Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(303)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/ct_log_response_parser_unittest.cc

Issue 230713002: Certificate Transparency: Parse Signed Tree Heads and validate them (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressing more of Ryan's comments Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/ct_log_response_parser.cc ('k') | net/cert/ct_log_verifier.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/ct_log_response_parser_unittest.cc
diff --git a/net/cert/ct_log_response_parser_unittest.cc b/net/cert/ct_log_response_parser_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..7d6140a60e98652331f13404c07d0c12af3213f7
--- /dev/null
+++ b/net/cert/ct_log_response_parser_unittest.cc
@@ -0,0 +1,106 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/cert/ct_log_response_parser.h"
+
+#include <string>
+
+#include "base/base64.h"
+#include "base/strings/stringprintf.h"
+#include "base/time/time.h"
+#include "net/cert/ct_serialization.h"
+#include "net/cert/signed_tree_head.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+namespace net {
+
+namespace ct {
+
+std::string CreateSignedTreeHeadJsonString(std::string sha256_root_hash,
+ std::string tree_head_signature) {
+ std::string sth_json = "{\"tree_size\":2903698,\"timestamp\":1395761621447";
+
+ if (!sha256_root_hash.empty()) {
+ sth_json += base::StringPrintf(",\"sha256_root_hash\":\"%s\"",
+ sha256_root_hash.c_str());
+ }
+ if (!tree_head_signature.empty()) {
+ sth_json += base::StringPrintf(",\"tree_head_signature\":\"%s\"",
+ tree_head_signature.c_str());
+ }
+
+ sth_json += "}";
+ return sth_json;
+}
+
+const char kSHA256RootHash[] = "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoAo=";
+
+const char kTreeHeadSignature[] =
+ "BAMARzBFAiAB+IIYrkRsZDW0/6TzPgR+aJ26twCQ1JDTwq/"
+ "mpinCjAIhAKDXdXMtqbvQ42r9dBIwV5RM/KpEzNQdIhXHesd9HPv3";
+
+TEST(CTLogResponseParserTest, ParsesValidJsonSTH) {
+ std::string sample_sth =
+ CreateSignedTreeHeadJsonString(kSHA256RootHash, kTreeHeadSignature);
+ SignedTreeHead tree_head;
+ EXPECT_TRUE(FillSignedTreeHead(sample_sth, &tree_head));
+
+ base::Time expected_timestamp =
+ base::Time::UnixEpoch() +
+ base::TimeDelta::FromMilliseconds(1395761621447);
+
+ ASSERT_EQ(SignedTreeHead::V1, tree_head.version);
+ ASSERT_EQ(expected_timestamp, tree_head.timestamp);
+ ASSERT_EQ(2903698u, tree_head.tree_size);
+
+ // Copy the field from the SignedTreeHead because it's not null terminated
+ // there and ASSERT_STREQ expects null-terminated strings.
+ char actual_hash[kSthRootHashLength + 1];
+ memcpy(actual_hash, tree_head.sha256_root_hash, kSthRootHashLength);
+ actual_hash[kSthRootHashLength] = '\0';
+ std::string expected_sha256_root_hash;
+ base::Base64Decode(kSHA256RootHash, &expected_sha256_root_hash);
+ ASSERT_STREQ(expected_sha256_root_hash.c_str(), actual_hash);
+
+ std::string tree_head_signature;
+ base::Base64Decode(kTreeHeadSignature, &tree_head_signature);
+ base::StringPiece sp(tree_head_signature);
+ DigitallySigned expected_signature;
+ ASSERT_TRUE(DecodeDigitallySigned(&sp, &expected_signature));
+
+ ASSERT_EQ(tree_head.signature.hash_algorithm,
+ expected_signature.hash_algorithm);
+ ASSERT_EQ(tree_head.signature.signature_algorithm,
+ expected_signature.signature_algorithm);
+ ASSERT_EQ(tree_head.signature.signature_data,
+ expected_signature.signature_data);
+}
+
+TEST(CTLogResponseParserTest, FailsToParseMissingFields) {
+ std::string missing_signature_sth =
+ CreateSignedTreeHeadJsonString(kSHA256RootHash, "");
+
+ SignedTreeHead tree_head;
+ ASSERT_FALSE(FillSignedTreeHead(missing_signature_sth, &tree_head));
+
+ std::string missing_root_hash_sth =
+ CreateSignedTreeHeadJsonString("", kTreeHeadSignature);
+ ASSERT_FALSE(FillSignedTreeHead(missing_root_hash_sth, &tree_head));
+}
+
+TEST(CTLogResponseParserTest, FailsToParseIncorrectLengthRootHash) {
+ SignedTreeHead tree_head;
+
+ std::string too_long_hash = CreateSignedTreeHeadJsonString(
+ kSHA256RootHash, "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoArK\n");
+ ASSERT_FALSE(FillSignedTreeHead(too_long_hash, &tree_head));
+
+ std::string too_short_hash = CreateSignedTreeHeadJsonString(
+ kSHA256RootHash, "/WHFMgXtI/umKKuACJIN0Bb73TcILm9WkeU6qszvoA==\n");
+ ASSERT_FALSE(FillSignedTreeHead(too_short_hash, &tree_head));
+}
+
+} // namespace ct
+
+} // namespace net
« no previous file with comments | « net/cert/ct_log_response_parser.cc ('k') | net/cert/ct_log_verifier.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698