Use consistent types for leb128 decoder.
[chromium-blink-merge.git] / net / cert / ct_log_verifier_unittest.cc
blobe2918c9854cfb98e00e31cbd7fee7e6977cd3b00
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ct_log_verifier.h"
7 #include <string>
9 #include "base/time/time.h"
10 #include "net/cert/signed_certificate_timestamp.h"
11 #include "net/cert/signed_tree_head.h"
12 #include "net/test/ct_test_util.h"
13 #include "testing/gtest/include/gtest/gtest.h"
15 namespace net {
17 class CTLogVerifierTest : public ::testing::Test {
18 public:
19 CTLogVerifierTest() {}
21 virtual void SetUp() override {
22 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog").Pass();
24 ASSERT_TRUE(log_);
25 ASSERT_EQ(log_->key_id(), ct::GetTestPublicKeyId());
28 protected:
29 scoped_ptr<CTLogVerifier> log_;
32 TEST_F(CTLogVerifierTest, VerifiesCertSCT) {
33 ct::LogEntry cert_entry;
34 ct::GetX509CertLogEntry(&cert_entry);
36 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
37 ct::GetX509CertSCT(&cert_sct);
39 EXPECT_TRUE(log_->Verify(cert_entry, *cert_sct.get()));
42 TEST_F(CTLogVerifierTest, VerifiesPrecertSCT) {
43 ct::LogEntry precert_entry;
44 ct::GetPrecertLogEntry(&precert_entry);
46 scoped_refptr<ct::SignedCertificateTimestamp> precert_sct;
47 ct::GetPrecertSCT(&precert_sct);
49 EXPECT_TRUE(log_->Verify(precert_entry, *precert_sct.get()));
52 TEST_F(CTLogVerifierTest, FailsInvalidTimestamp) {
53 ct::LogEntry cert_entry;
54 ct::GetX509CertLogEntry(&cert_entry);
56 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
57 ct::GetX509CertSCT(&cert_sct);
59 // Mangle the timestamp, so that it should fail signature validation.
60 cert_sct->timestamp = base::Time::Now();
62 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get()));
65 TEST_F(CTLogVerifierTest, FailsInvalidLogID) {
66 ct::LogEntry cert_entry;
67 ct::GetX509CertLogEntry(&cert_entry);
69 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
70 ct::GetX509CertSCT(&cert_sct);
72 // Mangle the log ID, which should cause it to match a different log before
73 // attempting signature validation.
74 cert_sct->log_id.assign(cert_sct->log_id.size(), '\0');
76 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct.get()));
79 TEST_F(CTLogVerifierTest, SetsValidSTH) {
80 scoped_ptr<ct::SignedTreeHead> sth(new ct::SignedTreeHead());
81 ct::GetSignedTreeHead(sth.get());
82 ASSERT_TRUE(log_->SetSignedTreeHead(sth.Pass()));
85 TEST_F(CTLogVerifierTest, DoesNotSetInvalidSTH) {
86 scoped_ptr<ct::SignedTreeHead> sth(new ct::SignedTreeHead());
87 ct::GetSignedTreeHead(sth.get());
88 sth->sha256_root_hash[0] = '\x0';
89 ASSERT_FALSE(log_->SetSignedTreeHead(sth.Pass()));
92 } // namespace net