1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/ct_serialization.h"
6
7 #include <string>
8 #include <string_view>
9
10 #include "base/files/file_path.h"
11 #include "base/files/file_util.h"
12 #include "net/base/test_completion_callback.h"
13 #include "net/cert/merkle_tree_leaf.h"
14 #include "net/cert/signed_certificate_timestamp.h"
15 #include "net/cert/signed_tree_head.h"
16 #include "net/cert/x509_certificate.h"
17 #include "net/test/cert_test_util.h"
18 #include "net/test/ct_test_util.h"
19 #include "net/test/test_data_directory.h"
20 #include "testing/gmock/include/gmock/gmock.h"
21 #include "testing/gtest/include/gtest/gtest.h"
22
23 using ::testing::ElementsAreArray;
24
25 namespace net {
26
27 class CtSerializationTest : public ::testing::Test {
28 public:
SetUp()29 void SetUp() override {
30 test_digitally_signed_ = ct::GetTestDigitallySigned();
31 }
32
33 protected:
34 std::string test_digitally_signed_;
35 };
36
TEST_F(CtSerializationTest,DecodesDigitallySigned)37 TEST_F(CtSerializationTest, DecodesDigitallySigned) {
38 std::string_view digitally_signed(test_digitally_signed_);
39 ct::DigitallySigned parsed;
40
41 ASSERT_TRUE(ct::DecodeDigitallySigned(&digitally_signed, &parsed));
42 EXPECT_EQ(
43 ct::DigitallySigned::HASH_ALGO_SHA256,
44 parsed.hash_algorithm);
45
46 EXPECT_EQ(
47 ct::DigitallySigned::SIG_ALGO_ECDSA,
48 parsed.signature_algorithm);
49
50 // The encoded data contains the signature itself from the 4th byte.
51 // The first bytes are:
52 // 1 byte of hash algorithm
53 // 1 byte of signature algorithm
54 // 2 bytes - prefix containing length of the signature data.
55 EXPECT_EQ(
56 test_digitally_signed_.substr(4),
57 parsed.signature_data);
58 }
59
60
TEST_F(CtSerializationTest,FailsToDecodePartialDigitallySigned)61 TEST_F(CtSerializationTest, FailsToDecodePartialDigitallySigned) {
62 std::string_view digitally_signed(test_digitally_signed_);
63 std::string_view partial_digitally_signed(
64 digitally_signed.substr(0, test_digitally_signed_.size() - 5));
65 ct::DigitallySigned parsed;
66
67 ASSERT_FALSE(ct::DecodeDigitallySigned(&partial_digitally_signed, &parsed));
68 }
69
70
TEST_F(CtSerializationTest,EncodesDigitallySigned)71 TEST_F(CtSerializationTest, EncodesDigitallySigned) {
72 ct::DigitallySigned digitally_signed;
73 digitally_signed.hash_algorithm = ct::DigitallySigned::HASH_ALGO_SHA256;
74 digitally_signed.signature_algorithm = ct::DigitallySigned::SIG_ALGO_ECDSA;
75 digitally_signed.signature_data = test_digitally_signed_.substr(4);
76
77 std::string encoded;
78
79 ASSERT_TRUE(ct::EncodeDigitallySigned(digitally_signed, &encoded));
80 EXPECT_EQ(test_digitally_signed_, encoded);
81 }
82
TEST_F(CtSerializationTest,EncodesSignedEntryForX509Cert)83 TEST_F(CtSerializationTest, EncodesSignedEntryForX509Cert) {
84 ct::SignedEntryData entry;
85 ct::GetX509CertSignedEntry(&entry);
86
87 std::string encoded;
88 ASSERT_TRUE(ct::EncodeSignedEntry(entry, &encoded));
89 EXPECT_EQ((718U + 5U), encoded.size());
90 // First two bytes are log entry type. Next, length:
91 // Length is 718 which is 512 + 206, which is 0x2ce
92 std::string expected_prefix("\0\0\0\x2\xCE", 5);
93 // Note we use std::string comparison rather than ASSERT_STREQ due
94 // to null characters in the buffer.
95 EXPECT_EQ(expected_prefix, encoded.substr(0, 5));
96 }
97
TEST_F(CtSerializationTest,EncodesSignedEntryForPrecert)98 TEST_F(CtSerializationTest, EncodesSignedEntryForPrecert) {
99 ct::SignedEntryData entry;
100 ct::GetPrecertSignedEntry(&entry);
101
102 std::string encoded;
103 ASSERT_TRUE(ct::EncodeSignedEntry(entry, &encoded));
104 EXPECT_EQ(604u, encoded.size());
105 // First two bytes are the log entry type.
106 EXPECT_EQ(std::string("\x00\x01", 2), encoded.substr(0, 2));
107 // Next comes the 32-byte issuer key hash
108 EXPECT_THAT(encoded.substr(2, 32),
109 ElementsAreArray(entry.issuer_key_hash.data));
110 // Then the length of the TBS cert (604 bytes = 0x237)
111 EXPECT_EQ(std::string("\x00\x02\x37", 3), encoded.substr(34, 3));
112 // Then the TBS cert itself
113 EXPECT_EQ(entry.tbs_certificate, encoded.substr(37));
114 }
115
TEST_F(CtSerializationTest,EncodesV1SCTSignedData)116 TEST_F(CtSerializationTest, EncodesV1SCTSignedData) {
117 base::Time timestamp =
118 base::Time::UnixEpoch() + base::Milliseconds(1348589665525);
119 std::string dummy_entry("abc");
120 std::string empty_extensions;
121 // For now, no known failure cases.
122 std::string encoded;
123 ASSERT_TRUE(ct::EncodeV1SCTSignedData(
124 timestamp,
125 dummy_entry,
126 empty_extensions,
127 &encoded));
128 EXPECT_EQ((size_t) 15, encoded.size());
129 // Byte 0 is version, byte 1 is signature type
130 // Bytes 2-10 are timestamp
131 // Bytes 11-14 are the log signature
132 // Byte 15 is the empty extension
133 //EXPECT_EQ(0, timestamp.ToTimeT());
134 std::string expected_buffer(
135 "\x0\x0\x0\x0\x1\x39\xFE\x35\x3C\xF5\x61\x62\x63\x0\x0", 15);
136 EXPECT_EQ(expected_buffer, encoded);
137 }
138
TEST_F(CtSerializationTest,DecodesSCTList)139 TEST_F(CtSerializationTest, DecodesSCTList) {
140 // Two items in the list: "abc", "def"
141 std::string_view encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x3\x64\x65\x66", 12);
142 std::vector<std::string_view> decoded;
143
144 ASSERT_TRUE(ct::DecodeSCTList(encoded, &decoded));
145 ASSERT_STREQ("abc", decoded[0].data());
146 ASSERT_STREQ("def", decoded[1].data());
147 }
148
TEST_F(CtSerializationTest,FailsDecodingInvalidSCTList)149 TEST_F(CtSerializationTest, FailsDecodingInvalidSCTList) {
150 // A list with one item that's too short
151 std::string_view encoded("\x0\xa\x0\x3\x61\x62\x63\x0\x5\x64\x65\x66", 12);
152 std::vector<std::string_view> decoded;
153
154 ASSERT_FALSE(ct::DecodeSCTList(encoded, &decoded));
155 }
156
TEST_F(CtSerializationTest,EncodeSignedCertificateTimestamp)157 TEST_F(CtSerializationTest, EncodeSignedCertificateTimestamp) {
158 std::string encoded_test_sct(ct::GetTestSignedCertificateTimestamp());
159 std::string_view encoded_sct(encoded_test_sct);
160
161 scoped_refptr<ct::SignedCertificateTimestamp> sct;
162 ASSERT_TRUE(ct::DecodeSignedCertificateTimestamp(&encoded_sct, &sct));
163
164 std::string serialized;
165 ASSERT_TRUE(ct::EncodeSignedCertificateTimestamp(sct, &serialized));
166 EXPECT_EQ(serialized, encoded_test_sct);
167 }
168
TEST_F(CtSerializationTest,DecodesSignedCertificateTimestamp)169 TEST_F(CtSerializationTest, DecodesSignedCertificateTimestamp) {
170 std::string encoded_test_sct(ct::GetTestSignedCertificateTimestamp());
171 std::string_view encoded_sct(encoded_test_sct);
172
173 scoped_refptr<ct::SignedCertificateTimestamp> sct;
174 ASSERT_TRUE(ct::DecodeSignedCertificateTimestamp(&encoded_sct, &sct));
175 EXPECT_EQ(0, sct->version);
176 EXPECT_EQ(ct::GetTestPublicKeyId(), sct->log_id);
177 base::Time expected_time =
178 base::Time::UnixEpoch() + base::Milliseconds(1365181456089);
179 EXPECT_EQ(expected_time, sct->timestamp);
180 // Subtracting 4 bytes for signature data (hash & sig algs),
181 // actual signature data should be 71 bytes.
182 EXPECT_EQ((size_t) 71, sct->signature.signature_data.size());
183 EXPECT_TRUE(sct->extensions.empty());
184 }
185
TEST_F(CtSerializationTest,FailsDecodingInvalidSignedCertificateTimestamp)186 TEST_F(CtSerializationTest, FailsDecodingInvalidSignedCertificateTimestamp) {
187 // Invalid version
188 std::string_view invalid_version_sct("\x2\x0", 2);
189 scoped_refptr<ct::SignedCertificateTimestamp> sct;
190
191 ASSERT_FALSE(
192 ct::DecodeSignedCertificateTimestamp(&invalid_version_sct, &sct));
193
194 // Valid version, invalid length (missing data)
195 std::string_view invalid_length_sct("\x0\xa\xb\xc", 4);
196 ASSERT_FALSE(
197 ct::DecodeSignedCertificateTimestamp(&invalid_length_sct, &sct));
198 }
199
TEST_F(CtSerializationTest,EncodesMerkleTreeLeafForX509Cert)200 TEST_F(CtSerializationTest, EncodesMerkleTreeLeafForX509Cert) {
201 ct::MerkleTreeLeaf tree_leaf;
202 ct::GetX509CertTreeLeaf(&tree_leaf);
203
204 std::string encoded;
205 ASSERT_TRUE(ct::EncodeTreeLeaf(tree_leaf, &encoded));
206 EXPECT_EQ(741u, encoded.size()) << "Merkle tree leaf encoded incorrectly";
207 EXPECT_EQ(std::string("\x00", 1), encoded.substr(0, 1)) <<
208 "Version encoded incorrectly";
209 EXPECT_EQ(std::string("\x00", 1), encoded.substr(1, 1)) <<
210 "Merkle tree leaf type encoded incorrectly";
211 EXPECT_EQ(std::string("\x00\x00\x01\x45\x3c\x5f\xb8\x35", 8),
212 encoded.substr(2, 8)) <<
213 "Timestamp encoded incorrectly";
214 EXPECT_EQ(std::string("\x00\x00", 2), encoded.substr(10, 2)) <<
215 "Log entry type encoded incorrectly";
216 EXPECT_EQ(std::string("\x00\x02\xce", 3), encoded.substr(12, 3)) <<
217 "Certificate length encoded incorrectly";
218 EXPECT_EQ(tree_leaf.signed_entry.leaf_certificate, encoded.substr(15, 718))
219 << "Certificate encoded incorrectly";
220 EXPECT_EQ(std::string("\x00\x06", 2), encoded.substr(733, 2)) <<
221 "CT extensions length encoded incorrectly";
222 EXPECT_EQ(tree_leaf.extensions, encoded.substr(735, 6)) <<
223 "CT extensions encoded incorrectly";
224 }
225
TEST_F(CtSerializationTest,EncodesMerkleTreeLeafForPrecert)226 TEST_F(CtSerializationTest, EncodesMerkleTreeLeafForPrecert) {
227 ct::MerkleTreeLeaf tree_leaf;
228 ct::GetPrecertTreeLeaf(&tree_leaf);
229
230 std::string encoded;
231 ASSERT_TRUE(ct::EncodeTreeLeaf(tree_leaf, &encoded));
232 EXPECT_EQ(622u, encoded.size()) << "Merkle tree leaf encoded incorrectly";
233 EXPECT_EQ(std::string("\x00", 1), encoded.substr(0, 1)) <<
234 "Version encoded incorrectly";
235 EXPECT_EQ(std::string("\x00", 1), encoded.substr(1, 1)) <<
236 "Merkle tree leaf type encoded incorrectly";
237 EXPECT_EQ(std::string("\x00\x00\x01\x45\x3c\x5f\xb8\x35", 8),
238 encoded.substr(2, 8)) <<
239 "Timestamp encoded incorrectly";
240 EXPECT_EQ(std::string("\x00\x01", 2), encoded.substr(10, 2)) <<
241 "Log entry type encoded incorrectly";
242 EXPECT_THAT(encoded.substr(12, 32),
243 ElementsAreArray(tree_leaf.signed_entry.issuer_key_hash.data))
244 << "Issuer key hash encoded incorrectly";
245 EXPECT_EQ(std::string("\x00\x02\x37", 3), encoded.substr(44, 3)) <<
246 "TBS certificate length encoded incorrectly";
247 EXPECT_EQ(tree_leaf.signed_entry.tbs_certificate, encoded.substr(47, 567))
248 << "TBS certificate encoded incorrectly";
249 EXPECT_EQ(std::string("\x00\x06", 2), encoded.substr(614, 2)) <<
250 "CT extensions length encoded incorrectly";
251 EXPECT_EQ(tree_leaf.extensions, encoded.substr(616, 6)) <<
252 "CT extensions encoded incorrectly";
253 }
254
TEST_F(CtSerializationTest,EncodesValidSignedTreeHead)255 TEST_F(CtSerializationTest, EncodesValidSignedTreeHead) {
256 ct::SignedTreeHead signed_tree_head;
257 ASSERT_TRUE(GetSampleSignedTreeHead(&signed_tree_head));
258
259 std::string encoded;
260 ASSERT_TRUE(ct::EncodeTreeHeadSignature(signed_tree_head, &encoded));
261 // Expected size is 50 bytes:
262 // Byte 0 is version, byte 1 is signature type
263 // Bytes 2-9 are timestamp
264 // Bytes 10-17 are tree size
265 // Bytes 18-49 are sha256 root hash
266 ASSERT_EQ(50u, encoded.length());
267 std::string expected_buffer(
268 "\x0\x1\x0\x0\x1\x45\x3c\x5f\xb8\x35\x0\x0\x0\x0\x0\x0\x0\x15", 18);
269 expected_buffer.append(ct::GetSampleSTHSHA256RootHash());
270 ASSERT_EQ(expected_buffer, encoded);
271 }
272
273 } // namespace net
274