search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert of Update WV test license server config to use portable sdk server. (https...
[chromium-blink-merge.git] / net / cert / ct_log_verifier_unittest.cc
blobb94f14a11c2f79fd054761460e20db37988d91e7
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/ct_log_verifier.h"
6
7 #include <string>
8
9 #include "base/time/time.h"
10 #include "net/cert/signed_certificate_timestamp.h"
11 #include "net/test/ct_test_util.h"
12 #include "testing/gtest/include/gtest/gtest.h"
13
14 namespace net {
15
16 class CTLogVerifierTest : public ::testing::Test {
17 public:
18 CTLogVerifierTest() {}
19
20 virtual void SetUp() OVERRIDE {
21 log_ = CTLogVerifier::Create(ct::GetTestPublicKey(), "testlog").Pass();
22
23 ASSERT_TRUE(log_);
24 ASSERT_EQ(log_->key_id(), ct::GetTestPublicKeyId());
25 }
26
27 protected:
28 scoped_ptr<CTLogVerifier> log_;
29 };
30
31 TEST_F(CTLogVerifierTest, VerifiesCertSCT) {
32 ct::LogEntry cert_entry;
33 ct::GetX509CertLogEntry(&cert_entry);
34
35 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
36 ct::GetX509CertSCT(&cert_sct);
37
38 EXPECT_TRUE(log_->Verify(cert_entry, *cert_sct));
39 }
40
41 TEST_F(CTLogVerifierTest, VerifiesPrecertSCT) {
42 ct::LogEntry precert_entry;
43 ct::GetPrecertLogEntry(&precert_entry);
44
45 scoped_refptr<ct::SignedCertificateTimestamp> precert_sct;
46 ct::GetPrecertSCT(&precert_sct);
47
48 EXPECT_TRUE(log_->Verify(precert_entry, *precert_sct));
49 }
50
51 TEST_F(CTLogVerifierTest, FailsInvalidTimestamp) {
52 ct::LogEntry cert_entry;
53 ct::GetX509CertLogEntry(&cert_entry);
54
55 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
56 ct::GetX509CertSCT(&cert_sct);
57
58 // Mangle the timestamp, so that it should fail signature validation.
59 cert_sct->timestamp = base::Time::Now();
60
61 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct));
62 }
63
64 TEST_F(CTLogVerifierTest, FailsInvalidLogID) {
65 ct::LogEntry cert_entry;
66 ct::GetX509CertLogEntry(&cert_entry);
67
68 scoped_refptr<ct::SignedCertificateTimestamp> cert_sct;
69 ct::GetX509CertSCT(&cert_sct);
70
71 // Mangle the log ID, which should cause it to match a different log before
72 // attempting signature validation.
73 cert_sct->log_id.assign(cert_sct->log_id.size(), '\0');
74
75 EXPECT_FALSE(log_->Verify(cert_entry, *cert_sct));
76 }
77
78 } // namespace net