Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(75)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/quic/crypto/crypto_secret_boxer_test.cc

Issue 1715593002: QUIC: obtain source address token keys from internal key server. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@114217654
Patch Set: Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/quic/crypto/crypto_secret_boxer.cc ('k') | net/quic/crypto/quic_crypto_server_config.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/crypto/crypto_secret_boxer.h" 5 #include "net/quic/crypto/crypto_secret_boxer.h"
6 6
7 #include "base/memory/scoped_ptr.h" 7 #include "base/memory/scoped_ptr.h"
8 #include "net/quic/crypto/quic_random.h" 8 #include "net/quic/crypto/quic_random.h"
9 #include "testing/gtest/include/gtest/gtest.h" 9 #include "testing/gtest/include/gtest/gtest.h"
10 10
11 using base::StringPiece; 11 using base::StringPiece;
12 using std::string; 12 using std::string;
13 13
14 namespace net { 14 namespace net {
15 namespace test { 15 namespace test {
16 16
17 TEST(CryptoSecretBoxerTest, BoxAndUnbox) { 17 TEST(CryptoSecretBoxerTest, BoxAndUnbox) {
18 StringPiece message("hello world"); 18 StringPiece message("hello world");
19 const size_t key_size = CryptoSecretBoxer::GetKeySize();
20 scoped_ptr<uint8_t[]> key(new uint8_t[key_size]);
21 memset(key.get(), 0x11, key_size);
22 19
23 CryptoSecretBoxer boxer; 20 CryptoSecretBoxer boxer;
24 boxer.SetKey(StringPiece(reinterpret_cast<char*>(key.get()), key_size)); 21 boxer.SetKeys({string(CryptoSecretBoxer::GetKeySize(), 0x11)});
25 22
26 const string box = boxer.Box(QuicRandom::GetInstance(), message); 23 const string box = boxer.Box(QuicRandom::GetInstance(), message);
27 24
28 string storage; 25 string storage;
29 StringPiece result; 26 StringPiece result;
30 EXPECT_TRUE(boxer.Unbox(box, &storage, &result)); 27 EXPECT_TRUE(boxer.Unbox(box, &storage, &result));
31 EXPECT_EQ(result, message); 28 EXPECT_EQ(result, message);
32 29
33 EXPECT_FALSE(boxer.Unbox(string(1, 'X') + box, &storage, &result)); 30 EXPECT_FALSE(boxer.Unbox(string(1, 'X') + box, &storage, &result));
34 EXPECT_FALSE(boxer.Unbox(box.substr(1, string::npos), &storage, &result)); 31 EXPECT_FALSE(boxer.Unbox(box.substr(1, string::npos), &storage, &result));
35 EXPECT_FALSE(boxer.Unbox(string(), &storage, &result)); 32 EXPECT_FALSE(boxer.Unbox(string(), &storage, &result));
36 EXPECT_FALSE( 33 EXPECT_FALSE(
37 boxer.Unbox(string(1, box[0] ^ 0x80) + box.substr(1, string::npos), 34 boxer.Unbox(string(1, box[0] ^ 0x80) + box.substr(1, string::npos),
38 &storage, &result)); 35 &storage, &result));
39 } 36 }
40 37
38 // Helper function to test whether one boxer can decode the output of another.
39 static bool CanDecode(const CryptoSecretBoxer& decoder,
40 const CryptoSecretBoxer& encoder) {
41 StringPiece message("hello world");
42 const string boxed = encoder.Box(QuicRandom::GetInstance(), message);
43 string storage;
44 StringPiece result;
45 bool ok = decoder.Unbox(boxed, &storage, &result);
46 if (ok) {
47 EXPECT_EQ(result, message);
48 }
49 return ok;
50 }
51
52 TEST(CryptoSecretBoxerTest, MultipleKeys) {
53 string key_11(CryptoSecretBoxer::GetKeySize(), 0x11);
54 string key_12(CryptoSecretBoxer::GetKeySize(), 0x12);
55
56 CryptoSecretBoxer boxer_11, boxer_12, boxer;
57 boxer_11.SetKeys({key_11});
58 boxer_12.SetKeys({key_12});
59 boxer.SetKeys({key_12, key_11});
60
61 // Neither single-key boxer can decode the other's tokens.
62 EXPECT_FALSE(CanDecode(boxer_11, boxer_12));
63 EXPECT_FALSE(CanDecode(boxer_12, boxer_11));
64
65 // |boxer| encodes with the first key, which is key_12.
66 EXPECT_TRUE(CanDecode(boxer_12, boxer));
67 EXPECT_FALSE(CanDecode(boxer_11, boxer));
68
69 // The boxer with both keys can decode tokens from either single-key boxer.
70 EXPECT_TRUE(CanDecode(boxer, boxer_11));
71 EXPECT_TRUE(CanDecode(boxer, boxer_12));
72
73 // After we flush key_11 from |boxer|, it can no longer decode tokens from
74 // |boxer_11|.
75 boxer.SetKeys({key_12});
76 EXPECT_FALSE(CanDecode(boxer, boxer_11));
77 }
78
41 } // namespace test 79 } // namespace test
42 } // namespace net 80 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/crypto/crypto_secret_boxer.cc ('k') | net/quic/crypto/quic_crypto_server_config.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698