forked from chromium/chromium
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathct_test_util.h
135 lines (95 loc) · 4.41 KB
/
ct_test_util.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_TEST_CT_TEST_UTIL_H_
#define NET_TEST_CT_TEST_UTIL_H_
#include <stddef.h>
#include <stdint.h>
#include <string>
#include <vector>
#include "base/memory/ref_counted.h"
#include "net/cert/signed_certificate_timestamp.h"
#include "net/cert/signed_certificate_timestamp_and_status.h"
namespace net {
namespace ct {
struct DigitallySigned;
struct MerkleTreeLeaf;
struct SignedEntryData;
struct SignedTreeHead;
// Note: unless specified otherwise, all test data is taken from Certificate
// Transparency test data repository.
// Fills |entry| with test data for an X.509 entry.
void GetX509CertSignedEntry(SignedEntryData* entry);
// Fills |tree_leaf| with test data for an X.509 Merkle tree leaf.
void GetX509CertTreeLeaf(MerkleTreeLeaf* tree_leaf);
// Returns a DER-encoded X509 cert. The SCT provided by
// GetX509CertSCT is signed over this certificate.
std::string GetDerEncodedX509Cert();
// Fills |entry| with test data for a Precertificate entry.
void GetPrecertSignedEntry(SignedEntryData* entry);
// Fills |tree_leaf| with test data for a Precertificate Merkle tree leaf.
void GetPrecertTreeLeaf(MerkleTreeLeaf* tree_leaf);
// Returns the binary representation of a test DigitallySigned
std::string GetTestDigitallySigned();
// Returns the binary representation of a test serialized SCT.
std::string GetTestSignedCertificateTimestamp();
// Test log key
std::string GetTestPublicKey();
// ID of test log key
std::string GetTestPublicKeyId();
// SCT for the X509Certificate provided above.
void GetX509CertSCT(scoped_refptr<SignedCertificateTimestamp>* sct);
// SCT for the Precertificate log entry provided above.
void GetPrecertSCT(scoped_refptr<SignedCertificateTimestamp>* sct);
// Issuer key hash
std::string GetDefaultIssuerKeyHash();
// Fake OCSP response with an embedded SCT list.
std::string GetDerEncodedFakeOCSPResponse();
// The SCT list embedded in the response above.
std::string GetFakeOCSPExtensionValue();
// The cert the OCSP response is for.
std::string GetDerEncodedFakeOCSPResponseCert();
// The issuer of the previous cert.
std::string GetDerEncodedFakeOCSPResponseIssuerCert();
// A sample, valid STH.
bool GetSampleSignedTreeHead(SignedTreeHead* sth);
// A valid STH for the empty tree.
bool GetSampleEmptySignedTreeHead(SignedTreeHead* sth);
// An STH for an empty tree where the root hash is not the hash of the empty
// string, but the signature over the STH is valid. Such an STH is not valid
// according to RFC6962.
bool GetBadEmptySignedTreeHead(SignedTreeHead* sth);
// The SHA256 root hash for the sample STH.
std::string GetSampleSTHSHA256RootHash();
// The tree head signature for the sample STH.
std::string GetSampleSTHTreeHeadSignature();
// The same signature as GetSampleSTHTreeHeadSignature, decoded.
bool GetSampleSTHTreeHeadDecodedSignature(DigitallySigned* signature);
// The sample STH in JSON form.
std::string GetSampleSTHAsJson();
// Assembles, and returns, a sample STH in JSON format using
// the provided parameters.
std::string CreateSignedTreeHeadJsonString(size_t tree_size,
int64_t timestamp,
std::string sha256_root_hash,
std::string tree_head_signature);
// Assembles, and returns, a sample consistency proof in JSON format using
// the provided raw nodes (i.e. the raw nodes will be base64-encoded).
std::string CreateConsistencyProofJsonString(
const std::vector<std::string>& raw_nodes);
// Returns SCTList for testing.
std::string GetSCTListForTesting();
// Returns a corrupted SCTList. This is done by changing a byte inside the
// Log ID part of the SCT so it does not match the log used in the tests.
std::string GetSCTListWithInvalidSCT();
// Returns true if |log_description| is in the |result|'s |verified_scts| and
// number of |verified_scts| in |result| is equal to 1.
bool CheckForSingleVerifiedSCTInResult(
const SignedCertificateTimestampAndStatusList& scts,
const std::string& log_description);
// Returns true if |origin| is in the |result|'s |verified_scts|.
bool CheckForSCTOrigin(const SignedCertificateTimestampAndStatusList& scts,
SignedCertificateTimestamp::Origin origin);
} // namespace ct
} // namespace net
#endif // NET_TEST_CT_TEST_UTIL_H_