Google Git
Sign in
chromium / chromium / src.git / 6d4b3dc26ce1a7ea4916a53be8f1be8b97e63a70 / . / net / test / ct_test_util.h
blob: a784ca2badc362e76c77ec7aa3fc923c4d6b0a2d [file] [log] [blame]
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
bnc3698b0a02016-12-09 23:36:50[diff] [blame]5#ifndef NET_TEST_CT_TEST_UTIL_H_
6#define NET_TEST_CT_TEST_UTIL_H_
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]7
Avi Drissman13fc8932015-12-20 04:40:46[diff] [blame]8#include <stddef.h>
9#include <stdint.h>
10
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]11#include <string>
eranm77d031bd2015-11-08 08:24:35[diff] [blame]12#include <vector>
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]13
[email protected]df0ef772013-11-22 18:46:29[diff] [blame]14#include "base/memory/ref_counted.h"
eranmd372eb962016-01-25 22:15:33[diff] [blame]15#include "net/cert/signed_certificate_timestamp.h"
eranmdcec9632016-10-10 14:16:10[diff] [blame]16#include "net/cert/signed_certificate_timestamp_and_status.h"
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]17
[email protected]df0ef772013-11-22 18:46:29[diff] [blame]18namespace net {
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]19
20namespace ct {
21
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]22struct DigitallySigned;
robpercival1b173212016-05-10 17:24:38[diff] [blame]23struct MerkleTreeLeaf;
mattme97f8a262017-04-22 02:46:34[diff] [blame]24struct SignedEntryData;
[email protected]93dc8d7c2014-05-12 21:56:33[diff] [blame]25struct SignedTreeHead;
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]26
[email protected]ab6eb562013-11-13 00:18:11[diff] [blame]27// Note: unless specified otherwise, all test data is taken from Certificate
28// Transparency test data repository.
29
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]30// Fills |entry| with test data for an X.509 entry.
mattme97f8a262017-04-22 02:46:34[diff] [blame]31void GetX509CertSignedEntry(SignedEntryData* entry);
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]32
robpercival1b173212016-05-10 17:24:38[diff] [blame]33// Fills |tree_leaf| with test data for an X.509 Merkle tree leaf.
34void GetX509CertTreeLeaf(MerkleTreeLeaf* tree_leaf);
35
[email protected]f5c82e82013-11-19 04:23:10[diff] [blame]36// Returns a DER-encoded X509 cert. The SCT provided by
37// GetX509CertSCT is signed over this certificate.
38std::string GetDerEncodedX509Cert();
39
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]40// Fills |entry| with test data for a Precertificate entry.
mattme97f8a262017-04-22 02:46:34[diff] [blame]41void GetPrecertSignedEntry(SignedEntryData* entry);
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]42
robpercival1b173212016-05-10 17:24:38[diff] [blame]43// Fills |tree_leaf| with test data for a Precertificate Merkle tree leaf.
44void GetPrecertTreeLeaf(MerkleTreeLeaf* tree_leaf);
45
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]46// Returns the binary representation of a test DigitallySigned
47std::string GetTestDigitallySigned();
48
49// Returns the binary representation of a test serialized SCT.
50std::string GetTestSignedCertificateTimestamp();
51
[email protected]ab6eb562013-11-13 00:18:11[diff] [blame]52// Test log key
53std::string GetTestPublicKey();
54
55// ID of test log key
56std::string GetTestPublicKeyId();
57
58// SCT for the X509Certificate provided above.
[email protected]df0ef772013-11-22 18:46:29[diff] [blame]59void GetX509CertSCT(scoped_refptr<SignedCertificateTimestamp>* sct);
[email protected]ab6eb562013-11-13 00:18:11[diff] [blame]60
61// SCT for the Precertificate log entry provided above.
[email protected]df0ef772013-11-22 18:46:29[diff] [blame]62void GetPrecertSCT(scoped_refptr<SignedCertificateTimestamp>* sct);
[email protected]ab6eb562013-11-13 00:18:11[diff] [blame]63
[email protected]f5c82e82013-11-19 04:23:10[diff] [blame]64// Issuer key hash
65std::string GetDefaultIssuerKeyHash();
66
[email protected]c9feb5f2013-12-17 00:25:51[diff] [blame]67// Fake OCSP response with an embedded SCT list.
68std::string GetDerEncodedFakeOCSPResponse();
69
70// The SCT list embedded in the response above.
71std::string GetFakeOCSPExtensionValue();
72
73// The cert the OCSP response is for.
74std::string GetDerEncodedFakeOCSPResponseCert();
75
76// The issuer of the previous cert.
77std::string GetDerEncodedFakeOCSPResponseIssuerCert();
78
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]79// A sample, valid STH.
eranmf4181c9a2016-01-13 17:09:25[diff] [blame]80bool GetSampleSignedTreeHead(SignedTreeHead* sth);
[email protected]93dc8d7c2014-05-12 21:56:33[diff] [blame]81
eranm57259e072016-01-12 16:00:48[diff] [blame]82// A valid STH for the empty tree.
eranmf4181c9a2016-01-13 17:09:25[diff] [blame]83bool GetSampleEmptySignedTreeHead(SignedTreeHead* sth);
eranm57259e072016-01-12 16:00:48[diff] [blame]84
85// An STH for an empty tree where the root hash is not the hash of the empty
86// string, but the signature over the STH is valid. Such an STH is not valid
87// according to RFC6962.
eranmf4181c9a2016-01-13 17:09:25[diff] [blame]88bool GetBadEmptySignedTreeHead(SignedTreeHead* sth);
eranm57259e072016-01-12 16:00:48[diff] [blame]89
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]90// The SHA256 root hash for the sample STH.
[email protected]93dc8d7c2014-05-12 21:56:33[diff] [blame]91std::string GetSampleSTHSHA256RootHash();
92
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]93// The tree head signature for the sample STH.
94std::string GetSampleSTHTreeHeadSignature();
95
96// The same signature as GetSampleSTHTreeHeadSignature, decoded.
eranmf4181c9a2016-01-13 17:09:25[diff] [blame]97bool GetSampleSTHTreeHeadDecodedSignature(DigitallySigned* signature);
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]98
99// The sample STH in JSON form.
100std::string GetSampleSTHAsJson();
101
102// Assembles, and returns, a sample STH in JSON format using
103// the provided parameters.
104std::string CreateSignedTreeHeadJsonString(size_t tree_size,
eranmfe2986e2015-07-15 23:17:25[diff] [blame]105 int64_t timestamp,
eranmb9cf4fa2015-07-10 08:36:22[diff] [blame]106 std::string sha256_root_hash,
107 std::string tree_head_signature);
108
eranm77d031bd2015-11-08 08:24:35[diff] [blame]109// Assembles, and returns, a sample consistency proof in JSON format using
110// the provided raw nodes (i.e. the raw nodes will be base64-encoded).
111std::string CreateConsistencyProofJsonString(
112 const std::vector<std::string>& raw_nodes);
eranmd372eb962016-01-25 22:15:33[diff] [blame]113
114// Returns SCTList for testing.
115std::string GetSCTListForTesting();
116
117// Returns a corrupted SCTList. This is done by changing a byte inside the
118// Log ID part of the SCT so it does not match the log used in the tests.
119std::string GetSCTListWithInvalidSCT();
120
121// Returns true if |log_description| is in the |result|'s |verified_scts| and
122// number of |verified_scts| in |result| is equal to 1.
eranmdcec9632016-10-10 14:16:10[diff] [blame]123bool CheckForSingleVerifiedSCTInResult(
124 const SignedCertificateTimestampAndStatusList& scts,
125 const std::string& log_description);
eranmd372eb962016-01-25 22:15:33[diff] [blame]126
127// Returns true if |origin| is in the |result|'s |verified_scts|.
eranmdcec9632016-10-10 14:16:10[diff] [blame]128bool CheckForSCTOrigin(const SignedCertificateTimestampAndStatusList& scts,
eranmd372eb962016-01-25 22:15:33[diff] [blame]129 SignedCertificateTimestamp::Origin origin);
130
[email protected]95ac16b2013-11-01 01:42:03[diff] [blame]131} // namespace ct
132
133} // namespace net
134
bnc3698b0a02016-12-09 23:36:50[diff] [blame]135#endif // NET_TEST_CT_TEST_UTIL_H_