| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/cert/ct_ev_whitelist.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "testing/gtest/include/gtest/gtest.h" | |
| 10 | |
| 11 namespace net { | |
| 12 | |
| 13 namespace ct { | |
| 14 | |
| 15 namespace internal { | |
| 16 | |
| 17 const uint8 kSomeData[] = {0xd5, 0xe2, 0xaf, 0xe5, 0xbb, 0x10, 0x7c, 0xd1}; | |
| 18 | |
| 19 TEST(BitStreamReaderTest, CanReadSingleByte) { | |
| 20 BitStreamReader reader(reinterpret_cast<const char*>(kSomeData), 1); | |
| 21 uint64 v(0); | |
| 22 | |
| 23 EXPECT_EQ(8u, reader.BitsLeft()); | |
| 24 EXPECT_TRUE(reader.ReadBits(8, &v)); | |
| 25 EXPECT_EQ(UINT64_C(0xd5), v); | |
| 26 | |
| 27 EXPECT_FALSE(reader.ReadBits(1, &v)); | |
| 28 EXPECT_EQ(0u, reader.BitsLeft()); | |
| 29 } | |
| 30 | |
| 31 TEST(BitStreamReaderTest, CanReadSingleBits) { | |
| 32 const uint64 expected_bits[] = {1, 1, 0, 1, 0, 1, 0, 1, | |
| 33 1, 1, 1, 0, 0, 0, 1, 0}; | |
| 34 BitStreamReader reader(reinterpret_cast<const char*>(kSomeData), 2); | |
| 35 EXPECT_EQ(16u, reader.BitsLeft()); | |
| 36 uint64 v(0); | |
| 37 | |
| 38 for (int i = 0; i < 16; ++i) { | |
| 39 EXPECT_TRUE(reader.ReadBits(1, &v)); | |
| 40 EXPECT_EQ(expected_bits[i], v); | |
| 41 } | |
| 42 EXPECT_EQ(0u, reader.BitsLeft()); | |
| 43 } | |
| 44 | |
| 45 TEST(BitStreamReaderTest, CanReadBitGroups) { | |
| 46 BitStreamReader reader(reinterpret_cast<const char*>(kSomeData), 3); | |
| 47 EXPECT_EQ(24u, reader.BitsLeft()); | |
| 48 uint64 v(0); | |
| 49 uint64 res(0); | |
| 50 | |
| 51 EXPECT_TRUE(reader.ReadBits(5, &v)); | |
| 52 res |= v << 19; | |
| 53 EXPECT_EQ(19u, reader.BitsLeft()); | |
| 54 EXPECT_TRUE(reader.ReadBits(13, &v)); | |
| 55 res |= v << 6; | |
| 56 EXPECT_EQ(6u, reader.BitsLeft()); | |
| 57 EXPECT_TRUE(reader.ReadBits(6, &v)); | |
| 58 res |= v; | |
| 59 EXPECT_EQ(UINT64_C(0xd5e2af), res); | |
| 60 | |
| 61 EXPECT_FALSE(reader.ReadBits(1, &v)); | |
| 62 } | |
| 63 | |
| 64 TEST(BitStreamReaderTest, CanRead64Bit) { | |
| 65 BitStreamReader reader(reinterpret_cast<const char*>(kSomeData), 8); | |
| 66 EXPECT_EQ(64u, reader.BitsLeft()); | |
| 67 uint64 v(0); | |
| 68 | |
| 69 EXPECT_TRUE(reader.ReadBits(64, &v)); | |
| 70 EXPECT_EQ(UINT64_C(0xd5e2afe5bb107cd1), v); | |
| 71 } | |
| 72 | |
| 73 TEST(BitStreamReaderTest, CanReadUnaryEncodedNumbers) { | |
| 74 BitStreamReader reader(reinterpret_cast<const char*>(kSomeData), 3); | |
| 75 const uint64 expected_values[] = {2, 1, 1, 4, 0, 0, 1, 1, 1, 4}; | |
| 76 uint64 v(0); | |
| 77 for (int i = 0; i < 10; ++i) { | |
| 78 EXPECT_TRUE(reader.ReadUnaryEncoding(&v)); | |
| 79 EXPECT_EQ(expected_values[i], v) << "Values differ at position " << i; | |
| 80 } | |
| 81 } | |
| 82 | |
| 83 } // namespace internal | |
| 84 | |
| 85 namespace { | |
| 86 | |
| 87 const uint8 kFirstHashRaw[] = {0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb}; | |
| 88 std::string GetFirstHash() { | |
| 89 return std::string(reinterpret_cast<const char*>(kFirstHashRaw), 8); | |
| 90 } | |
| 91 | |
| 92 // Second hash: Diff from first hash is > 2^47 | |
| 93 const uint8 kSecondHashRaw[] = {0x00, 0x01, 0x05, 0xd2, 0x58, 0x47, 0xa7, 0xbf}; | |
| 94 std::string GetSecondHash() { | |
| 95 return std::string(reinterpret_cast<const char*>(kSecondHashRaw), 8); | |
| 96 } | |
| 97 | |
| 98 // Third hash: Diff from 2nd hash is < 2^47 | |
| 99 const uint8 kThirdHashRaw[] = {0x00, 0x01, 0x48, 0x45, 0x8c, 0x53, 0x03, 0x94}; | |
| 100 std::string GetThirdHash() { | |
| 101 return std::string(reinterpret_cast<const char*>(kThirdHashRaw), 8); | |
| 102 } | |
| 103 | |
| 104 const uint8 kWhitelistData[] = { | |
| 105 0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb, // First hash | |
| 106 0xc0, 0x7e, 0x97, 0x0b, 0xe9, 0x3d, 0x10, 0x9c, | |
| 107 0xcd, 0x02, 0xd6, 0xf5, 0x40, | |
| 108 }; | |
| 109 | |
| 110 } // namespace | |
| 111 | |
| 112 TEST(CTEVWhitelistTest, UncompressFailsForTooShortList) { | |
| 113 // This list does not contain enough bytes even for the first hash. | |
| 114 std::set<std::string> res; | |
| 115 EXPECT_FALSE(internal::UncompressEVWhitelist( | |
| 116 std::string(reinterpret_cast<const char*>(kWhitelistData), 7), &res)); | |
| 117 } | |
| 118 | |
| 119 TEST(CTEVWhitelistTest, UncompressFailsForTruncatedList) { | |
| 120 // This list is missing bits for the second part of the diff. | |
| 121 std::set<std::string> res; | |
| 122 EXPECT_FALSE(internal::UncompressEVWhitelist( | |
| 123 std::string(reinterpret_cast<const char*>(kWhitelistData), 14), &res)); | |
| 124 } | |
| 125 | |
| 126 TEST(CTEVWhitelistTest, UncompressesWhitelistCorrectly) { | |
| 127 std::set<std::string> res; | |
| 128 ASSERT_TRUE(internal::UncompressEVWhitelist( | |
| 129 std::string(reinterpret_cast<const char*>(kWhitelistData), | |
| 130 arraysize(kWhitelistData)), | |
| 131 &res)); | |
| 132 | |
| 133 // Ensure first hash is found | |
| 134 EXPECT_TRUE(res.find(GetFirstHash()) != res.end()); | |
| 135 // Ensure second hash is found | |
| 136 EXPECT_TRUE(res.find(GetSecondHash()) != res.end()); | |
| 137 // Ensure last hash is found | |
| 138 EXPECT_TRUE(res.find(GetThirdHash()) != res.end()); | |
| 139 // Ensure that there are exactly 3 hashes. | |
| 140 EXPECT_EQ(3u, res.size()); | |
| 141 } | |
| 142 | |
| 143 TEST(CTEVWhitelistTest, CanFindHashInSetList) { | |
| 144 std::set<std::string> whitelist_data; | |
| 145 whitelist_data.insert(GetFirstHash()); | |
| 146 internal::SetEVWhitelistData(whitelist_data); | |
| 147 | |
| 148 EXPECT_TRUE(IsCertificateHashInWhitelist(GetFirstHash())); | |
| 149 } | |
| 150 | |
| 151 TEST(CTEVWhitelistTest, CannotFindOldHashAfterSetList) { | |
| 152 std::set<std::string> whitelist_data; | |
| 153 whitelist_data.insert(GetFirstHash()); | |
| 154 internal::SetEVWhitelistData(whitelist_data); | |
| 155 EXPECT_TRUE(IsCertificateHashInWhitelist(GetFirstHash())); | |
| 156 | |
| 157 std::set<std::string> new_whitelist_data; | |
| 158 new_whitelist_data.insert(GetSecondHash()); | |
| 159 internal::SetEVWhitelistData(new_whitelist_data); | |
| 160 EXPECT_TRUE(IsCertificateHashInWhitelist(GetSecondHash())); | |
| 161 EXPECT_FALSE(IsCertificateHashInWhitelist(GetFirstHash())); | |
| 162 } | |
| 163 | |
| 164 TEST(CTEVWhitelistTest, CorrectlyIdentifiesWhitelistIsInvalid) { | |
| 165 std::set<std::string> whitelist_data; | |
| 166 internal::SetEVWhitelistData(whitelist_data); | |
| 167 EXPECT_FALSE(HasValidEVWhitelist()); | |
| 168 } | |
| 169 | |
| 170 TEST(CTEVWhitelistTest, CorrectlyIdentifiesWhitelistIsValid) { | |
| 171 std::set<std::string> whitelist_data; | |
| 172 whitelist_data.insert(GetFirstHash()); | |
| 173 internal::SetEVWhitelistData(whitelist_data); | |
| 174 EXPECT_TRUE(HasValidEVWhitelist()); | |
| 175 } | |
| 176 | |
| 177 } // namespace ct | |
| 178 | |
| 179 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 542673002:
Revert "Certificate Transparency: Code for unpacking EV cert hashes whitelist" (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master