Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(50)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_ev_whitelist_unittest.cc

Issue 462543002: Certificate Transparency: Code for unpacking EV cert hashes whitelist (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/ct_ev_whitelist.cc ('K') | « net/cert/ct_ev_whitelist.cc ('k') | net/cert/x509_certificate.h » ('j') | net/net.gypi » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/ct_ev_whitelist.h"
6
7 #include <string>
8
9 #include "testing/gtest/include/gtest/gtest.h"
10
11 namespace net {
12
13 namespace ct {
14
15 namespace internal {
16
17 const char kSomeData[] = {0xd5, 0xe2, 0xaf, 0xe5, 0xbb, 0x10, 0x7c, 0xd1};
18
19 TEST(BitStreamReaderTest, CanReadSingleByte) {
20 BitStreamReader reader(kSomeData, 1);
21 uint64 v(0);
22
23 ASSERT_EQ(8u, reader.BitsLeft());
wtc 2014/09/02 23:03:02 IMPORTANT: most of the ASSERT_xxx's in this file s
Eran Messeri 2014/09/03 09:38:51 Done.
24 ASSERT_TRUE(reader.ReadBits(8, &v));
25 ASSERT_EQ(UINT64_C(0xd5), v);
26
27 ASSERT_FALSE(reader.ReadBits(1, &v));
28 ASSERT_EQ(0u, reader.BitsLeft());
29 }
30
31 TEST(BitStreamReaderTest, CanReadSingleBits) {
32 const uint64 expected_bits[] = {1, 1, 0, 1, 0, 1, 0, 1,
33 1, 1, 1, 0, 0, 0, 1, 0};
34 BitStreamReader reader(kSomeData, 2);
35 ASSERT_EQ(16u, reader.BitsLeft());
36 uint64 v(0);
37
38 for (int i = 0; i < 16; ++i) {
39 ASSERT_TRUE(reader.ReadBits(1, &v));
40 ASSERT_EQ(expected_bits[i], v);
41 }
42 ASSERT_EQ(0u, reader.BitsLeft());
43 }
44
45 TEST(BitStreamReaderTest, CanReadBitGroups) {
46 BitStreamReader reader(kSomeData, 3);
47 ASSERT_EQ(24u, reader.BitsLeft());
48 uint64 v(0);
49 uint64 res(0);
50
51 ASSERT_TRUE(reader.ReadBits(5, &v));
52 res |= v << 19;
53 ASSERT_EQ(19u, reader.BitsLeft());
54 ASSERT_TRUE(reader.ReadBits(13, &v));
55 res |= v << 6;
56 ASSERT_EQ(6u, reader.BitsLeft());
57 ASSERT_TRUE(reader.ReadBits(6, &v));
58 res |= v;
59 ASSERT_EQ(UINT64_C(0xd5e2af), res);
60
61 ASSERT_FALSE(reader.ReadBits(1, &v));
62 }
63
64 TEST(BitStreamReaderTest, CanRead64Bit) {
65 BitStreamReader reader(kSomeData, 8);
66 ASSERT_EQ(64u, reader.BitsLeft());
67 uint64 v(0);
68
69 ASSERT_TRUE(reader.ReadBits(64, &v));
70 ASSERT_EQ(UINT64_C(0xd5e2afe5bb107cd1), v);
71 }
72
73 TEST(BitStreamReaderTest, CanReadUnaryEncodedNumbers) {
74 BitStreamReader reader(kSomeData, 3);
75 const uint64 expected_values[] = {2, 1, 1, 4, 0, 0, 1, 1, 1, 4};
76 uint64 v(0);
77 for (int i = 0; i < 10; ++i) {
78 ASSERT_TRUE(reader.ReadUnaryEncoding(&v));
79 ASSERT_EQ(expected_values[i], v) << "Values differ at position " << i;
80 }
81 }
82
83 } // namespace internal
84
85 const char kFirstHash[] = {0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb};
86 // Second hash: Diff from first hash is > 2^47
87 const char kSecondHash[] = {0x00, 0x01, 0x05, 0xd2, 0x58, 0x47, 0xa7, 0xbf};
88 // Third hash: Diff from 2nd hash is < 2^47
89 const char kThirdHash[] = {0x00, 0x01, 0x48, 0x45, 0x8c, 0x53, 0x03, 0x94};
90
91 const char kWhitelistData[] = {
92 0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb, // First hash
93 0xc0, 0x7e, 0x97, 0x0b, 0xe9, 0x3d, 0x10, 0x9c,
94 0xcd, 0x02, 0xd6, 0xf5, 0x40,
95 };
96
97 TEST(CTEVWhitelistTest, UncompressFailsForTooShortList) {
98 // This list does not contain enough bytes even for the first hash.
99 std::set<std::string> res;
100 ASSERT_FALSE(
101 internal::UncompressEVWhitelist(std::string(kWhitelistData, 7), &res));
102 }
103
104 TEST(CTEVWhitelistTest, UncompressFailsForTruncatedList) {
105 // This list is missing bits for the second part of the diff.
106 std::set<std::string> res;
107 ASSERT_FALSE(
108 internal::UncompressEVWhitelist(std::string(kWhitelistData, 14), &res));
109 }
110
111 TEST(CTEVWhitelistTest, UncompressesWhitelistCorrectly) {
112 std::set<std::string> res;
113 ASSERT_TRUE(internal::UncompressEVWhitelist(
114 std::string(kWhitelistData, arraysize(kWhitelistData)), &res));
115
116 // Ensure first hash is found
117 ASSERT_TRUE(res.find(std::string(kFirstHash, 8)) != res.end());
118 // Ensure second hash is found
119 ASSERT_TRUE(res.find(std::string(kSecondHash, 8)) != res.end());
120 // Ensure last hash is found
121 ASSERT_TRUE(res.find(std::string(kThirdHash, 8)) != res.end());
122 // Ensure that there are exactly 3 hashes.
123 ASSERT_EQ(3u, res.size());
124 }
125
126 TEST(CTEVWhitelistTest, CanFindHashInSetList) {
127 std::set<std::string> whitelist_data;
128 whitelist_data.insert(kFirstHash);
129 internal::SetEVWhitelistData(whitelist_data);
130
131 ASSERT_TRUE(IsCertificateHashInWhitelist(kFirstHash));
132 }
133
134 TEST(CTEVWhitelistTest, CannotFindOldHashAfterSetList) {
135 std::set<std::string> whitelist_data;
136 whitelist_data.insert(kFirstHash);
137 internal::SetEVWhitelistData(whitelist_data);
138 ASSERT_TRUE(IsCertificateHashInWhitelist(kFirstHash));
139
140 std::set<std::string> new_whitelist_data;
141 new_whitelist_data.insert(kSecondHash);
142 internal::SetEVWhitelistData(new_whitelist_data);
143 ASSERT_TRUE(IsCertificateHashInWhitelist(kFirstHash));
wtc 2014/09/02 23:03:02 IMPORTANT: we should expect FALSE here, right?
Eran Messeri 2014/09/03 09:38:51 Yes, my bad, I had a bug in the test (should have
144 }
145
146 } // namespace ct
147
148 } // namespace net
OLDNEW
« net/cert/ct_ev_whitelist.cc ('K') | « net/cert/ct_ev_whitelist.cc ('k') | net/cert/x509_certificate.h » ('j') | net/net.gypi » ('J')

Powered by Google App Engine
This is Rietveld 408576698