OLD | NEW |
| (Empty) |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "chrome/browser/net/packed_ct_ev_whitelist.h" | |
6 | |
7 #include <algorithm> | |
8 #include <string> | |
9 | |
10 #include "base/big_endian.h" | |
11 #include "testing/gtest/include/gtest/gtest.h" | |
12 | |
13 namespace { | |
14 | |
15 const uint8_t kFirstHashRaw[] = | |
16 {0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb}; | |
17 std::string GetFirstHash() { | |
18 return std::string(reinterpret_cast<const char*>(kFirstHashRaw), 8); | |
19 } | |
20 | |
21 // Second hash: Diff from first hash is > 2^47 | |
22 const uint8_t kSecondHashRaw[] = | |
23 {0x00, 0x01, 0x05, 0xd2, 0x58, 0x47, 0xa7, 0xbf}; | |
24 std::string GetSecondHash() { | |
25 return std::string(reinterpret_cast<const char*>(kSecondHashRaw), 8); | |
26 } | |
27 | |
28 // Third hash: Diff from 2nd hash is < 2^47 | |
29 const uint8_t kThirdHashRaw[] = | |
30 {0x00, 0x01, 0x48, 0x45, 0x8c, 0x53, 0x03, 0x94}; | |
31 std::string GetThirdHash() { | |
32 return std::string(reinterpret_cast<const char*>(kThirdHashRaw), 8); | |
33 } | |
34 | |
35 uint64_t HashToUint64(const std::string& hash_str) { | |
36 uint64_t ret; | |
37 base::ReadBigEndian(hash_str.c_str(), &ret); | |
38 return ret; | |
39 } | |
40 | |
41 const uint8_t kWhitelistData[] = { | |
42 0x00, 0x00, 0x03, 0xd7, 0xfc, 0x18, 0x02, 0xcb, // First hash | |
43 0xc0, 0x7e, 0x97, 0x0b, 0xe9, 0x3d, 0x10, 0x9c, | |
44 0xcd, 0x02, 0xd6, 0xf5, 0x40, | |
45 }; | |
46 | |
47 std::string GetPartialWhitelistData(uint8_t num_bytes) { | |
48 return std::string(reinterpret_cast<const char*>(kWhitelistData), num_bytes); | |
49 } | |
50 | |
51 std::string GetAllWhitelistData() { | |
52 return GetPartialWhitelistData(arraysize(kWhitelistData)); | |
53 } | |
54 | |
55 } // namespace | |
56 | |
57 TEST(PackedEVCertsWhitelistTest, UncompressFailsForTooShortList) { | |
58 // This list does not contain enough bytes even for the first hash. | |
59 std::vector<uint64_t> res; | |
60 EXPECT_FALSE(PackedEVCertsWhitelist::UncompressEVWhitelist( | |
61 std::string(reinterpret_cast<const char*>(kWhitelistData), 7), &res)); | |
62 } | |
63 | |
64 TEST(PackedEVCertsWhitelistTest, UncompressFailsForTruncatedList) { | |
65 // This list is missing bits for the second part of the diff. | |
66 std::vector<uint64_t> res; | |
67 EXPECT_FALSE(PackedEVCertsWhitelist::UncompressEVWhitelist( | |
68 std::string(reinterpret_cast<const char*>(kWhitelistData), 14), &res)); | |
69 } | |
70 | |
71 TEST(PackedEVCertsWhitelistTest, UncompressFailsForInvalidValuesInList) { | |
72 // A list with an invalid read_prefix value is the number 131072, unary | |
73 // encoded, after the fist 8 bytes of a valid hash. | |
74 // That translates to 16385 0xff bytes. | |
75 // To make the hash otherwise valid, append 6 bytes of r value. | |
76 const int num_ff_bytes = 16385; | |
77 const int total_size = 8 + num_ff_bytes + 7; | |
78 uint8_t* invalid_whitelist = new uint8_t[total_size]; | |
79 invalid_whitelist[total_size - 1] = '\0'; | |
80 // Valid first hash. | |
81 memcpy(reinterpret_cast<char*>(invalid_whitelist), | |
82 reinterpret_cast<const char*>(kWhitelistData), | |
83 8 * sizeof(char)); | |
84 // 0xff 16385 times. | |
85 for (int i = 0; i < num_ff_bytes; i++) { | |
86 invalid_whitelist[8 + i] = 0xff; | |
87 } | |
88 // Valid r value (any 6 bytes will do). | |
89 memcpy(reinterpret_cast<char*>(invalid_whitelist + 8 + num_ff_bytes), | |
90 reinterpret_cast<const char*>(kWhitelistData), | |
91 6 * sizeof(char)); | |
92 | |
93 std::vector<uint64_t> res; | |
94 EXPECT_FALSE(PackedEVCertsWhitelist::UncompressEVWhitelist( | |
95 std::string(reinterpret_cast<const char*>(invalid_whitelist), | |
96 total_size - 1), | |
97 &res)); | |
98 delete[] invalid_whitelist; | |
99 } | |
100 | |
101 TEST(PackedEVCertsWhitelistTest, UncompressesWhitelistCorrectly) { | |
102 std::vector<uint64_t> res; | |
103 ASSERT_TRUE(PackedEVCertsWhitelist::UncompressEVWhitelist( | |
104 GetAllWhitelistData(), &res)); | |
105 | |
106 // Ensure first hash is found | |
107 EXPECT_TRUE(std::find(res.begin(), res.end(), HashToUint64(GetFirstHash())) != | |
108 res.end()); | |
109 // Ensure second hash is found | |
110 EXPECT_TRUE(std::find(res.begin(), | |
111 res.end(), | |
112 HashToUint64(GetSecondHash())) != res.end()); | |
113 // Ensure last hash is found | |
114 EXPECT_TRUE(std::find(res.begin(), res.end(), HashToUint64(GetThirdHash())) != | |
115 res.end()); | |
116 // Ensure that there are exactly 3 hashes. | |
117 EXPECT_EQ(3u, res.size()); | |
118 } | |
119 | |
120 TEST(PackedEVCertsWhitelistTest, CanFindHashInSetList) { | |
121 scoped_refptr<PackedEVCertsWhitelist> whitelist( | |
122 new PackedEVCertsWhitelist(GetAllWhitelistData())); | |
123 | |
124 EXPECT_TRUE(whitelist->IsValid()); | |
125 EXPECT_TRUE(whitelist->ContainsCertificateHash(GetFirstHash())); | |
126 EXPECT_TRUE(whitelist->ContainsCertificateHash(GetSecondHash())); | |
127 EXPECT_TRUE(whitelist->ContainsCertificateHash(GetThirdHash())); | |
128 } | |
129 | |
130 TEST(PackedEVCertsWhitelistTest, CorrectlyIdentifiesEmptyWhitelistIsInvalid) { | |
131 scoped_refptr<PackedEVCertsWhitelist> whitelist( | |
132 new PackedEVCertsWhitelist("")); | |
133 | |
134 EXPECT_FALSE(whitelist->IsValid()); | |
135 } | |
136 | |
137 TEST(PackedEVCertsWhitelistTest, CorrectlyIdentifiesPartialWhitelistIsInvalid) { | |
138 scoped_refptr<PackedEVCertsWhitelist> whitelist( | |
139 new PackedEVCertsWhitelist(GetPartialWhitelistData(14))); | |
140 | |
141 EXPECT_FALSE(whitelist->IsValid()); | |
142 } | |
143 | |
144 TEST(PackedEVCertsWhitelistTest, CorrectlyIdentifiesWhitelistIsValid) { | |
145 scoped_refptr<PackedEVCertsWhitelist> whitelist( | |
146 new PackedEVCertsWhitelist(GetAllWhitelistData())); | |
147 | |
148 EXPECT_TRUE(whitelist->IsValid()); | |
149 } | |
OLD | NEW |