Index: net/cert/ct_ev_whitelist_unittest.cc |
diff --git a/net/cert/ct_ev_whitelist_unittest.cc b/net/cert/ct_ev_whitelist_unittest.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..c2879532e25abd474684c2fd9996d37c0f1607b3 |
--- /dev/null |
+++ b/net/cert/ct_ev_whitelist_unittest.cc |
@@ -0,0 +1,204 @@ |
+// Copyright 2014 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "net/cert/ct_ev_whitelist.h" |
+ |
+#include <string> |
+ |
+#include "base/memory/scoped_ptr.h" |
+#include "testing/gtest/include/gtest/gtest.h" |
+ |
+namespace net { |
+ |
+namespace ct { |
+ |
+namespace internal { |
+ |
+const uint8_t kSomeData[] = {0xd5, 0xe2, 0xaf, 0xe5, 0xbb, 0x10, 0x7c, 0xd1}; |
+ |
+TEST(BitStreamReaderTest, CanReadSingleByte) { |
+ BitStreamReader reader( |
+ base::StringPiece(reinterpret_cast<const char*>(kSomeData), 1)); |
+ uint64_t v(0); |
+ |
+ EXPECT_EQ(8u, reader.BitsLeft()); |
+ EXPECT_TRUE(reader.ReadBits(8, &v)); |
+ EXPECT_EQ(UINT64_C(0xd5), v); |
+ |
+ EXPECT_FALSE(reader.ReadBits(1, &v)); |
+ EXPECT_EQ(0u, reader.BitsLeft()); |
+} |
+ |
+TEST(BitStreamReaderTest, CanReadSingleBits) { |
+ const uint64_t expected_bits[] = {1, 1, 0, 1, 0, 1, 0, 1, |
+ 1, 1, 1, 0, 0, 0, 1, 0}; |
+ BitStreamReader reader( |
+ base::StringPiece(reinterpret_cast<const char*>(kSomeData), 2)); |
+ EXPECT_EQ(16u, reader.BitsLeft()); |
+ uint64_t v(0); |
+ |
+ for (int i = 0; i < 16; ++i) { |
+ EXPECT_TRUE(reader.ReadBits(1, &v)); |
+ EXPECT_EQ(expected_bits[i], v); |
+ } |
+ EXPECT_EQ(0u, reader.BitsLeft()); |
+} |
+ |
+TEST(BitStreamReaderTest, CanReadBitGroups) { |
+ BitStreamReader reader( |
+ base::StringPiece(reinterpret_cast<const char*>(kSomeData), 3)); |
+ EXPECT_EQ(24u, reader.BitsLeft()); |
+ uint64_t v(0); |
+ uint64_t res(0); |
+ |
+ EXPECT_TRUE(reader.ReadBits(5, &v)); |
+ res |= v << 19; |
+ EXPECT_EQ(19u, reader.BitsLeft()); |
+ EXPECT_TRUE(reader.ReadBits(13, &v)); |
+ res |= v << 6; |
+ EXPECT_EQ(6u, reader.BitsLeft()); |
+ EXPECT_TRUE(reader.ReadBits(6, &v)); |
+ res |= v; |
+ EXPECT_EQ(UINT64_C(0xd5e2af), res); |
+ |
+ EXPECT_FALSE(reader.ReadBits(1, &v)); |
+} |
+ |
+TEST(BitStreamReaderTest, CanRead64Bit) { |
+ BitStreamReader reader( |
+ base::StringPiece(reinterpret_cast<const char*>(kSomeData), 8)); |
+ EXPECT_EQ(64u, reader.BitsLeft()); |
+ uint64_t v(0); |
+ |
+ EXPECT_TRUE(reader.ReadBits(64, &v)); |
+ EXPECT_EQ(UINT64_C(0xd5e2afe5bb107cd1), v); |
+} |
+ |
+TEST(BitStreamReaderTest, CanReadUnaryEncodedNumbers) { |
+ BitStreamReader reader( |
+ base::StringPiece(reinterpret_cast<const char*>(kSomeData), 3)); |
+ const uint64_t expected_values[] = {2, 1, 1, 4, 0, 0, 1, 1, 1, 4}; |
+ uint64_t v(0); |
+ for (int i = 0; i < 10; ++i) { |
+ EXPECT_TRUE(reader.ReadUnaryEncoding(&v)); |
+ EXPECT_EQ(expected_values[i], v) << "Values differ at position " << i; |
+ } |
+} |
+ |
+} // namespace internal |
+ |
+namespace { |
+ |
+const uint8_t kFirstHashRaw[] = {0x00, 0x00, 0x03, 0xd7, |
+ 0xfc, 0x18, 0x02, 0xcb}; |
+std::string GetFirstHash() { |
+ return std::string(reinterpret_cast<const char*>(kFirstHashRaw), 8); |
+} |
+ |
+// Second hash: Diff from first hash is > 2^47 |
+const uint8_t kSecondHashRaw[] = {0x00, 0x01, 0x05, 0xd2, |
+ 0x58, 0x47, 0xa7, 0xbf}; |
+std::string GetSecondHash() { |
+ return std::string(reinterpret_cast<const char*>(kSecondHashRaw), 8); |
+} |
+ |
+// Third hash: Diff from 2nd hash is < 2^47 |
+const uint8_t kThirdHashRaw[] = {0x00, 0x01, 0x48, 0x45, |
+ 0x8c, 0x53, 0x03, 0x94}; |
+std::string GetThirdHash() { |
+ return std::string(reinterpret_cast<const char*>(kThirdHashRaw), 8); |
+} |
+ |
+const uint8_t kWhitelistData[] = { |
+ 0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb, // First hash |
+ 0xc0, 0x7e, 0x97, 0x0b, 0xe9, 0x3d, 0x10, 0x9c, |
+ 0xcd, 0x02, 0xd6, 0xf5, 0x40, |
+}; |
+ |
+std::string GetPartialWhitelistData(uint8_t num_bytes) { |
+ return std::string(reinterpret_cast<const char*>(kWhitelistData), num_bytes); |
+} |
+ |
+std::string GetAllWhitelistData() { |
+ return GetPartialWhitelistData(arraysize(kWhitelistData)); |
+} |
+ |
+} // namespace |
+ |
+class EVCertsWhitelistTest : public ::testing::Test { |
+ public: |
+ EVCertsWhitelistTest() : whitelist_(internal::GetEmptyEVCertsWhitelist()) {} |
+ virtual ~EVCertsWhitelistTest() {} |
+ |
+ protected: |
+ scoped_refptr<EVCertsWhitelist> whitelist_; |
+}; |
+ |
+TEST_F(EVCertsWhitelistTest, UncompressFailsForTooShortList) { |
+ // This list does not contain enough bytes even for the first hash. |
+ std::set<std::string> res; |
+ EXPECT_FALSE(EVCertsWhitelist::UncompressEVWhitelist( |
+ std::string(reinterpret_cast<const char*>(kWhitelistData), 7), &res)); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, UncompressFailsForTruncatedList) { |
+ // This list is missing bits for the second part of the diff. |
+ std::set<std::string> res; |
+ EXPECT_FALSE(EVCertsWhitelist::UncompressEVWhitelist( |
+ std::string(reinterpret_cast<const char*>(kWhitelistData), 14), &res)); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, UncompressesWhitelistCorrectly) { |
+ std::set<std::string> res; |
+ ASSERT_TRUE(EVCertsWhitelist::UncompressEVWhitelist( |
+ std::string(reinterpret_cast<const char*>(kWhitelistData), |
+ arraysize(kWhitelistData)), |
+ &res)); |
+ |
+ // Ensure first hash is found |
+ EXPECT_TRUE(res.find(GetFirstHash()) != res.end()); |
+ // Ensure second hash is found |
+ EXPECT_TRUE(res.find(GetSecondHash()) != res.end()); |
+ // Ensure last hash is found |
+ EXPECT_TRUE(res.find(GetThirdHash()) != res.end()); |
+ // Ensure that there are exactly 3 hashes. |
+ EXPECT_EQ(3u, res.size()); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, CanFindHashInSetList) { |
+ ASSERT_TRUE(whitelist_->Update(GetAllWhitelistData())); |
+ |
+ EXPECT_TRUE(whitelist_->ContainsCertificateHash(GetFirstHash())); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, CannotFindOldHashAfterSetList) { |
+ ASSERT_TRUE(whitelist_->Update(GetAllWhitelistData())); |
+ EXPECT_TRUE(whitelist_->ContainsCertificateHash(GetSecondHash())); |
+ |
+ ASSERT_TRUE(whitelist_->Update(GetPartialWhitelistData(8))); |
+ EXPECT_FALSE(whitelist_->ContainsCertificateHash(GetSecondHash())); |
+ EXPECT_TRUE(whitelist_->ContainsCertificateHash(GetFirstHash())); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, DoesNotUpdateBadWhitelist) { |
+ ASSERT_TRUE(whitelist_->Update(GetAllWhitelistData())); |
+ EXPECT_TRUE(whitelist_->ContainsCertificateHash(GetSecondHash())); |
+ |
+ EXPECT_FALSE(whitelist_->Update(GetPartialWhitelistData(14))); |
+ EXPECT_TRUE(whitelist_->ContainsCertificateHash(GetFirstHash())); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, CorrectlyIdentifiesWhitelistIsInvalid) { |
+ EXPECT_FALSE(whitelist_->IsValid()); |
+} |
+ |
+TEST_F(EVCertsWhitelistTest, CorrectlyIdentifiesWhitelistIsValid) { |
+ std::set<std::string> whitelist_data; |
+ ASSERT_TRUE(whitelist_->Update(GetAllWhitelistData())); |
+ EXPECT_TRUE(whitelist_->IsValid()); |
+} |
+ |
+} // namespace ct |
+ |
+} // namespace net |