| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/cert/ct_serialization.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/files/file_path.h" | |
| 10 #include "base/files/file_util.h" | |
| 11 #include "net/base/net_log.h" | |
| 12 #include "net/base/test_completion_callback.h" | |
| 13 #include "net/base/test_data_directory.h" | |
| 14 #include "net/cert/x509_certificate.h" | |
| 15 #include "net/test/cert_test_util.h" | |
| 16 #include "net/test/ct_test_util.h" | |
| 17 #include "testing/gtest/include/gtest/gtest.h" | |
| 18 | |
| 19 namespace net { | |
| 20 | |
| 21 class CtSerializationTest : public ::testing::Test { | |
| 22 public: | |
| 23 void SetUp() override { | |
| 24 test_digitally_signed_ = ct::GetTestDigitallySigned(); | |
| 25 } | |
| 26 | |
| 27 protected: | |
| 28 std::string test_digitally_signed_; | |
| 29 }; | |
| 30 | |
| 31 TEST_F(CtSerializationTest, DecodesDigitallySigned) { | |
| 32 base::StringPiece digitally_signed(test_digitally_signed_); | |
| 33 ct::DigitallySigned parsed; | |
| 34 | |
| 35 ASSERT_TRUE(ct::DecodeDigitallySigned(&digitally_signed, &parsed)); | |
| 36 EXPECT_EQ( | |
| 37 ct::DigitallySigned::HASH_ALGO_SHA256, | |
| 38 parsed.hash_algorithm); | |
| 39 | |
| 40 EXPECT_EQ( | |
| 41 ct::DigitallySigned::SIG_ALGO_ECDSA, | |
| 42 parsed.signature_algorithm); | |
| 43 | |
| 44 // The encoded data contains the signature itself from the 4th byte. | |
| 45 // The first bytes are: | |
| 46 // 1 byte of hash algorithm | |
| 47 // 1 byte of signature algorithm | |
| 48 // 2 bytes - prefix containing length of the signature data. | |
| 49 EXPECT_EQ( | |
| 50 test_digitally_signed_.substr(4), | |
| 51 parsed.signature_data); | |
| 52 } | |
| 53 | |
| 54 | |
| 55 TEST_F(CtSerializationTest, FailsToDecodePartialDigitallySigned) { | |
| 56 base::StringPiece digitally_signed(test_digitally_signed_); | |
| 57 base::StringPiece partial_digitally_signed( | |
| 58 digitally_signed.substr(0, test_digitally_signed_.size() - 5)); | |
| 59 ct::DigitallySigned parsed; | |
| 60 | |
| 61 ASSERT_FALSE(ct::DecodeDigitallySigned(&partial_digitally_signed, &parsed)); | |
| 62 } | |
| 63 | |
| 64 | |
| 65 TEST_F(CtSerializationTest, EncodesDigitallySigned) { | |
| 66 ct::DigitallySigned digitally_signed; | |
| 67 digitally_signed.hash_algorithm = ct::DigitallySigned::HASH_ALGO_SHA256; | |
| 68 digitally_signed.signature_algorithm = ct::DigitallySigned::SIG_ALGO_ECDSA; | |
| 69 digitally_signed.signature_data = test_digitally_signed_.substr(4); | |
| 70 | |
| 71 std::string encoded; | |
| 72 | |
| 73 ASSERT_TRUE(ct::EncodeDigitallySigned(digitally_signed, &encoded)); | |
| 74 EXPECT_EQ(test_digitally_signed_, encoded); | |
| 75 } | |
| 76 | |
| 77 | |
| 78 TEST_F(CtSerializationTest, EncodesLogEntryForX509Cert) { | |
| 79 ct::LogEntry entry; | |
| 80 GetX509CertLogEntry(&entry); | |
| 81 | |
| 82 std::string encoded; | |
| 83 ASSERT_TRUE(ct::EncodeLogEntry(entry, &encoded)); | |
| 84 EXPECT_EQ((718U + 5U), encoded.size()); | |
| 85 // First two bytes are log entry type. Next, length: | |
| 86 // Length is 718 which is 512 + 206, which is 0x2ce | |
| 87 std::string expected_prefix("\0\0\0\x2\xCE", 5); | |
| 88 // Note we use std::string comparison rather than ASSERT_STREQ due | |
| 89 // to null characters in the buffer. | |
| 90 EXPECT_EQ(expected_prefix, encoded.substr(0, 5)); | |
| 91 } | |
| 92 | |
| 93 TEST_F(CtSerializationTest, EncodesV1SCTSignedData) { | |
| 94 base::Time timestamp = base::Time::UnixEpoch() + | |
| 95 base::TimeDelta::FromMilliseconds(1348589665525); | |
| 96 std::string dummy_entry("abc"); | |
| 97 std::string empty_extensions; | |
| 98 // For now, no known failure cases. | |
| 99 std::string encoded; | |
| 100 ASSERT_TRUE(ct::EncodeV1SCTSignedData( | |
| 101 timestamp, | |
| 102 dummy_entry, | |
| 103 empty_extensions, | |
| 104 &encoded)); | |
| 105 EXPECT_EQ((size_t) 15, encoded.size()); | |
| 106 // Byte 0 is version, byte 1 is signature type | |
| 107 // Bytes 2-10 are timestamp | |
| 108 // Bytes 11-14 are the log signature | |
| 109 // Byte 15 is the empty extension | |
| 110 //EXPECT_EQ(0, timestamp.ToTimeT()); | |
| 111 std::string expected_buffer( | |
| 112 "\x0\x0\x0\x0\x1\x39\xFE\x35\x3C\xF5\x61\x62\x63\x0\x0", 15); | |
| 113 EXPECT_EQ(expected_buffer, encoded); | |
| 114 } | |
| 115 | |
| 116 TEST_F(CtSerializationTest, DecodesSCTList) { | |
| 117 // Two items in the list: "abc", "def" | |
| 118 base::StringPiece encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x3\x64\x65\x66", 12); | |
| 119 std::vector<base::StringPiece> decoded; | |
| 120 | |
| 121 ASSERT_TRUE(ct::DecodeSCTList(&encoded, &decoded)); | |
| 122 ASSERT_STREQ("abc", decoded[0].data()); | |
| 123 ASSERT_STREQ("def", decoded[1].data()); | |
| 124 } | |
| 125 | |
| 126 TEST_F(CtSerializationTest, FailsDecodingInvalidSCTList) { | |
| 127 // A list with one item that's too short | |
| 128 base::StringPiece encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x5\x64\x65\x66", 12); | |
| 129 std::vector<base::StringPiece> decoded; | |
| 130 | |
| 131 ASSERT_FALSE(ct::DecodeSCTList(&encoded, &decoded)); | |
| 132 } | |
| 133 | |
| 134 TEST_F(CtSerializationTest, DecodesSignedCertificateTimestamp) { | |
| 135 std::string encoded_test_sct(ct::GetTestSignedCertificateTimestamp()); | |
| 136 base::StringPiece encoded_sct(encoded_test_sct); | |
| 137 | |
| 138 scoped_refptr<ct::SignedCertificateTimestamp> sct; | |
| 139 ASSERT_TRUE(ct::DecodeSignedCertificateTimestamp(&encoded_sct, &sct)); | |
| 140 EXPECT_EQ(0, sct->version); | |
| 141 EXPECT_EQ(ct::GetTestPublicKeyId(), sct->log_id); | |
| 142 base::Time expected_time = base::Time::UnixEpoch() + | |
| 143 base::TimeDelta::FromMilliseconds(1365181456089); | |
| 144 EXPECT_EQ(expected_time, sct->timestamp); | |
| 145 // Subtracting 4 bytes for signature data (hash & sig algs), | |
| 146 // actual signature data should be 71 bytes. | |
| 147 EXPECT_EQ((size_t) 71, sct->signature.signature_data.size()); | |
| 148 EXPECT_TRUE(sct->extensions.empty()); | |
| 149 } | |
| 150 | |
| 151 TEST_F(CtSerializationTest, FailsDecodingInvalidSignedCertificateTimestamp) { | |
| 152 // Invalid version | |
| 153 base::StringPiece invalid_version_sct("\x2\x0", 2); | |
| 154 scoped_refptr<ct::SignedCertificateTimestamp> sct; | |
| 155 | |
| 156 ASSERT_FALSE( | |
| 157 ct::DecodeSignedCertificateTimestamp(&invalid_version_sct, &sct)); | |
| 158 | |
| 159 // Valid version, invalid length (missing data) | |
| 160 base::StringPiece invalid_length_sct("\x0\xa\xb\xc", 4); | |
| 161 ASSERT_FALSE( | |
| 162 ct::DecodeSignedCertificateTimestamp(&invalid_length_sct, &sct)); | |
| 163 } | |
| 164 | |
| 165 TEST_F(CtSerializationTest, EncodesValidSignedTreeHead) { | |
| 166 ct::SignedTreeHead signed_tree_head; | |
| 167 GetSignedTreeHead(&signed_tree_head); | |
| 168 | |
| 169 std::string encoded; | |
| 170 ct::EncodeTreeHeadSignature(signed_tree_head, &encoded); | |
| 171 // Expected size is 50 bytes: | |
| 172 // Byte 0 is version, byte 1 is signature type | |
| 173 // Bytes 2-9 are timestamp | |
| 174 // Bytes 10-17 are tree size | |
| 175 // Bytes 18-49 are sha256 root hash | |
| 176 ASSERT_EQ(50u, encoded.length()); | |
| 177 std::string expected_buffer( | |
| 178 "\x0\x1\x0\x0\x1\x45\x3c\x5f\xb8\x35\x0\x0\x0\x0\x0\x0\x0\x15", 18); | |
| 179 expected_buffer.append(ct::GetSampleSTHSHA256RootHash()); | |
| 180 ASSERT_EQ(expected_buffer, encoded); | |
| 181 } | |
| 182 | |
| 183 } // namespace net | |
| 184 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master