net/cert/ct_log_response_parser_unittest.cc - Issue 230713002: Certificate Transparency: Parse Signed Tree Heads and validate them

Side by Side Diff: net/cert/ct_log_response_parser_unittest.cc

Issue 230713002: Certificate Transparency: Parse Signed Tree Heads and validate them (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Merging with master Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "net/cert/ct_log_response_parser.h"

	6

	7 #include <string>

	8

	9 #include "base/base64.h"

	10 #include "base/strings/stringprintf.h"

	11 #include "base/time/time.h"

	12 #include "net/cert/ct_serialization.h"

	13 #include "net/cert/signed_tree_head.h"

	14 #include "testing/gtest/include/gtest/gtest.h"

	15

	16 namespace net {

	17

	18 namespace ct {

	19

	20 std::string CreateSignedTreeHeadJsonString(std::string sha256_root_hash,

	21 std::string tree_head_signature) {

	22 std::string sth_json = "{\"tree_size\":2903698,\"timestamp\":1395761621447";

	23

	24 if (!sha256_root_hash.empty()) {

	25 sth_json += base::StringPrintf(",\"sha256_root_hash\":\"%s\"",

	26 sha256_root_hash.c_str());

	27 }

	28 if (!tree_head_signature.empty()) {

	29 sth_json += base::StringPrintf(",\"tree_head_signature\":\"%s\"",

	30 tree_head_signature.c_str());

	31 }

	32

	33 sth_json += "}";

	34 return sth_json;

	35 }

	36

	37 const char kSHA256RootHash[] = "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoAo=";

	38

	39 const char kTreeHeadSignature[] =

	40 "BAMARzBFAiAB+IIYrkRsZDW0/6TzPgR+aJ26twCQ1JDTwq/"

	41 "mpinCjAIhAKDXdXMtqbvQ42r9dBIwV5RM/KpEzNQdIhXHesd9HPv3";

	42

	43 class CTLogResponseParserTest : public ::testing::Test {

	44 public:

	45 CTLogResponseParserTest() {}

	46 };
	Ryan Sleevi 2014/05/08 01:11:54 You don't actually need a fixture here, since ther You don't actually need a fixture here, since there is no friending going on AFAICT. You can just write them as TEST(CTLogResponseParserTest, ...) and drop 43-46 entirely. Eran Messeri 2014/05/12 20:33:55 Done. Show quoted text On 2014/05/08 01:11:54, Ryan Sleevi wrote: > You don't actually need a fixture here, since there is no friending going on > AFAICT. > > You can just write them as > > TEST(CTLogResponseParserTest, ...) and drop 43-46 entirely. Done.
	47

	48 TEST_F(CTLogResponseParserTest, ParsesValidJsonSTH) {

	49 std::string sample_sth =

	50 CreateSignedTreeHeadJsonString(kSHA256RootHash, kTreeHeadSignature);

	51 SignedTreeHead tree_head;

	52 EXPECT_TRUE(FillSignedTreeHead(sample_sth, &tree_head));

	53

	54 base::Time expected_timestamp =

	55 base::Time::UnixEpoch() +

	56 base::TimeDelta::FromMilliseconds(1395761621447);

	57

	58 ASSERT_EQ(SignedTreeHead::V1, tree_head.version);

	59 ASSERT_EQ(expected_timestamp, tree_head.timestamp);

	60 ASSERT_EQ(2903698u, tree_head.tree_size);

	61

	62 // Copy the field from the SignedTreeHead because it's not null terminated

	63 // there and ASSERT_STREQ expects null-terminated strings.

	64 char actual_hash[kSthRootHashLength + 1];

	65 memcpy(actual_hash, tree_head.sha256_root_hash, kSthRootHashLength);

	66 actual_hash[kSthRootHashLength] = '\0';

	67 std::string expected_sha256_root_hash;

	68 base::Base64Decode(kSHA256RootHash, &expected_sha256_root_hash);

	69 ASSERT_STREQ(expected_sha256_root_hash.c_str(), actual_hash);

	70

	71 std::string tree_head_signature;

	72 base::Base64Decode(kTreeHeadSignature, &tree_head_signature);

	73 base::StringPiece sp(tree_head_signature);

	74 DigitallySigned expected_signature;

	75 ASSERT_TRUE(DecodeDigitallySigned(&sp, &expected_signature));

	76

	77 ASSERT_EQ(tree_head.signature.hash_algorithm,

	78 expected_signature.hash_algorithm);

	79 ASSERT_EQ(tree_head.signature.signature_algorithm,

	80 expected_signature.signature_algorithm);

	81 ASSERT_EQ(tree_head.signature.signature_data,

	82 expected_signature.signature_data);

	83 }

	84

	85 TEST_F(CTLogResponseParserTest, FailsToParseMissingFields) {

	86 std::string missing_signature_sth =

	87 CreateSignedTreeHeadJsonString(kSHA256RootHash, "");

	88

	89 SignedTreeHead tree_head;

	90 ASSERT_FALSE(FillSignedTreeHead(missing_signature_sth, &tree_head));

	91

	92 std::string missing_root_hash_sth =

	93 CreateSignedTreeHeadJsonString("", kTreeHeadSignature);

	94 ASSERT_FALSE(FillSignedTreeHead(missing_root_hash_sth, &tree_head));

	95 }

	96

	97 TEST_F(CTLogResponseParserTest, FailsToParseIncorrectLengthRootHash) {

	98 SignedTreeHead tree_head;

	99

	100 std::string too_long_hash = CreateSignedTreeHeadJsonString(

	101 kSHA256RootHash, "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoArK\n");

	102 ASSERT_FALSE(FillSignedTreeHead(too_long_hash, &tree_head));

	103

	104 std::string too_short_hash = CreateSignedTreeHeadJsonString(

	105 kSHA256RootHash, "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoA==\n");

	106 ASSERT_FALSE(FillSignedTreeHead(too_short_hash, &tree_head));

	107 }

	108

	109 } // namespace ct

	110

	111 } // namespace net

OLD	NEW

« net/cert/ct_log_response_parser.cc ('K') | « net/cert/ct_log_response_parser.cc ('k') | net/cert/ct_log_verifier.h » ('j') | net/cert/signed_certificate_timestamp.h » ('J')