Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(809)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_objects_extractor_unittest.cc

Issue 72333007: Add an SignedCertificateTimetampStore, making SignedCertificateTimestamp be refcounted to aid. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@piecewise
Patch Set: Fixes for wtc. Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/public/browser/signed_certificate_timestamp_store.h ('K') | « net/cert/ct_log_verifier_unittest.cc ('k') | net/cert/ct_serialization.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_objects_extractor.h" 5 #include "net/cert/ct_objects_extractor.h"
6 6
7 #include "base/files/file_path.h" 7 #include "base/files/file_path.h"
8 #include "net/base/test_data_directory.h" 8 #include "net/base/test_data_directory.h"
9 #include "net/cert/ct_log_verifier.h" 9 #include "net/cert/ct_log_verifier.h"
10 #include "net/cert/ct_serialization.h" 10 #include "net/cert/ct_serialization.h"
(...skipping 18 matching lines...) Expand all
29 29
30 std::string der_test_cert(ct::GetDerEncodedX509Cert()); 30 std::string der_test_cert(ct::GetDerEncodedX509Cert());
31 test_cert_ = X509Certificate::CreateFromBytes(der_test_cert.data(), 31 test_cert_ = X509Certificate::CreateFromBytes(der_test_cert.data(),
32 der_test_cert.length()); 32 der_test_cert.length());
33 33
34 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog").Pass(); 34 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog").Pass();
35 ASSERT_TRUE(log_); 35 ASSERT_TRUE(log_);
36 } 36 }
37 37
38 void ExtractEmbeddedSCT(scoped_refptr<X509Certificate> cert, 38 void ExtractEmbeddedSCT(scoped_refptr<X509Certificate> cert,
39 SignedCertificateTimestamp* sct) { 39 scoped_refptr<SignedCertificateTimestamp>* sct) {
40 std::string sct_list; 40 std::string sct_list;
41 EXPECT_TRUE(ExtractEmbeddedSCTList(cert->os_cert_handle(), &sct_list)); 41 EXPECT_TRUE(ExtractEmbeddedSCTList(cert->os_cert_handle(), &sct_list));
42 42
43 std::vector<base::StringPiece> parsed_scts; 43 std::vector<base::StringPiece> parsed_scts;
44 base::StringPiece sct_list_sp(sct_list); 44 base::StringPiece sct_list_sp(sct_list);
45 // Make sure the SCT list can be decoded properly 45 // Make sure the SCT list can be decoded properly
46 EXPECT_TRUE(DecodeSCTList(&sct_list_sp, &parsed_scts)); 46 EXPECT_TRUE(DecodeSCTList(&sct_list_sp, &parsed_scts));
47 47
48 EXPECT_TRUE(DecodeSignedCertificateTimestamp(&parsed_scts[0], sct)); 48 EXPECT_TRUE(DecodeSignedCertificateTimestamp(&parsed_scts[0], sct));
49 } 49 }
50 50
51 protected: 51 protected:
52 CertificateList precert_chain_; 52 CertificateList precert_chain_;
53 scoped_refptr<X509Certificate> test_cert_; 53 scoped_refptr<X509Certificate> test_cert_;
54 scoped_ptr<CTLogVerifier> log_; 54 scoped_ptr<CTLogVerifier> log_;
55 }; 55 };
56 56
57 // Test that an SCT can be extracted and the extracted SCT contains the 57 // Test that an SCT can be extracted and the extracted SCT contains the
58 // expected data. 58 // expected data.
59 TEST_F(CTObjectsExtractorTest, ExtractEmbeddedSCT) { 59 TEST_F(CTObjectsExtractorTest, ExtractEmbeddedSCT) {
60 ct::SignedCertificateTimestamp sct; 60 scoped_refptr<ct::SignedCertificateTimestamp> sct(
61 new ct::SignedCertificateTimestamp());
61 ExtractEmbeddedSCT(precert_chain_[0], &sct); 62 ExtractEmbeddedSCT(precert_chain_[0], &sct);
62 63
63 EXPECT_EQ(sct.version, SignedCertificateTimestamp::SCT_VERSION_1); 64 EXPECT_EQ(sct->version, SignedCertificateTimestamp::SCT_VERSION_1);
64 EXPECT_EQ(ct::GetTestPublicKeyId(), sct.log_id); 65 EXPECT_EQ(ct::GetTestPublicKeyId(), sct->log_id);
65 66
66 base::Time expected_timestamp = 67 base::Time expected_timestamp =
67 base::Time::UnixEpoch() + 68 base::Time::UnixEpoch() +
68 base::TimeDelta::FromMilliseconds(1365181456275); 69 base::TimeDelta::FromMilliseconds(1365181456275);
69 EXPECT_EQ(expected_timestamp, sct.timestamp); 70 EXPECT_EQ(expected_timestamp, sct->timestamp);
70 } 71 }
71 72
72 TEST_F(CTObjectsExtractorTest, ExtractPrecert) { 73 TEST_F(CTObjectsExtractorTest, ExtractPrecert) {
73 LogEntry entry; 74 LogEntry entry;
74 ASSERT_TRUE(GetPrecertLogEntry(precert_chain_[0]->os_cert_handle(), 75 ASSERT_TRUE(GetPrecertLogEntry(precert_chain_[0]->os_cert_handle(),
75 precert_chain_[1]->os_cert_handle(), 76 precert_chain_[1]->os_cert_handle(),
76 &entry)); 77 &entry));
77 78
78 ASSERT_EQ(ct::LogEntry::LOG_ENTRY_TYPE_PRECERT, entry.type); 79 ASSERT_EQ(ct::LogEntry::LOG_ENTRY_TYPE_PRECERT, entry.type);
79 // Should have empty leaf cert for this log entry type. 80 // Should have empty leaf cert for this log entry type.
(...skipping 10 matching lines...) Expand all
90 91
91 ASSERT_EQ(ct::LogEntry::LOG_ENTRY_TYPE_X509, entry.type); 92 ASSERT_EQ(ct::LogEntry::LOG_ENTRY_TYPE_X509, entry.type);
92 // Should have empty tbs_certificate for this log entry type. 93 // Should have empty tbs_certificate for this log entry type.
93 ASSERT_TRUE(entry.tbs_certificate.empty()); 94 ASSERT_TRUE(entry.tbs_certificate.empty());
94 // Length of leaf_certificate should be 718, see the CT Serialization tests. 95 // Length of leaf_certificate should be 718, see the CT Serialization tests.
95 ASSERT_EQ(718U, entry.leaf_certificate.size()); 96 ASSERT_EQ(718U, entry.leaf_certificate.size());
96 } 97 }
97 98
98 // Test that the embedded SCT verifies 99 // Test that the embedded SCT verifies
99 TEST_F(CTObjectsExtractorTest, ExtractedSCTVerifies) { 100 TEST_F(CTObjectsExtractorTest, ExtractedSCTVerifies) {
100 ct::SignedCertificateTimestamp sct; 101 scoped_refptr<ct::SignedCertificateTimestamp> sct(
102 new ct::SignedCertificateTimestamp());
101 ExtractEmbeddedSCT(precert_chain_[0], &sct); 103 ExtractEmbeddedSCT(precert_chain_[0], &sct);
102 104
103 LogEntry entry; 105 LogEntry entry;
104 ASSERT_TRUE(GetPrecertLogEntry(precert_chain_[0]->os_cert_handle(), 106 ASSERT_TRUE(GetPrecertLogEntry(precert_chain_[0]->os_cert_handle(),
105 precert_chain_[1]->os_cert_handle(), 107 precert_chain_[1]->os_cert_handle(),
106 &entry)); 108 &entry));
107 109
108 EXPECT_TRUE(log_->Verify(entry, sct)); 110 EXPECT_TRUE(log_->Verify(entry, *sct));
109 } 111 }
110 112
111 // Test that an externally-provided SCT verifies over the LogEntry 113 // Test that an externally-provided SCT verifies over the LogEntry
112 // of a regular X.509 Certificate 114 // of a regular X.509 Certificate
113 TEST_F(CTObjectsExtractorTest, ComplementarySCTVerifies) { 115 TEST_F(CTObjectsExtractorTest, ComplementarySCTVerifies) {
114 ct::SignedCertificateTimestamp sct; 116 scoped_refptr<ct::SignedCertificateTimestamp> sct(
117 new ct::SignedCertificateTimestamp());
115 GetX509CertSCT(&sct); 118 GetX509CertSCT(&sct);
116 119
117 LogEntry entry; 120 LogEntry entry;
118 ASSERT_TRUE(GetX509LogEntry(test_cert_->os_cert_handle(), &entry)); 121 ASSERT_TRUE(GetX509LogEntry(test_cert_->os_cert_handle(), &entry));
119 122
120 EXPECT_TRUE(log_->Verify(entry, sct)); 123 EXPECT_TRUE(log_->Verify(entry, *sct));
121 } 124 }
122 125
123 } // namespace ct 126 } // namespace ct
124 127
125 } // namespace net 128 } // namespace net
OLDNEW
« content/public/browser/signed_certificate_timestamp_store.h ('K') | « net/cert/ct_log_verifier_unittest.cc ('k') | net/cert/ct_serialization.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698