OLD | NEW |
(Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "components/certificate_transparency/tree_state_tracker.h" |
| 6 |
| 7 #include <string> |
| 8 #include <utility> |
| 9 |
| 10 #include "base/feature_list.h" |
| 11 #include "base/memory/ptr_util.h" |
| 12 #include "base/message_loop/message_loop.h" |
| 13 #include "base/run_loop.h" |
| 14 #include "base/strings/string_number_conversions.h" |
| 15 #include "base/test/scoped_feature_list.h" |
| 16 #include "net/cert/ct_log_verifier.h" |
| 17 #include "net/cert/ct_serialization.h" |
| 18 #include "net/cert/merkle_tree_leaf.h" |
| 19 #include "net/cert/signed_certificate_timestamp.h" |
| 20 #include "net/cert/signed_tree_head.h" |
| 21 #include "net/cert/x509_certificate.h" |
| 22 #include "net/log/net_log.h" |
| 23 #include "net/log/test_net_log.h" |
| 24 #include "net/test/ct_test_util.h" |
| 25 #include "testing/gtest/include/gtest/gtest.h" |
| 26 |
| 27 using net::ct::SignedCertificateTimestamp; |
| 28 using net::ct::SignedTreeHead; |
| 29 using net::ct::GetSampleSignedTreeHead; |
| 30 using net::ct::GetTestPublicKeyId; |
| 31 using net::ct::GetTestPublicKey; |
| 32 using net::ct::kSthRootHashLength; |
| 33 using net::ct::GetX509CertSCT; |
| 34 |
| 35 const base::Feature kCTLogAuditing = {"CertificateTransparencyLogAuditing", |
| 36 base::FEATURE_DISABLED_BY_DEFAULT}; |
| 37 |
| 38 namespace certificate_transparency { |
| 39 |
| 40 class TreeStateTrackerTest : public ::testing::Test { |
| 41 void SetUp() override { |
| 42 log_ = net::CTLogVerifier::Create(GetTestPublicKey(), "testlog", |
| 43 "https://ct.example.com", |
| 44 "unresolvable.invalid"); |
| 45 |
| 46 ASSERT_TRUE(log_); |
| 47 ASSERT_EQ(log_->key_id(), GetTestPublicKeyId()); |
| 48 |
| 49 const std::string der_test_cert(net::ct::GetDerEncodedX509Cert()); |
| 50 chain_ = net::X509Certificate::CreateFromBytes(der_test_cert.data(), |
| 51 der_test_cert.length()); |
| 52 ASSERT_TRUE(chain_.get()); |
| 53 GetX509CertSCT(&cert_sct_); |
| 54 cert_sct_->origin = SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE; |
| 55 } |
| 56 |
| 57 protected: |
| 58 base::MessageLoopForIO message_loop_; |
| 59 scoped_refptr<const net::CTLogVerifier> log_; |
| 60 std::unique_ptr<TreeStateTracker> tree_tracker_; |
| 61 scoped_refptr<net::X509Certificate> chain_; |
| 62 scoped_refptr<SignedCertificateTimestamp> cert_sct_; |
| 63 net::TestNetLog net_log_; |
| 64 }; |
| 65 |
| 66 // Test that a new STH & SCT are delegated correctly to a |
| 67 // SingleTreeTracker instance created by the TreeStateTracker. |
| 68 // This is verified by looking for a single event on the net_log_ |
| 69 // passed into the TreeStateTracker c'tor. |
| 70 TEST_F(TreeStateTrackerTest, TestDelegatesCorrectly) { |
| 71 std::vector<scoped_refptr<const net::CTLogVerifier>> verifiers; |
| 72 verifiers.push_back(log_); |
| 73 |
| 74 base::test::ScopedFeatureList feature_list; |
| 75 feature_list.InitAndEnableFeature(kCTLogAuditing); |
| 76 |
| 77 tree_tracker_ = base::MakeUnique<TreeStateTracker>(verifiers, &net_log_); |
| 78 |
| 79 SignedTreeHead sth; |
| 80 GetSampleSignedTreeHead(&sth); |
| 81 ASSERT_EQ(log_->key_id(), sth.log_id); |
| 82 tree_tracker_->NewSTHObserved(sth); |
| 83 |
| 84 ASSERT_EQ(log_->key_id(), cert_sct_->log_id); |
| 85 tree_tracker_->OnSCTVerified(chain_.get(), cert_sct_.get()); |
| 86 base::RunLoop().RunUntilIdle(); |
| 87 |
| 88 net::ct::MerkleTreeLeaf leaf; |
| 89 ASSERT_TRUE(GetMerkleTreeLeaf(chain_.get(), cert_sct_.get(), &leaf)); |
| 90 |
| 91 std::string leaf_hash; |
| 92 ASSERT_TRUE(HashMerkleTreeLeaf(leaf, &leaf_hash)); |
| 93 // There should be one NetLog event. |
| 94 EXPECT_EQ(1u, net_log_.GetSize()); |
| 95 } |
| 96 |
| 97 } // namespace certificate_transparency |
OLD | NEW |