Certificate Transparency: Parse Signed Tree Heads and validate them

net/cert/ct_log_response_parser_unittest.cc

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/ct_log_response_parser.h"
+
+#include <string>
+
+#include "base/base64.h"
+#include "base/strings/stringprintf.h"
+#include "base/time/time.h"
+#include "net/cert/ct_serialization.h"
+#include "net/cert/signed_tree_head.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace net {
+
+namespace ct {
+
+// Basic fields, sha256_root_hash, tree_head_signature.
+const char kSTHFormatString[] = "{%s\"%s\",\"tree_head_signature\":\"%s\"}";
+const char kBasicSTHFields[] =
+    "\"tree_size\":2903698,\"timestamp\":1395761621447,\"sha256_root_hash\":";

[Ryan Sleevi, 2014/04/25 23:33:19]

Rather than wrap format strings in constants, create a helper function to create
dummy STHs for you. That way, you can be assured that any changes to the format
string (which would be a function-local constant) are kept in sync with the
argument calls.

[Eran Messeri, 2014/04/29 15:22:24]

Done - it does read much better, the way I originally did it was rather messy.

+
+const char kSHA256RootHash[] = "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoAo=";
+
+const char kTreeHeadSignature[] =
+    "BAMARzBFAiAB+IIYrkRsZDW0/6TzPgR+aJ26twCQ1JDTwq/"
+    "mpinCjAIhAKDXdXMtqbvQ42r9dBIwV5RM/KpEzNQdIhXHesd9HPv3";
+
+class CTLogResponseParserTest : public ::testing::Test {
+ public:
+  CTLogResponseParserTest() {}
+
+  virtual void SetUp() OVERRIDE {
+    sample_sth_ = base::StringPrintf(
+        kSTHFormatString, kBasicSTHFields, kSHA256RootHash, kTreeHeadSignature);
+    base::Base64Decode(kSHA256RootHash, &expected_sha256_root_hash_);
+
+    std::string tree_head_signature;
+    base::Base64Decode(kTreeHeadSignature, &tree_head_signature);
+    base::StringPiece sp(tree_head_signature);
+    ASSERT_TRUE(DecodeDigitallySigned(&sp, &expected_signature_));

[Ryan Sleevi, 2014/04/25 23:33:19]

Why do you do these in a SetUp, instead of just initializing the variables you
want?

Namely, this implies a tighter coupling to the behaviour of these functions
(base64decode, decodedigitallysigned) than is necessary for your test. Is it
just a convenience thing?

[Eran Messeri, 2014/04/29 15:22:24]

Done - moved to the test, this is indeed was not necessary in the setUp, only
for a specific test.

And yes, the use of base64decode is for convenience - I could write down the
equivalent of the base64-encoded root hash and tree head signature in arrays,
but if anything, I think it'll reduce the readability of the test.

+  }
+
+ protected:
+  std::string sample_sth_;
+  std::string expected_sha256_root_hash_;
+  DigitallySigned expected_signature_;
+};
+
+TEST_F(CTLogResponseParserTest, ParsesValidJsonSTH) {
+  SignedTreeHead tree_head;
+  EXPECT_TRUE(FillSignedTreeHead(sample_sth_, &tree_head));
+
+  base::Time expected_timestamp =
+      base::Time::UnixEpoch() +
+      base::TimeDelta::FromMilliseconds(1395761621447);
+
+  ASSERT_EQ(SignedTreeHead::V1, tree_head.version);
+  ASSERT_EQ(expected_timestamp, tree_head.timestamp);
+  ASSERT_EQ(2903698u, tree_head.tree_size);
+
+  // Copy the field from the SignedTreeHead because it's not null terminated
+  // there and ASSERT_STREQ expects null-terminated strings.
+  char actual_hash[kSthRootHashLength + 1];
+  memcpy(actual_hash, tree_head.sha256_root_hash, kSthRootHashLength);
+  actual_hash[kSthRootHashLength] = '\0';
+  ASSERT_STREQ(expected_sha256_root_hash_.c_str(), actual_hash);
+  ASSERT_EQ(tree_head.signature.hash_algorithm,
+            expected_signature_.hash_algorithm);
+  ASSERT_EQ(tree_head.signature.signature_algorithm,
+            expected_signature_.signature_algorithm);
+  ASSERT_EQ(tree_head.signature.signature_data,
+            expected_signature_.signature_data);
+}
+
+TEST_F(CTLogResponseParserTest, FailsToParseMissingFields) {
+  std::string missing_fields_sth =
+      base::StringPrintf("{%s\"%s\"}", kBasicSTHFields, kSHA256RootHash);
+
+  SignedTreeHead tree_head;
+  ASSERT_FALSE(FillSignedTreeHead(missing_fields_sth, &tree_head));
+}
+
+TEST_F(CTLogResponseParserTest, FailsToParseIncorrectLengthRootHash) {
+  SignedTreeHead tree_head;
+
+  std::string too_long_hash =
+      base::StringPrintf(kSTHFormatString,
+                         kBasicSTHFields,
+                         kSHA256RootHash,
+                         "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoArK\n");
+  ASSERT_FALSE(FillSignedTreeHead(too_long_hash, &tree_head));
+
+  std::string too_short_hash =
+      base::StringPrintf(kSTHFormatString,
+                         kBasicSTHFields,
+                         kSHA256RootHash,
+                         "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoA==\n");
+  ASSERT_FALSE(FillSignedTreeHead(too_short_hash, &tree_head));
+}
+
+}  // namespace ct
+
+}  // namespace net