kTestPublicKey))), |
| 109 incorrect_public_key_( |
| 110 base::StringPiece(reinterpret_cast<const char*>(kTestPublicKey2), |
| 111 arraysize(kTestPublicKey2))) {} |
| 93 | 112 |
| 94 protected: | 113 protected: |
| 95 bool ValidateOrigin(TrialToken* token, const char* origin) { | 114 bool ValidateOrigin(TrialToken* token, const char* origin) { |
| 96 return token->ValidateOrigin(origin); | 115 return token->ValidateOrigin(origin); |
| 97 } | 116 } |
| 98 | 117 |
| 99 bool ValidateFeatureName(TrialToken* token, const char* feature_name) { | 118 bool ValidateFeatureName(TrialToken* token, const char* feature_name) { |
| 100 return token->ValidateFeatureName(feature_name); | 119 return token->ValidateFeatureName(feature_name); |
| 101 } | 120 } |
| 102 | 121 |
| 103 bool ValidateDate(TrialToken* token, const base::Time& now) { | 122 bool ValidateDate(TrialToken* token, const base::Time& now) { |
| 104 return token->ValidateDate(now); | 123 return token->ValidateDate(now); |
| 105 } | 124 } |
| 106 | 125 |
| 107 bool ValidateSignature(TrialToken* token, | 126 bool ValidateSignature(TrialToken* token, |
| 108 const base::StringPiece& public_key) { | 127 const base::StringPiece& public_key) { |
| 109 return token->ValidateSignature(public_key); | 128 return token->ValidateSignature(public_key); |
| 110 } | 129 } |
| 111 | 130 |
| 112 const base::StringPiece& public_key() { return public_key_; }; | 131 const base::StringPiece& correct_public_key() { return correct_public_key_; } |
| 132 const base::StringPiece& incorrect_public_key() { |
| 133 return incorrect_public_key_; |
| 134 } |
| 113 | 135 |
| 114 private: | 136 private: |
| 115 base::StringPiece public_key_; | 137 base::StringPiece correct_public_key_; |
| 138 base::StringPiece incorrect_public_key_; |
| 116 }; | 139 }; |
| 117 | 140 |
| 118 TEST_F(TrialTokenTest, ParseEmptyString) { | 141 TEST_F(TrialTokenTest, ParseEmptyString) { |
| 119 scoped_ptr<TrialToken> empty_token = TrialToken::Parse(""); | 142 scoped_ptr<TrialToken> empty_token = TrialToken::Parse(""); |
| 120 EXPECT_FALSE(empty_token); | 143 EXPECT_FALSE(empty_token); |
| 121 } | 144 } |
| 122 | 145 |
| 123 TEST_F(TrialTokenTest, ParseInvalidStrings) { | 146 TEST_F(TrialTokenTest, ParseInvalidStrings) { |
| 124 for (size_t i = 0; i < kNumInvalidTokens; ++i) { | 147 for (size_t i = 0; i < kNumInvalidTokens; ++i) { |
| 125 scoped_ptr<TrialToken> empty_token = TrialToken::Parse(kInvalidTokens[i]); | 148 scoped_ptr<TrialToken> empty_token = TrialToken::Parse(kInvalidTokens[i]); |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 161 EXPECT_TRUE(token->IsAppropriate(kExpectedOrigin, | 184 EXPECT_TRUE(token->IsAppropriate(kExpectedOrigin, |
| 162 base::ToLowerASCII(kExpectedFeatureName))); | 185 base::ToLowerASCII(kExpectedFeatureName))); |
| 163 EXPECT_FALSE(token->IsAppropriate(kInvalidOrigin, kExpectedFeatureName)); | 186 EXPECT_FALSE(token->IsAppropriate(kInvalidOrigin, kExpectedFeatureName)); |
| 164 EXPECT_FALSE(token->IsAppropriate(kInsecureOrigin, kExpectedFeatureName)); | 187 EXPECT_FALSE(token->IsAppropriate(kInsecureOrigin, kExpectedFeatureName)); |
| 165 EXPECT_FALSE(token->IsAppropriate(kExpectedOrigin, kInvalidFeatureName)); | 188 EXPECT_FALSE(token->IsAppropriate(kExpectedOrigin, kInvalidFeatureName)); |
| 166 } | 189 } |
| 167 | 190 |
| 168 TEST_F(TrialTokenTest, ValidateValidSignature) { | 191 TEST_F(TrialTokenTest, ValidateValidSignature) { |
| 169 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); | 192 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); |
| 170 ASSERT_TRUE(token); | 193 ASSERT_TRUE(token); |
| 171 EXPECT_TRUE(ValidateSignature(token.get(), public_key())); | 194 EXPECT_TRUE(ValidateSignature(token.get(), correct_public_key())); |
| 172 } | 195 } |
| 173 | 196 |
| 174 TEST_F(TrialTokenTest, ValidateInvalidSignature) { | 197 TEST_F(TrialTokenTest, ValidateInvalidSignature) { |
| 175 scoped_ptr<TrialToken> token = TrialToken::Parse(kInvalidSignatureToken); | 198 scoped_ptr<TrialToken> token = TrialToken::Parse(kInvalidSignatureToken); |
| 176 ASSERT_TRUE(token); | 199 ASSERT_TRUE(token); |
| 177 EXPECT_FALSE(ValidateSignature(token.get(), public_key())); | 200 EXPECT_FALSE(ValidateSignature(token.get(), correct_public_key())); |
| 178 } | 201 } |
| 179 | 202 |
| 180 TEST_F(TrialTokenTest, ValidateSignatureOnWrongKey) { | 203 TEST_F(TrialTokenTest, ValidateTokenWithCorrectKey) { |
| 181 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); | 204 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); |
| 182 ASSERT_TRUE(token); | 205 ASSERT_TRUE(token); |
| 183 // Signature will be invalid if tested against the real public key | 206 EXPECT_TRUE(token->IsValid(base::Time::FromDoubleT(kValidTimestamp), |
| 184 EXPECT_FALSE(token->IsValid(base::Time::FromDoubleT(kValidTimestamp))); | 207 correct_public_key())); |
| 208 } |
| 209 |
| 210 TEST_F(TrialTokenTest, ValidateSignatureWithIncorrectKey) { |
| 211 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); |
| 212 ASSERT_TRUE(token); |
| 213 EXPECT_FALSE(token->IsValid(base::Time::FromDoubleT(kValidTimestamp), |
| 214 incorrect_public_key())); |
| 185 } | 215 } |
| 186 | 216 |
| 187 TEST_F(TrialTokenTest, ValidateWhenNotExpired) { | 217 TEST_F(TrialTokenTest, ValidateWhenNotExpired) { |
| 188 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); | 218 scoped_ptr<TrialToken> token = TrialToken::Parse(kSampleToken); |
| 189 ASSERT_TRUE(token); | 219 ASSERT_TRUE(token); |
| 190 } | 220 } |
| 191 | 221 |
| 192 } // namespace content | 222 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1653263005:
[Experimental Framework] Move the trial token public key out of content and into the embedder. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master