Certificate Transparency: Notify STH Observers of known STHs

net/cert/sth_distributor_unittest.cc

Index: net/cert/sth_distributor_unittest.cc
diff --git a/net/cert/sth_distributor_unittest.cc b/net/cert/sth_distributor_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..18db41336a1463d0bbda40a511fd2b68fe57512c
--- /dev/null
+++ b/net/cert/sth_distributor_unittest.cc
@@ -0,0 +1,91 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/sth_distributor.h"
+
+#include <map>
+#include <string>
+
+#include "base/test/histogram_tester.h"
+#include "crypto/sha2.h"
+#include "net/cert/signed_tree_head.h"
+#include "net/cert/sth_observer.h"
+#include "net/test/ct_test_util.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace net {
+
+namespace ct {
+
+// An STHObserver implementation that simply stores all
+// observed STHs, keyed by log ID.
+class StoringSTHObserver : public net::ct::STHObserver {

[Ryan Sleevi, 2016/05/16 19:19:02]

These helper classes should be in an unnamed namespace to avoid ODR violations
(Tests don't, but helpers should be)

[Eran Messeri, 2016/05/17 09:51:03]

Done. As you referred to multiple helper classes, I assume you refer to
STHDistributorTest as well - I've put everything in an unnamed namespace, as
that seems what some of the other tests are doing.

[Ryan Sleevi, 2016/05/17 16:52:51]

Right, both this and the STHDistributorTest. The individual TEST_F (line 46 on)
don't need to be.

+ public:
+  void NewSTHObserved(const net::ct::SignedTreeHead& sth) override {
+    sths[sth.log_id] = sth;
+  }
+
+  std::map<std::string, net::ct::SignedTreeHead> sths;

[Ryan Sleevi, 2016/05/16 19:19:02]

You're in net::ct:: - remove all the net::ct:: here

[Eran Messeri, 2016/05/17 09:51:03]

Done.

+};
+
+class STHDistributorTest : public ::testing::Test {
+ public:
+  STHDistributorTest() {}
+
+  void SetUp() override {
+    ASSERT_TRUE(GetSampleSignedTreeHead(&sample_sth_));
+    sample_sth_.log_id = GetTestPublicKeyId();
+  }
+
+ protected:
+  STHDistributor distributor_;
+  SignedTreeHead sample_sth_;
+};
+
+TEST_F(STHDistributorTest, NotifiesOfExistingSTHs) {
+  const std::string other_log = "another log";
+  SignedTreeHead second_sth(sample_sth_);
+  second_sth.log_id = other_log;
+
+  distributor_.NewSTHObserved(sample_sth_);
+  distributor_.NewSTHObserved(second_sth);
+
+  StoringSTHObserver observer;
+  distributor_.RegisterObserver(&observer);
+
+  // Check that two STHs from different logs received prior to observer
+  // registration were reported to the observer once registered.
+  EXPECT_EQ(2u, observer.sths.size());
+  EXPECT_EQ(1u, observer.sths.count(other_log));
+}
+
+TEST_F(STHDistributorTest, LogsUMAForPilotSTH) {
+  const char kPilotSTHAgeHistogram[] =
+      "Net.CertificateTransparency.PilotSTHAge";
+  base::HistogramTester histograms;
+  histograms.ExpectTotalCount(kPilotSTHAgeHistogram, 0);
+
+  const char kPilotLogID[33] =
+      "\xa4\xb9\x09\x90\xb4\x18\x58\x14\x87\xbb\x13\xa2\xcc\x67\x70\x0a\x3c\x35"
+      "\x98\x04\xf9\x1b\xdf\xb8\xe3\x77\xcd\x0e\xc8\x0d\xdc\x10";

[Ryan Sleevi, 2016/05/16 19:19:01]

uint8_t for the new code?

[Eran Messeri, 2016/05/17 09:51:03]

Done.

+  sample_sth_.log_id = std::string(kPilotLogID, crypto::kSHA256Length);
+
+  distributor_.NewSTHObserved(sample_sth_);
+  histograms.ExpectTotalCount(kPilotSTHAgeHistogram, 1);
+}
+
+TEST_F(STHDistributorTest, UpdatesObservedSTHData) {
+  distributor_.NewSTHObserved(sample_sth_);
+  sample_sth_.tree_size = 23u;
+  distributor_.NewSTHObserved(sample_sth_);
+
+  StoringSTHObserver observer;
+  distributor_.RegisterObserver(&observer);
+  EXPECT_EQ(1u, observer.sths.size());
+  EXPECT_EQ(23u, observer.sths[GetTestPublicKeyId()].tree_size);
+}
+
+}  // namespace ct
+
+}  // namespace net