1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/ct_serialization.h"
6
7 #include <string>
8
9 #include "base/files/file_path.h"
10 #include "base/files/file_util.h"
11 #include "net/base/test_completion_callback.h"
12 #include "net/cert/merkle_tree_leaf.h"
13 #include "net/cert/signed_certificate_timestamp.h"
14 #include "net/cert/signed_tree_head.h"
15 #include "net/cert/x509_certificate.h"
16 #include "net/test/cert_test_util.h"
17 #include "net/test/ct_test_util.h"
18 #include "net/test/test_data_directory.h"
19 #include "testing/gmock/include/gmock/gmock.h"
20 #include "testing/gtest/include/gtest/gtest.h"
21
22 using ::testing::ElementsAreArray;
23
24 namespace net {
25
26 class CtSerializationTest : public ::testing::Test {
27 public:
SetUp()28 void SetUp() override {
29 test_digitally_signed_ = ct::GetTestDigitallySigned();
30 }
31
32 protected:
33 std::string test_digitally_signed_;
34 };
35
TEST_F(CtSerializationTest,DecodesDigitallySigned)36 TEST_F(CtSerializationTest, DecodesDigitallySigned) {
37 base::StringPiece digitally_signed(test_digitally_signed_);
38 ct::DigitallySigned parsed;
39
40 ASSERT_TRUE(ct::DecodeDigitallySigned(&digitally_signed, &parsed));
41 EXPECT_EQ(
42 ct::DigitallySigned::HASH_ALGO_SHA256,
43 parsed.hash_algorithm);
44
45 EXPECT_EQ(
46 ct::DigitallySigned::SIG_ALGO_ECDSA,
47 parsed.signature_algorithm);
48
49 // The encoded data contains the signature itself from the 4th byte.
50 // The first bytes are:
51 // 1 byte of hash algorithm
52 // 1 byte of signature algorithm
53 // 2 bytes - prefix containing length of the signature data.
54 EXPECT_EQ(
55 test_digitally_signed_.substr(4),
56 parsed.signature_data);
57 }
58
59
TEST_F(CtSerializationTest,FailsToDecodePartialDigitallySigned)60 TEST_F(CtSerializationTest, FailsToDecodePartialDigitallySigned) {
61 base::StringPiece digitally_signed(test_digitally_signed_);
62 base::StringPiece partial_digitally_signed(
63 digitally_signed.substr(0, test_digitally_signed_.size() - 5));
64 ct::DigitallySigned parsed;
65
66 ASSERT_FALSE(ct::DecodeDigitallySigned(&partial_digitally_signed, &parsed));
67 }
68
69
TEST_F(CtSerializationTest,EncodesDigitallySigned)70 TEST_F(CtSerializationTest, EncodesDigitallySigned) {
71 ct::DigitallySigned digitally_signed;
72 digitally_signed.hash_algorithm = ct::DigitallySigned::HASH_ALGO_SHA256;
73 digitally_signed.signature_algorithm = ct::DigitallySigned::SIG_ALGO_ECDSA;
74 digitally_signed.signature_data = test_digitally_signed_.substr(4);
75
76 std::string encoded;
77
78 ASSERT_TRUE(ct::EncodeDigitallySigned(digitally_signed, &encoded));
79 EXPECT_EQ(test_digitally_signed_, encoded);
80 }
81
TEST_F(CtSerializationTest,EncodesSignedEntryForX509Cert)82 TEST_F(CtSerializationTest, EncodesSignedEntryForX509Cert) {
83 ct::SignedEntryData entry;
84 ct::GetX509CertSignedEntry(&entry);
85
86 std::string encoded;
87 ASSERT_TRUE(ct::EncodeSignedEntry(entry, &encoded));
88 EXPECT_EQ((718U + 5U), encoded.size());
89 // First two bytes are log entry type. Next, length:
90 // Length is 718 which is 512 + 206, which is 0x2ce
91 std::string expected_prefix("\0\0\0\x2\xCE", 5);
92 // Note we use std::string comparison rather than ASSERT_STREQ due
93 // to null characters in the buffer.
94 EXPECT_EQ(expected_prefix, encoded.substr(0, 5));
95 }
96
TEST_F(CtSerializationTest,EncodesSignedEntryForPrecert)97 TEST_F(CtSerializationTest, EncodesSignedEntryForPrecert) {
98 ct::SignedEntryData entry;
99 ct::GetPrecertSignedEntry(&entry);
100
101 std::string encoded;
102 ASSERT_TRUE(ct::EncodeSignedEntry(entry, &encoded));
103 EXPECT_EQ(604u, encoded.size());
104 // First two bytes are the log entry type.
105 EXPECT_EQ(std::string("\x00\x01", 2), encoded.substr(0, 2));
106 // Next comes the 32-byte issuer key hash
107 EXPECT_THAT(encoded.substr(2, 32),
108 ElementsAreArray(entry.issuer_key_hash.data));
109 // Then the length of the TBS cert (604 bytes = 0x237)
110 EXPECT_EQ(std::string("\x00\x02\x37", 3), encoded.substr(34, 3));
111 // Then the TBS cert itself
112 EXPECT_EQ(entry.tbs_certificate, encoded.substr(37));
113 }
114
TEST_F(CtSerializationTest,EncodesV1SCTSignedData)115 TEST_F(CtSerializationTest, EncodesV1SCTSignedData) {
116 base::Time timestamp =
117 base::Time::UnixEpoch() + base::Milliseconds(1348589665525);
118 std::string dummy_entry("abc");
119 std::string empty_extensions;
120 // For now, no known failure cases.
121 std::string encoded;
122 ASSERT_TRUE(ct::EncodeV1SCTSignedData(
123 timestamp,
124 dummy_entry,
125 empty_extensions,
126 &encoded));
127 EXPECT_EQ((size_t) 15, encoded.size());
128 // Byte 0 is version, byte 1 is signature type
129 // Bytes 2-10 are timestamp
130 // Bytes 11-14 are the log signature
131 // Byte 15 is the empty extension
132 //EXPECT_EQ(0, timestamp.ToTimeT());
133 std::string expected_buffer(
134 "\x0\x0\x0\x0\x1\x39\xFE\x35\x3C\xF5\x61\x62\x63\x0\x0", 15);
135 EXPECT_EQ(expected_buffer, encoded);
136 }
137
TEST_F(CtSerializationTest,DecodesSCTList)138 TEST_F(CtSerializationTest, DecodesSCTList) {
139 // Two items in the list: "abc", "def"
140 base::StringPiece encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x3\x64\x65\x66", 12);
141 std::vector<base::StringPiece> decoded;
142
143 ASSERT_TRUE(ct::DecodeSCTList(encoded, &decoded));
144 ASSERT_STREQ("abc", decoded[0].data());
145 ASSERT_STREQ("def", decoded[1].data());
146 }
147
TEST_F(CtSerializationTest,FailsDecodingInvalidSCTList)148 TEST_F(CtSerializationTest, FailsDecodingInvalidSCTList) {
149 // A list with one item that's too short
150 base::StringPiece encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x5\x64\x65\x66", 12);
151 std::vector<base::StringPiece> decoded;
152
153 ASSERT_FALSE(ct::DecodeSCTList(encoded, &decoded));
154 }
155
TEST_F(CtSerializationTest,EncodeSignedCertificateTimestamp)156 TEST_F(CtSerializationTest, EncodeSignedCertificateTimestamp) {
157 std::string encoded_test_sct(ct::GetTestSignedCertificateTimestamp());
158 base::StringPiece encoded_sct(encoded_test_sct);
159
160 scoped_refptr<ct::SignedCertificateTimestamp> sct;
161 ASSERT_TRUE(ct::DecodeSignedCertificateTimestamp(&encoded_sct, &sct));
162
163 std::string serialized;
164 ASSERT_TRUE(ct::EncodeSignedCertificateTimestamp(sct, &serialized));
165 EXPECT_EQ(serialized, encoded_test_sct);
166 }
167
TEST_F(CtSerializationTest,DecodesSignedCertificateTimestamp)168 TEST_F(CtSerializationTest, DecodesSignedCertificateTimestamp) {
169 std::string encoded_test_sct(ct::GetTestSignedCertificateTimestamp());
170 base::StringPiece encoded_sct(encoded_test_sct);
171
172 scoped_refptr<ct::SignedCertificateTimestamp> sct;
173 ASSERT_TRUE(ct::DecodeSignedCertificateTimestamp(&encoded_sct, &sct));
174 EXPECT_EQ(0, sct->version);
175 EXPECT_EQ(ct::GetTestPublicKeyId(), sct->log_id);
176 base::Time expected_time =
177 base::Time::UnixEpoch() + base::Milliseconds(1365181456089);
178 EXPECT_EQ(expected_time, sct->timestamp);
179 // Subtracting 4 bytes for signature data (hash & sig algs),
180 // actual signature data should be 71 bytes.
181 EXPECT_EQ((size_t) 71, sct->signature.signature_data.size());
182 EXPECT_TRUE(sct->extensions.empty());
183 }
184
TEST_F(CtSerializationTest,FailsDecodingInvalidSignedCertificateTimestamp)185 TEST_F(CtSerializationTest, FailsDecodingInvalidSignedCertificateTimestamp) {
186 // Invalid version
187 base::StringPiece invalid_version_sct("\x2\x0", 2);
188 scoped_refptr<ct::SignedCertificateTimestamp> sct;
189
190 ASSERT_FALSE(
191 ct::DecodeSignedCertificateTimestamp(&invalid_version_sct, &sct));
192
193 // Valid version, invalid length (missing data)
194 base::StringPiece invalid_length_sct("\x0\xa\xb\xc", 4);
195 ASSERT_FALSE(
196 ct::DecodeSignedCertificateTimestamp(&invalid_length_sct, &sct));
197 }
198
TEST_F(CtSerializationTest,EncodesMerkleTreeLeafForX509Cert)199 TEST_F(CtSerializationTest, EncodesMerkleTreeLeafForX509Cert) {
200 ct::MerkleTreeLeaf tree_leaf;
201 ct::GetX509CertTreeLeaf(&tree_leaf);
202
203 std::string encoded;
204 ASSERT_TRUE(ct::EncodeTreeLeaf(tree_leaf, &encoded));
205 EXPECT_EQ(741u, encoded.size()) << "Merkle tree leaf encoded incorrectly";
206 EXPECT_EQ(std::string("\x00", 1), encoded.substr(0, 1)) <<
207 "Version encoded incorrectly";
208 EXPECT_EQ(std::string("\x00", 1), encoded.substr(1, 1)) <<
209 "Merkle tree leaf type encoded incorrectly";
210 EXPECT_EQ(std::string("\x00\x00\x01\x45\x3c\x5f\xb8\x35", 8),
211 encoded.substr(2, 8)) <<
212 "Timestamp encoded incorrectly";
213 EXPECT_EQ(std::string("\x00\x00", 2), encoded.substr(10, 2)) <<
214 "Log entry type encoded incorrectly";
215 EXPECT_EQ(std::string("\x00\x02\xce", 3), encoded.substr(12, 3)) <<
216 "Certificate length encoded incorrectly";
217 EXPECT_EQ(tree_leaf.signed_entry.leaf_certificate, encoded.substr(15, 718))
218 << "Certificate encoded incorrectly";
219 EXPECT_EQ(std::string("\x00\x06", 2), encoded.substr(733, 2)) <<
220 "CT extensions length encoded incorrectly";
221 EXPECT_EQ(tree_leaf.extensions, encoded.substr(735, 6)) <<
222 "CT extensions encoded incorrectly";
223 }
224
TEST_F(CtSerializationTest,EncodesMerkleTreeLeafForPrecert)225 TEST_F(CtSerializationTest, EncodesMerkleTreeLeafForPrecert) {
226 ct::MerkleTreeLeaf tree_leaf;
227 ct::GetPrecertTreeLeaf(&tree_leaf);
228
229 std::string encoded;
230 ASSERT_TRUE(ct::EncodeTreeLeaf(tree_leaf, &encoded));
231 EXPECT_EQ(622u, encoded.size()) << "Merkle tree leaf encoded incorrectly";
232 EXPECT_EQ(std::string("\x00", 1), encoded.substr(0, 1)) <<
233 "Version encoded incorrectly";
234 EXPECT_EQ(std::string("\x00", 1), encoded.substr(1, 1)) <<
235 "Merkle tree leaf type encoded incorrectly";
236 EXPECT_EQ(std::string("\x00\x00\x01\x45\x3c\x5f\xb8\x35", 8),
237 encoded.substr(2, 8)) <<
238 "Timestamp encoded incorrectly";
239 EXPECT_EQ(std::string("\x00\x01", 2), encoded.substr(10, 2)) <<
240 "Log entry type encoded incorrectly";
241 EXPECT_THAT(encoded.substr(12, 32),
242 ElementsAreArray(tree_leaf.signed_entry.issuer_key_hash.data))
243 << "Issuer key hash encoded incorrectly";
244 EXPECT_EQ(std::string("\x00\x02\x37", 3), encoded.substr(44, 3)) <<
245 "TBS certificate length encoded incorrectly";
246 EXPECT_EQ(tree_leaf.signed_entry.tbs_certificate, encoded.substr(47, 567))
247 << "TBS certificate encoded incorrectly";
248 EXPECT_EQ(std::string("\x00\x06", 2), encoded.substr(614, 2)) <<
249 "CT extensions length encoded incorrectly";
250 EXPECT_EQ(tree_leaf.extensions, encoded.substr(616, 6)) <<
251 "CT extensions encoded incorrectly";
252 }
253
TEST_F(CtSerializationTest,EncodesValidSignedTreeHead)254 TEST_F(CtSerializationTest, EncodesValidSignedTreeHead) {
255 ct::SignedTreeHead signed_tree_head;
256 ASSERT_TRUE(GetSampleSignedTreeHead(&signed_tree_head));
257
258 std::string encoded;
259 ASSERT_TRUE(ct::EncodeTreeHeadSignature(signed_tree_head, &encoded));
260 // Expected size is 50 bytes:
261 // Byte 0 is version, byte 1 is signature type
262 // Bytes 2-9 are timestamp
263 // Bytes 10-17 are tree size
264 // Bytes 18-49 are sha256 root hash
265 ASSERT_EQ(50u, encoded.length());
266 std::string expected_buffer(
267 "\x0\x1\x0\x0\x1\x45\x3c\x5f\xb8\x35\x0\x0\x0\x0\x0\x0\x0\x15", 18);
268 expected_buffer.append(ct::GetSampleSTHSHA256RootHash());
269 ASSERT_EQ(expected_buffer, encoded);
270 }
271
272 } // namespace net
273