| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_log_verifier.h" | 5 #include "net/cert/ct_log_verifier.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 371 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 382 new_tree_size, new_root, wrong_proof)) | 382 new_tree_size, new_root, wrong_proof)) |
| 383 << "proof passed verification with empty node prepended"; | 383 << "proof passed verification with empty node prepended"; |
| 384 | 384 |
| 385 wrong_proof[0] = proof[0]; | 385 wrong_proof[0] = proof[0]; |
| 386 EXPECT_FALSE(VerifyConsistencyProof(log, old_tree_size, old_root, | 386 EXPECT_FALSE(VerifyConsistencyProof(log, old_tree_size, old_root, |
| 387 new_tree_size, new_root, wrong_proof)) | 387 new_tree_size, new_root, wrong_proof)) |
| 388 << "proof passed verification with first node duplicated"; | 388 << "proof passed verification with first node duplicated"; |
| 389 } | 389 } |
| 390 | 390 |
| 391 TEST_F(CTLogVerifierTest, VerifiesCertSCT) { | 391 TEST_F(CTLogVerifierTest, VerifiesCertSCT) { |
| 392 ct::LogEntry cert_entry; | 392 ct::SignedEntryData cert_entry; |
| 393 ct::GetX509CertLogEntry(&cert_entry); | 393 ct::GetX509CertSignedEntry(&cert_entry); |
| 394 | 394 |
| 395 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; | 395 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; |
| 396 ct::GetX509CertSCT(&cert_sct); | 396 ct::GetX509CertSCT(&cert_sct); |
| 397 | 397 |
| 398 EXPECT_TRUE(log_->Verify(cert_entry, *cert_sct.get())); | 398 EXPECT_TRUE(log_->Verify(cert_entry, *cert_sct.get())); |
| 399 } | 399 } |
| 400 | 400 |
| 401 TEST_F(CTLogVerifierTest, VerifiesPrecertSCT) { | 401 TEST_F(CTLogVerifierTest, VerifiesPrecertSCT) { |
| 402 ct::LogEntry precert_entry; | 402 ct::SignedEntryData precert_entry; |
| 403 ct::GetPrecertLogEntry(&precert_entry); | 403 ct::GetPrecertSignedEntry(&precert_entry); |
| 404 | 404 |
| 405 scoped_refptr<ct::SignedCertificateTimestamp> precert_sct; | 405 scoped_refptr<ct::SignedCertificateTimestamp> precert_sct; |
| 406 ct::GetPrecertSCT(&precert_sct); | 406 ct::GetPrecertSCT(&precert_sct); |
| 407 | 407 |
| 408 EXPECT_TRUE(log_->Verify(precert_entry, *precert_sct.get())); | 408 EXPECT_TRUE(log_->Verify(precert_entry, *precert_sct.get())); |
| 409 } | 409 } |
| 410 | 410 |
| 411 TEST_F(CTLogVerifierTest, FailsInvalidTimestamp) { | 411 TEST_F(CTLogVerifierTest, FailsInvalidTimestamp) { |
| 412 ct::LogEntry cert_entry; | 412 ct::SignedEntryData cert_entry; |
| 413 ct::GetX509CertLogEntry(&cert_entry); | 413 ct::GetX509CertSignedEntry(&cert_entry); |
| 414 | 414 |
| 415 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; | 415 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; |
| 416 ct::GetX509CertSCT(&cert_sct); | 416 ct::GetX509CertSCT(&cert_sct); |
| 417 | 417 |
| 418 // Mangle the timestamp, so that it should fail signature validation. | 418 // Mangle the timestamp, so that it should fail signature validation. |
| 419 cert_sct->timestamp = base::Time::Now(); | 419 cert_sct->timestamp = base::Time::Now(); |
| 420 | 420 |
| 421 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get())); | 421 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get())); |
| 422 } | 422 } |
| 423 | 423 |
| 424 TEST_F(CTLogVerifierTest, FailsInvalidLogID) { | 424 TEST_F(CTLogVerifierTest, FailsInvalidLogID) { |
| 425 ct::LogEntry cert_entry; | 425 ct::SignedEntryData cert_entry; |
| 426 ct::GetX509CertLogEntry(&cert_entry); | 426 ct::GetX509CertSignedEntry(&cert_entry); |
| 427 | 427 |
| 428 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; | 428 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct; |
| 429 ct::GetX509CertSCT(&cert_sct); | 429 ct::GetX509CertSCT(&cert_sct); |
| 430 | 430 |
| 431 // Mangle the log ID, which should cause it to match a different log before | 431 // Mangle the log ID, which should cause it to match a different log before |
| 432 // attempting signature validation. | 432 // attempting signature validation. |
| 433 cert_sct->log_id.assign(cert_sct->log_id.size(), '\0'); | 433 cert_sct->log_id.assign(cert_sct->log_id.size(), '\0'); |
| 434 | 434 |
| 435 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get())); | 435 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get())); |
| 436 } | 436 } |
| (...skipping 315 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 752 | 752 |
| 753 // Test verification of consistency proofs and audit proofs for all tree sizes | 753 // Test verification of consistency proofs and audit proofs for all tree sizes |
| 754 // from 0 to 128. | 754 // from 0 to 128. |
| 755 INSTANTIATE_TEST_CASE_P(RangeOfTreeSizes, | 755 INSTANTIATE_TEST_CASE_P(RangeOfTreeSizes, |
| 756 CTLogVerifierTestUsingGenerator, | 756 CTLogVerifierTestUsingGenerator, |
| 757 testing::Range(size_t(0), size_t(129))); | 757 testing::Range(size_t(0), size_t(129))); |
| 758 | 758 |
| 759 } // namespace | 759 } // namespace |
| 760 | 760 |
| 761 } // namespace net | 761 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2824983002:
Rename net::ct::LogEntry to SignedEntryData and clarify the comment. (Closed)
