| OLD | NEW |
| (Empty) |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "content/renderer/origin_trials/trial_token_validator.h" | |
| 6 | |
| 7 #include "base/macros.h" | |
| 8 #include "base/memory/scoped_ptr.h" | |
| 9 #include "base/strings/string_util.h" | |
| 10 #include "base/test/simple_test_clock.h" | |
| 11 #include "base/time/time.h" | |
| 12 #include "content/public/renderer/content_renderer_client.h" | |
| 13 #include "testing/gtest/include/gtest/gtest.h" | |
| 14 #include "url/gurl.h" | |
| 15 | |
| 16 namespace content { | |
| 17 | |
| 18 namespace { | |
| 19 | |
| 20 // This is a sample public key for testing the API. The corresponding private | |
| 21 // key (use this to generate new samples for this test file) is: | |
| 22 // | |
| 23 // 0x83, 0x67, 0xf4, 0xcd, 0x2a, 0x1f, 0x0e, 0x04, 0x0d, 0x43, 0x13, | |
| 24 // 0x4c, 0x67, 0xc4, 0xf4, 0x28, 0xc9, 0x90, 0x15, 0x02, 0xe2, 0xba, | |
| 25 // 0xfd, 0xbb, 0xfa, 0xbc, 0x92, 0x76, 0x8a, 0x2c, 0x4b, 0xc7, 0x75, | |
| 26 // 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, 0x9a, | |
| 27 // 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, 0x64, | |
| 28 // 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0 | |
| 29 const uint8_t kTestPublicKey[] = { | |
| 30 0x75, 0x10, 0xac, 0xf9, 0x3a, 0x1c, 0xb8, 0xa9, 0x28, 0x70, 0xd2, | |
| 31 0x9a, 0xd0, 0x0b, 0x59, 0xe1, 0xac, 0x2b, 0xb7, 0xd5, 0xca, 0x1f, | |
| 32 0x64, 0x90, 0x08, 0x8e, 0xa8, 0xe0, 0x56, 0x3a, 0x04, 0xd0, | |
| 33 }; | |
| 34 | |
| 35 // 0x21, 0xee, 0xfa, 0x81, 0x6a, 0xff, 0xdf, 0xb8, 0xc1, 0xdd, 0x75, | |
| 36 // 0x05, 0x04, 0x29, 0x68, 0x67, 0x60, 0x85, 0x91, 0xd0, 0x50, 0x16, | |
| 37 // 0x0a, 0xcf, 0xa2, 0x37, 0xa3, 0x2e, 0x11, 0x7a, 0x17, 0x96, 0x50, | |
| 38 // 0x07, 0x4d, 0x76, 0x55, 0x56, 0x42, 0x17, 0x2d, 0x8a, 0x9c, 0x47, | |
| 39 // 0x96, 0x25, 0xda, 0x70, 0xaa, 0xb9, 0xfd, 0x53, 0x5d, 0x51, 0x3e, | |
| 40 // 0x16, 0xab, 0xb4, 0x86, 0xea, 0xf3, 0x35, 0xc6, 0xca | |
| 41 const uint8_t kTestPublicKey2[] = { | |
| 42 0x50, 0x07, 0x4d, 0x76, 0x55, 0x56, 0x42, 0x17, 0x2d, 0x8a, 0x9c, | |
| 43 0x47, 0x96, 0x25, 0xda, 0x70, 0xaa, 0xb9, 0xfd, 0x53, 0x5d, 0x51, | |
| 44 0x3e, 0x16, 0xab, 0xb4, 0x86, 0xea, 0xf3, 0x35, 0xc6, 0xca, | |
| 45 }; | |
| 46 | |
| 47 // This is a good trial token, signed with the above test private key. | |
| 48 // TODO(iclelland): This token expires in 2033. Update it or find a way | |
| 49 // to autogenerate it before then. | |
| 50 const char kSampleToken[] = | |
| 51 "1|w694328Rl8l2vd96nkbAumpwvOOnvhWTj9/pfBRkvcWMDAsmiMEhZGEPzdBRy5Yao6il5qC" | |
| 52 "OyS6Ah7uuHf7JAQ==|https://valid.example.com|Frobulate|2000000000"; | |
| 53 | |
| 54 // The token should be valid for this origin and for this feature. | |
| 55 const char kAppropriateOrigin[] = "https://valid.example.com"; | |
| 56 const char kAppropriateFeatureName[] = "Frobulate"; | |
| 57 | |
| 58 const char kInappropriateFeatureName[] = "Grokalyze"; | |
| 59 const char kInappropriateOrigin[] = "https://invalid.example.com"; | |
| 60 const char kInsecureOrigin[] = "http://valid.example.com"; | |
| 61 | |
| 62 // Well-formed trial token with an invalid signature. | |
| 63 const char kInvalidSignatureToken[] = | |
| 64 "1|CO8hDne98QeFeOJ0DbRZCBN3uE0nyaPgaLlkYhSWnbRoDfEAg+TXELaYfQPfEvKYFauBg/h" | |
| 65 "nxmba765hz0mXMc==|https://valid.example.com|Frobulate|2000000000"; | |
| 66 | |
| 67 // Well-formed, but expired, trial token. (Expired in 2001) | |
| 68 const char kExpiredToken[] = | |
| 69 "1|Vtzq/H0qMxsMXPThIgGEvI13d3Fd8K3W11/0E+FrJJXqBpx6n/dFkeFkEUsPaP3KeT8PCPF" | |
| 70 "1zpZ7kVgWYRLpAA==|https://valid.example.com|Frobulate|1000000000"; | |
| 71 | |
| 72 const char kUnparsableToken[] = "abcde"; | |
| 73 | |
| 74 class TestContentRendererClient : public content::ContentRendererClient { | |
| 75 public: | |
| 76 base::StringPiece GetOriginTrialPublicKey() override { | |
| 77 return base::StringPiece(reinterpret_cast<const char*>(key_), | |
| 78 arraysize(kTestPublicKey)); | |
| 79 } | |
| 80 void SetOriginTrialPublicKey(const uint8_t* key) { key_ = key; } | |
| 81 const uint8_t* key_ = nullptr; | |
| 82 }; | |
| 83 | |
| 84 } // namespace | |
| 85 | |
| 86 class TrialTokenValidatorTest : public testing::Test { | |
| 87 public: | |
| 88 TrialTokenValidatorTest() | |
| 89 : appropriate_origin_(GURL(kAppropriateOrigin)), | |
| 90 inappropriate_origin_(GURL(kInappropriateOrigin)), | |
| 91 insecure_origin_(GURL(kInsecureOrigin)) { | |
| 92 SetPublicKey(kTestPublicKey); | |
| 93 SetRendererClientForTesting(&test_content_renderer_client_); | |
| 94 } | |
| 95 | |
| 96 void SetPublicKey(const uint8_t* key) { | |
| 97 test_content_renderer_client_.SetOriginTrialPublicKey(key); | |
| 98 } | |
| 99 | |
| 100 TrialTokenValidator trial_token_validator_; | |
| 101 const url::Origin appropriate_origin_; | |
| 102 const url::Origin inappropriate_origin_; | |
| 103 const url::Origin insecure_origin_; | |
| 104 | |
| 105 private: | |
| 106 TestContentRendererClient test_content_renderer_client_; | |
| 107 }; | |
| 108 | |
| 109 TEST_F(TrialTokenValidatorTest, ValidateValidToken) { | |
| 110 EXPECT_TRUE(trial_token_validator_.validateToken( | |
| 111 kSampleToken, appropriate_origin_, kAppropriateFeatureName)); | |
| 112 } | |
| 113 | |
| 114 TEST_F(TrialTokenValidatorTest, ValidateInappropriateOrigin) { | |
| 115 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 116 kSampleToken, inappropriate_origin_, kAppropriateFeatureName)); | |
| 117 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 118 kSampleToken, insecure_origin_, kAppropriateFeatureName)); | |
| 119 } | |
| 120 | |
| 121 TEST_F(TrialTokenValidatorTest, ValidateInappropriateFeature) { | |
| 122 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 123 kSampleToken, appropriate_origin_, kInappropriateFeatureName)); | |
| 124 } | |
| 125 | |
| 126 TEST_F(TrialTokenValidatorTest, ValidateInvalidSignature) { | |
| 127 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 128 kInvalidSignatureToken, appropriate_origin_, kAppropriateFeatureName)); | |
| 129 } | |
| 130 | |
| 131 TEST_F(TrialTokenValidatorTest, ValidateUnparsableToken) { | |
| 132 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 133 kUnparsableToken, appropriate_origin_, kAppropriateFeatureName)); | |
| 134 } | |
| 135 | |
| 136 TEST_F(TrialTokenValidatorTest, ValidateExpiredToken) { | |
| 137 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 138 kExpiredToken, appropriate_origin_, kAppropriateFeatureName)); | |
| 139 } | |
| 140 | |
| 141 TEST_F(TrialTokenValidatorTest, ValidateValidTokenWithIncorrectKey) { | |
| 142 SetPublicKey(kTestPublicKey2); | |
| 143 EXPECT_FALSE(TrialTokenValidator().validateToken( | |
| 144 kSampleToken, appropriate_origin_, kAppropriateFeatureName)); | |
| 145 } | |
| 146 | |
| 147 } // namespace content | |
| OLD | NEW |