OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/client_update_protocol/ecdsa.h" | 5 #include "components/client_update_protocol/ecdsa.h" |
6 | 6 |
7 #include <stdint.h> | 7 #include <stdint.h> |
8 | 8 |
9 #include <limits> | 9 #include <limits> |
10 #include <memory> | 10 #include <memory> |
(...skipping 28 matching lines...) Expand all Loading... |
39 | 39 |
40 } // end namespace | 40 } // end namespace |
41 | 41 |
42 class CupEcdsaTest : public testing::Test { | 42 class CupEcdsaTest : public testing::Test { |
43 protected: | 43 protected: |
44 void SetUp() override { | 44 void SetUp() override { |
45 cup_ = Ecdsa::Create(8, GetPublicKeyForTesting()); | 45 cup_ = Ecdsa::Create(8, GetPublicKeyForTesting()); |
46 ASSERT_TRUE(cup_.get()); | 46 ASSERT_TRUE(cup_.get()); |
47 } | 47 } |
48 | 48 |
49 void OverrideNonce(uint32_t nonce) { | |
50 cup_->request_query_cup2key_ = | |
51 base::StringPrintf("%d:%u", cup_->pub_key_version_, nonce); | |
52 } | |
53 | |
54 Ecdsa& CUP() { return *cup_.get(); } | 49 Ecdsa& CUP() { return *cup_.get(); } |
55 | 50 |
56 private: | 51 private: |
57 std::unique_ptr<Ecdsa> cup_; | 52 std::unique_ptr<Ecdsa> cup_; |
58 }; | 53 }; |
59 | 54 |
60 TEST_F(CupEcdsaTest, SignRequest) { | 55 TEST_F(CupEcdsaTest, SignRequest) { |
61 static const char kRequest[] = "TestSequenceForCupEcdsaUnitTest"; | 56 static const char kRequest[] = "TestSequenceForCupEcdsaUnitTest"; |
62 static const char kRequestHash[] = | 57 static const char kRequestHash[] = |
63 "&cup2hreq=" | 58 "&cup2hreq=" |
(...skipping 15 matching lines...) Expand all Loading... |
79 // In theory, this is a flaky test, as there's nothing preventing the RNG | 74 // In theory, this is a flaky test, as there's nothing preventing the RNG |
80 // from returning the same nonce twice in a row. In practice, this should | 75 // from returning the same nonce twice in a row. In practice, this should |
81 // be fine. | 76 // be fine. |
82 EXPECT_NE(query, query2); | 77 EXPECT_NE(query, query2); |
83 } | 78 } |
84 | 79 |
85 TEST_F(CupEcdsaTest, ValidateResponse_TestETagParsing) { | 80 TEST_F(CupEcdsaTest, ValidateResponse_TestETagParsing) { |
86 // Invalid ETags must be gracefully rejected without a crash. | 81 // Invalid ETags must be gracefully rejected without a crash. |
87 std::string query_discard; | 82 std::string query_discard; |
88 CUP().SignRequest("Request_A", &query_discard); | 83 CUP().SignRequest("Request_A", &query_discard); |
89 OverrideNonce(12345); | 84 CUP().OverrideNonceForTesting(8, 12345); |
90 | 85 |
91 // Expect a pass for a well-formed etag. | 86 // Expect a pass for a well-formed etag. |
92 EXPECT_TRUE(CUP().ValidateResponse( | 87 EXPECT_TRUE(CUP().ValidateResponse( |
93 "Response_A", | 88 "Response_A", |
94 "3044" | 89 "3044" |
95 "02207fb15d24e66c168ac150458c7ae51f843c4858e27d41be3f9396d4919bbd5656" | 90 "02207fb15d24e66c168ac150458c7ae51f843c4858e27d41be3f9396d4919bbd5656" |
96 "02202291bae598e4a41118ea1df24ce8494d4055b2842dc046e0223f5e17e86bd10e" | 91 "02202291bae598e4a41118ea1df24ce8494d4055b2842dc046e0223f5e17e86bd10e" |
97 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); | 92 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); |
98 | 93 |
99 // Reject empty etags. | 94 // Reject empty etags. |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
231 "Response_A", | 226 "Response_A", |
232 "3044" | 227 "3044" |
233 "022000007f24e66c168ac150458c7ae51f843c4858e27d41be3f9396d4919bbd5656" | 228 "022000007f24e66c168ac150458c7ae51f843c4858e27d41be3f9396d4919bbd5656" |
234 "02202291bae598e4a41118ea1df24ce8494d4055b2842dc046e0223f5e17e86bd10e" | 229 "02202291bae598e4a41118ea1df24ce8494d4055b2842dc046e0223f5e17e86bd10e" |
235 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); | 230 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); |
236 } | 231 } |
237 | 232 |
238 TEST_F(CupEcdsaTest, ValidateResponse_TestSigning) { | 233 TEST_F(CupEcdsaTest, ValidateResponse_TestSigning) { |
239 std::string query_discard; | 234 std::string query_discard; |
240 CUP().SignRequest("Request_A", &query_discard); | 235 CUP().SignRequest("Request_A", &query_discard); |
241 OverrideNonce(12345); | 236 CUP().OverrideNonceForTesting(8, 12345); |
242 | 237 |
243 // How to generate an ECDSA signature: | 238 // How to generate an ECDSA signature: |
244 // echo -n Request_A | sha256sum | cut -d " " -f 1 > h | 239 // echo -n Request_A | sha256sum | cut -d " " -f 1 > h |
245 // echo -n Response_A | sha256sum | cut -d " " -f 1 >> h | 240 // echo -n Response_A | sha256sum | cut -d " " -f 1 >> h |
246 // cat h | xxd -r -p > hbin | 241 // cat h | xxd -r -p > hbin |
247 // echo -n 8:12345 >> hbin | 242 // echo -n 8:12345 >> hbin |
248 // sha256sum hbin | cut -d " " -f 1 | xxd -r -p > hbin2 | 243 // sha256sum hbin | cut -d " " -f 1 | xxd -r -p > hbin2 |
249 // openssl dgst -hex -sha256 -sign ecpriv.pem hbin2 | cut -d " " -f 2 > sig | 244 // openssl dgst -hex -sha256 -sign ecpriv.pem hbin2 | cut -d " " -f 2 > sig |
250 // echo -n :Request_A | sha256sum | cut -d " " -f 1 >> sig | 245 // echo -n :Request_A | sha256sum | cut -d " " -f 1 >> sig |
251 // cat sig | 246 // cat sig |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
290 // Failure case: Request/response are intact, but the signature is invalid | 285 // Failure case: Request/response are intact, but the signature is invalid |
291 // because it was signed against a different nonce (67890). | 286 // because it was signed against a different nonce (67890). |
292 EXPECT_FALSE(CUP().ValidateResponse( | 287 EXPECT_FALSE(CUP().ValidateResponse( |
293 "Response_A", | 288 "Response_A", |
294 "3046022100d3bbb1fb4451c8e04a07fe95404cc39121ed0e0bc084f87de19d52eee50a97" | 289 "3046022100d3bbb1fb4451c8e04a07fe95404cc39121ed0e0bc084f87de19d52eee50a97" |
295 "bf022100dd7d41d467be2af98d9116b0c7ba09740d54578c02a02f74da5f089834be3403" | 290 "bf022100dd7d41d467be2af98d9116b0c7ba09740d54578c02a02f74da5f089834be3403" |
296 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); | 291 ":2727bc2b3c33feb6800a830f4055901dd87d65a84184c5fbeb3f816db0a243f5")); |
297 } | 292 } |
298 | 293 |
299 } // namespace client_update_protocol | 294 } // namespace client_update_protocol |
OLD | NEW |