Adds a function for encoding a Merkle tree leaf in TLS wire format.

net/test/ct_test_util.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/test/ct_test_util.h"
 
 #include <stdint.h>
 #include <string.h>
 #include <vector>
 
 #include "base/base64.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "net/cert/ct_serialization.h"
 #include "net/cert/ct_verify_result.h"
+#include "net/cert/merkle_tree_leaf.h"
 #include "net/cert/signed_tree_head.h"
 #include "net/cert/x509_certificate.h"
 
 namespace net {
 
 namespace ct {
 
 namespace {
 
 std::string HexToBytes(const char* hex_data) {
@@ skipping 43 matching lines @@
     "beef98e7c26877ae385f75325a0c1d329bedf18faaf4d796bf047eb7e1ce15c95ba2f80ee4"
     "58bd7db86f8a4b252191a79bd700c38e9c0389b45cd4dc9a120ab21e0cb41cd0e72805a410"
     "cd9c5bdb5d4927726daf1710f60187377ea25b1a1e39eed0b88119dc154dc68f7da8e30caf"
     "158a33e6c9509f4a05b01409ff5dd87eb50203010001a381ac3081a9301d0603551d0e0416"
     "04142031541af25c05ffd8658b6843794f5e9036f7b4307d0603551d230476307480145f9d"
     "880dc873e654d4f80dd8e6b0c124b447c355a159a4573055310b3009060355040613024742"
     "31243022060355040a131b4365727469666963617465205472616e73706172656e63792043"
     "41310e300c0603550408130557616c65733110300e060355040713074572772057656e8201"
     "0030090603551d1304023000";
 
+const char kDefaultExtensions[] = "666f6f626172"; // "foobar"
+
 const char kTestDigitallySigned[] =
     "0403004730450220606e10ae5c2d5a1b0aed49dc4937f48de71a4e9784e9c208dfbfe9ef53"
     "6cf7f2022100beb29c72d7d06d61d06bdb38a069469aa86fe12e18bb7cc45689a2c0187ef5"
     "a5";
 
 const char kTestSignedCertificateTimestamp[] =
     "00df1c2ec11500945247a96168325ddc5c7959e8f7c6d388fc002e0bbd3f74d7640000013d"
     "db27ded900000403004730450220606e10ae5c2d5a1b0aed49dc4937f48de71a4e9784e9c2"
     "08dfbfe9ef536cf7f2022100beb29c72d7d06d61d06bdb38a069469aa86fe12e18bb7cc456"
     "89a2c0187ef5a5";
 
 const char kEcP256PublicKey[] =
     "3059301306072a8648ce3d020106082a8648ce3d0301070342000499783cb14533c0161a5a"
     "b45bf95d08a29cd0ea8dd4c84274e2be59ad15c676960cf0afa1074a57ac644b23479e5b3f"
     "b7b245eb4b420ef370210371a944beaceb";
 
 const char kTestKeyId[] =
     "df1c2ec11500945247a96168325ddc5c7959e8f7c6d388fc002e0bbd3f74d764";
 
+const int64_t kTestTimestamp = INT64_C(1396877277237);
+
 const char kTestSCTSignatureData[] =
     "30450220606e10ae5c2d5a1b0aed49dc4937f48de71a4e9784e9c208dfbfe9ef536cf7f202"
     "2100beb29c72d7d06d61d06bdb38a069469aa86fe12e18bb7cc45689a2c0187ef5a5";
 
 const char kTestSCTPrecertSignatureData[] =
     "30450220482f6751af35dba65436be1fd6640f3dbf9a41429495924530288fa3e5e23e0602"
     "2100e4edc0db3ac572b1e2f5e8ab6a680653987dcf41027dfeffa105519d89edbf08";
 
 // A well-formed OCSP response with fake SCT contents. Does not come from
 // http://code.google.com/p/certificate-transparency, does not pertain to any
@@ skipping 38 matching lines @@
     "a87f133d2f378eeeeed52a77e44d0fc9ff6f07ff32cbf3da999de4ed65832afcb0807f9878"
     "7506539d258a0ce3c2c77967653099a9034a9b115a876c39a8c4e4ed4acd0c64095946fb39"
     "eeeb47a0704dbb018acf48c3a1c4b895fc409fb4a340a986b1afc45519ab9eca47c30185c7"
     "71c64aa5ecf07d020103a333303130120603551d130101ff040830060101ff020100301b06"
     "03551d200101000411300f300d060b2b06010401d6790201ce0f300d06092a864886f70d01"
     "01050500038181003f4936f8d00e83fbdde331f2c64335dcf7dec8b1a2597683edeed61af0"
     "fa862412fad848938fe7ab77f1f9a43671ff6fdb729386e26f49e7aca0c0ea216e5970d933"
     "3ea1e11df2ccb357a5fed5220f9c6239e8946b9b7517707631d51ab996833d58a022cff5a6"
     "2169ac9258ec110efee78da9ab4a641e3b3c9ee5e8bd291460";
 
-
 const char kFakeOCSPExtensionValue[] = "74657374";  // "test"
 
 // For the sample STH
 const char kSampleSTHSHA256RootHash[] =
     "726467216167397babca293dca398e4ce6b621b18b9bc42f30c900d1f92ac1e4";
 const char kSampleSTHTreeHeadSignature[] =
     "0403004730450220365a91a2a88f2b9332f41d8959fa7086da7e6d634b7b089bc9da066426"
     "6c7a20022100e38464f3c0fd066257b982074f7ac87655e0c8f714768a050b4be9a7b441cb"
     "d3";
 size_t kSampleSTHTreeSize = 21u;
-int64_t kSampleSTHTimestamp = INT64_C(1396877277237);
 
 }  // namespace
 
 void GetX509CertLogEntry(LogEntry* entry) {
   entry->type = ct::LogEntry::LOG_ENTRY_TYPE_X509;
   entry->leaf_certificate = HexToBytes(kDefaultDerCert);
 }
 
+void GetX509CertTreeLeaf(MerkleTreeLeaf* tree_leaf) {
+  tree_leaf->log_id = HexToBytes(kTestKeyId);
+  tree_leaf->timestamp = base::Time::FromJsTime(kTestTimestamp);
+  GetX509CertLogEntry(&tree_leaf->log_entry);
+  tree_leaf->extensions = HexToBytes(kDefaultExtensions);
+}
+
 std::string GetDerEncodedX509Cert() { return HexToBytes(kDefaultDerCert); }
 
 void GetPrecertLogEntry(LogEntry* entry) {
   entry->type = ct::LogEntry::LOG_ENTRY_TYPE_PRECERT;
   std::string issuer_hash(HexToBytes(kDefaultIssuerKeyHash));
   memcpy(entry->issuer_key_hash.data, issuer_hash.data(), issuer_hash.size());
   entry->tbs_certificate = HexToBytes(kDefaultDerTbsCert);
 }
 
+void GetPrecertTreeLeaf(MerkleTreeLeaf* tree_leaf) {
+  tree_leaf->log_id = HexToBytes(kTestKeyId);
+  tree_leaf->timestamp = base::Time::FromJsTime(kTestTimestamp);
+  GetPrecertLogEntry(&tree_leaf->log_entry);
+  tree_leaf->extensions = HexToBytes(kDefaultExtensions);
+}
+
 std::string GetTestDigitallySigned() {
   return HexToBytes(kTestDigitallySigned);
 }
 
 std::string GetTestSignedCertificateTimestamp() {
   return HexToBytes(kTestSignedCertificateTimestamp);
 }
 
 std::string GetTestPublicKey() {
   return HexToBytes(kEcP256PublicKey);
@@ skipping 54 matching lines @@
 }
 
 std::string GetDerEncodedFakeOCSPResponseIssuerCert() {
   return HexToBytes(kFakeOCSPResponseIssuerCert);
 }
 
 // A sample, valid STH
 bool GetSampleSignedTreeHead(SignedTreeHead* sth) {
   sth->version = SignedTreeHead::V1;
   sth->timestamp = base::Time::UnixEpoch() +
-                   base::TimeDelta::FromMilliseconds(kSampleSTHTimestamp);
+                   base::TimeDelta::FromMilliseconds(kTestTimestamp);
   sth->tree_size = kSampleSTHTreeSize;
   std::string sha256_root_hash = GetSampleSTHSHA256RootHash();
   memcpy(sth->sha256_root_hash, sha256_root_hash.c_str(), kSthRootHashLength);
 
   return GetSampleSTHTreeHeadDecodedSignature(&(sth->signature));
 }
 
 bool GetSampleEmptySignedTreeHead(SignedTreeHead* sth) {
   sth->version = SignedTreeHead::V1;
   sth->timestamp = base::Time::UnixEpoch() +
@@ skipping 34 matching lines @@
   return HexToBytes(kSampleSTHTreeHeadSignature);
 }
 
 bool GetSampleSTHTreeHeadDecodedSignature(DigitallySigned* signature) {
   std::string tree_head_signature = HexToBytes(kSampleSTHTreeHeadSignature);
   base::StringPiece sp(tree_head_signature);
   return DecodeDigitallySigned(&sp, signature) && sp.empty();
 }
 
 std::string GetSampleSTHAsJson() {
-  return CreateSignedTreeHeadJsonString(kSampleSTHTreeSize, kSampleSTHTimestamp,
+  return CreateSignedTreeHeadJsonString(kSampleSTHTreeSize, kTestTimestamp,
                                         GetSampleSTHSHA256RootHash(),
                                         GetSampleSTHTreeHeadSignature());
 }
 
 std::string CreateSignedTreeHeadJsonString(size_t tree_size,
                                            int64_t timestamp,
                                            std::string sha256_root_hash,
                                            std::string tree_head_signature) {
   std::string sth_json =
       std::string("{\"tree_size\":") + base::SizeTToString(tree_size) +
@@ skipping 61 matching lines @@
 
 bool CheckForSCTOrigin(const ct::CTVerifyResult& result,
                        ct::SignedCertificateTimestamp::Origin origin) {
   return (result.verified_scts.size() > 0) &&
          (result.verified_scts[0]->origin == origin);
 }
 
 }  // namespace ct
 
 }  // namespace net