Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(481)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_log_verifier_unittest.cc

Issue 2108833005: Adds domain names for all qualified CT logs (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Slightly more documentation about DNS endpoints for logs Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/ct_log_verifier.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_log_verifier.h" 5 #include "net/cert/ct_log_verifier.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include <memory> 9 #include <memory>
10 #include <string> 10 #include <string>
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after
133 new_tree_size), 133 new_tree_size),
134 old_tree_root, new_tree_root); 134 old_tree_root, new_tree_root);
135 } 135 }
136 136
137 class CTLogVerifierTest : public ::testing::Test { 137 class CTLogVerifierTest : public ::testing::Test {
138 public: 138 public:
139 CTLogVerifierTest() {} 139 CTLogVerifierTest() {}
140 140
141 void SetUp() override { 141 void SetUp() override {
142 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog", 142 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog",
143 "https://ct.example.com"); 143 "https://ct.example.com", "ct.example.com");
144 144
145 ASSERT_TRUE(log_); 145 ASSERT_TRUE(log_);
146 ASSERT_EQ(log_->key_id(), ct::GetTestPublicKeyId()); 146 ASSERT_EQ(ct::GetTestPublicKeyId(), log_->key_id());
147 ASSERT_EQ("ct.example.com", log_->dns_domain());
147 } 148 }
148 149
149 // Given a consistency proof between two snapshots of the tree, asserts that 150 // Given a consistency proof between two snapshots of the tree, asserts that
150 // it verifies and no other combination of snapshots and proof nodes verifies. 151 // it verifies and no other combination of snapshots and proof nodes verifies.
151 void VerifierConsistencyCheck(int snapshot1, 152 void VerifierConsistencyCheck(int snapshot1,
152 int snapshot2, 153 int snapshot2,
153 const std::string& root1, 154 const std::string& root1,
154 const std::string& root2, 155 const std::string& root2,
155 const std::vector<std::string>& proof) { 156 const std::vector<std::string>& proof) {
156 // Verify the original consistency proof. 157 // Verify the original consistency proof.
(...skipping 153 matching lines...) Expand 10 before | Expand all | Expand 10 after
310 ct::SignedTreeHead sth; 311 ct::SignedTreeHead sth;
311 ASSERT_TRUE(ct::GetBadEmptySignedTreeHead(&sth)); 312 ASSERT_TRUE(ct::GetBadEmptySignedTreeHead(&sth));
312 EXPECT_FALSE(log_->VerifySignedTreeHead(sth)); 313 EXPECT_FALSE(log_->VerifySignedTreeHead(sth));
313 } 314 }
314 315
315 // Test that excess data after the public key is rejected. 316 // Test that excess data after the public key is rejected.
316 TEST_F(CTLogVerifierTest, ExcessDataInPublicKey) { 317 TEST_F(CTLogVerifierTest, ExcessDataInPublicKey) {
317 std::string key = ct::GetTestPublicKey(); 318 std::string key = ct::GetTestPublicKey();
318 key += "extra"; 319 key += "extra";
319 320
320 scoped_refptr<const CTLogVerifier> log = 321 scoped_refptr<const CTLogVerifier> log = CTLogVerifier::Create(
321 CTLogVerifier::Create(key, "testlog", "https://ct.example.com"); 322 key, "testlog", "https://ct.example.com", "ct.example.com");
322 EXPECT_FALSE(log); 323 EXPECT_FALSE(log);
323 } 324 }
324 325
325 TEST_F(CTLogVerifierTest, VerifiesConsistencyProofEdgeCases_EmptyProof) { 326 TEST_F(CTLogVerifierTest, VerifiesConsistencyProofEdgeCases_EmptyProof) {
326 std::vector<std::string> empty_proof; 327 std::vector<std::string> empty_proof;
327 std::string root1(GetEmptyTreeHash()), root2(GetEmptyTreeHash()); 328 std::string root1(GetEmptyTreeHash()), root2(GetEmptyTreeHash());
328 329
329 // Snapshots that are always consistent, because they are either 330 // Snapshots that are always consistent, because they are either
330 // from an empty tree to a non-empty one or for trees of the same 331 // from an empty tree to a non-empty one or for trees of the same
331 // size. 332 // size.
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after
509 ReferenceSnapshotConsistency(data.data(), tree_size, snapshot, true); 510 ReferenceSnapshotConsistency(data.data(), tree_size, snapshot, true);
510 root1 = ReferenceMerkleTreeHash(data.data(), snapshot); 511 root1 = ReferenceMerkleTreeHash(data.data(), snapshot);
511 VerifierConsistencyCheck(snapshot, tree_size, root1, root2, proof); 512 VerifierConsistencyCheck(snapshot, tree_size, root1, root2, proof);
512 } 513 }
513 } 514 }
514 } 515 }
515 516
516 } // namespace 517 } // namespace
517 518
518 } // namespace net 519 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/ct_log_verifier.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698