Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(841)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/certificate_transparency/single_tree_tracker_unittest.cc

Issue 1845113003: Certificate Transparency: Start tracking logs' state (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed passing of scoped_refptr Created 4 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/certificate_transparency/single_tree_tracker.h ('K') | « components/certificate_transparency/single_tree_tracker.cc ('k') | components/certificate_transparency/tree_state_tracker.h » ('j') | components/certificate_transparency/tree_state_tracker.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/certificate_transparency/single_tree_tracker.h"
6
7 #include <string>
8 #include <utility>
9
10 #include "base/strings/string_number_conversions.h"
11 #include "base/strings/string_piece.h"
12 #include "net/cert/ct_log_verifier.h"
13 #include "net/cert/ct_serialization.h"
14 #include "net/cert/signed_certificate_timestamp.h"
15 #include "net/cert/signed_tree_head.h"
16 #include "net/cert/x509_certificate.h"
17 #include "net/test/ct_test_util.h"
18 #include "testing/gtest/include/gtest/gtest.h"
19
20 namespace certificate_transparency {
21
22 namespace {
23
24 const char kOldSTHSignatureData[] =
25 "0403004730450220157b2342a25f88c90b30a6b44950b3abf525fe27f03f9abfc1165a7ac"
26 "0622bbb022100e657a3fefc5a829b2946151dbcfd9e877fd0005d624f9a1a9f2079d0c134"
27 "2e08";
28
29 const size_t kOldSTHTreeSize = 12u;
30 const int64_t kOldSTHTimestamp = INT64_C(1348589665525);
31
32 const char kOldSTHRootHash[] =
33 "18041bd4665083001fba8c5411d2d748e8abbfdcdfd9218cb02b68a78e7d4c23";
34
35 bool GetOldSignedTreeHead(net::ct::SignedTreeHead* sth) {
36 sth->version = net::ct::SignedTreeHead::V1;
37 sth->timestamp = base::Time::UnixEpoch() +
38 base::TimeDelta::FromMilliseconds(kOldSTHTimestamp);
39 sth->tree_size = kOldSTHTreeSize;
40
41 std::vector<uint8_t> hex_output;
42 if (!base::HexStringToBytes(kOldSTHRootHash, &hex_output))
43 return false;
44
45 const std::string sha256_root_hash(hex_output.begin(), hex_output.end());
46 memcpy(sth->sha256_root_hash, sha256_root_hash.c_str(),
47 net::ct::kSthRootHashLength);
48 sth->log_id = net::ct::GetTestPublicKeyId();
49
50 hex_output.clear();
51 if (!base::HexStringToBytes(kOldSTHSignatureData, &hex_output))
52 return false;
53 const std::string tree_head_signature(hex_output.begin(), hex_output.end());
54 base::StringPiece sp(tree_head_signature);
55 return DecodeDigitallySigned(&sp, &(sth->signature)) && sp.empty();
56 }
57
58 } // namespace
59
60 class SingleTreeTrackerTest : public ::testing::Test {
61 void SetUp() override {
62 log_ = net::CTLogVerifier::Create(net::ct::GetTestPublicKey(), "testlog",
63 "https://ct.example.com");
64
65 ASSERT_TRUE(log_);
66 ASSERT_EQ(log_->key_id(), net::ct::GetTestPublicKeyId());
67
68 tree_tracker_.reset(new SingleTreeTracker(log_));
69 const std::string der_test_cert(net::ct::GetDerEncodedX509Cert());
70 chain_ = net::X509Certificate::CreateFromBytes(der_test_cert.data(),
71 der_test_cert.length());
72 ASSERT_TRUE(chain_.get());
73 net::ct::GetX509CertSCT(&cert_sct_);
74 }
75
76 protected:
77 scoped_refptr<const net::CTLogVerifier> log_;
78 std::unique_ptr<SingleTreeTracker> tree_tracker_;
79 scoped_refptr<net::X509Certificate> chain_;
80 scoped_refptr<net::ct::SignedCertificateTimestamp> cert_sct_;
81 };
82
83 TEST_F(SingleTreeTrackerTest, TestCorrectlyClassifiesUnobservedSCTNoSTH) {
84 EXPECT_EQ(
85 SingleTreeTracker::SCT_NOT_OBSERVED,
86 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
87 tree_tracker_->OnSCTVerified(chain_.get(), cert_sct_.get());
88
89 EXPECT_EQ(
90 SingleTreeTracker::SCT_PENDING_NEWER_STH,
91 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
92 }
93
94 TEST_F(SingleTreeTrackerTest,
95 TestCorrectlyClassifiesUnobservedSCTWithRecentSTH) {
96 net::ct::SignedTreeHead sth;
97 net::ct::GetSampleSignedTreeHead(&sth);
98 tree_tracker_->NewSTHObserved(sth);
99
100 EXPECT_EQ(
101 SingleTreeTracker::SCT_NOT_OBSERVED,
102 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
103
104 tree_tracker_->OnSCTVerified(chain_.get(), cert_sct_.get());
105
106 EXPECT_EQ(
107 SingleTreeTracker::SCT_PENDING_INCLUSION_CHECK,
108 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
109 }
110
111 TEST_F(SingleTreeTrackerTest, TestCorrectlyUpdatesSCTStatusOnNewSTH) {
112 tree_tracker_->OnSCTVerified(chain_.get(), cert_sct_.get());
113 EXPECT_EQ(
114 SingleTreeTracker::SCT_PENDING_NEWER_STH,
115 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
116
117 net::ct::SignedTreeHead sth;
118 net::ct::GetSampleSignedTreeHead(&sth);
119 tree_tracker_->NewSTHObserved(sth);
120 EXPECT_EQ(
121 SingleTreeTracker::SCT_PENDING_INCLUSION_CHECK,
122 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
123 }
124
125 TEST_F(SingleTreeTrackerTest, TestDoesNotUpdatesSCTStatusOnOldSTH) {
126 tree_tracker_->OnSCTVerified(chain_.get(), cert_sct_.get());
127 EXPECT_EQ(
128 SingleTreeTracker::SCT_PENDING_NEWER_STH,
129 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
130
131 net::ct::SignedTreeHead sth;
132 GetOldSignedTreeHead(&sth);
133 tree_tracker_->NewSTHObserved(sth);
134 EXPECT_EQ(
135 SingleTreeTracker::SCT_PENDING_NEWER_STH,
136 tree_tracker_->GetLogEntryInclusionStatus(chain_.get(), cert_sct_.get()));
137 }
138
139 } // namespace certificate_transparency
OLDNEW
« components/certificate_transparency/single_tree_tracker.h ('K') | « components/certificate_transparency/single_tree_tracker.cc ('k') | components/certificate_transparency/tree_state_tracker.h » ('j') | components/certificate_transparency/tree_state_tracker.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698