1*6777b538SAndroid Build Coastguard Worker // Copyright 2013 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef NET_TEST_CT_TEST_UTIL_H_ 6*6777b538SAndroid Build Coastguard Worker #define NET_TEST_CT_TEST_UTIL_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #include <stddef.h> 9*6777b538SAndroid Build Coastguard Worker #include <stdint.h> 10*6777b538SAndroid Build Coastguard Worker 11*6777b538SAndroid Build Coastguard Worker #include <string> 12*6777b538SAndroid Build Coastguard Worker #include <vector> 13*6777b538SAndroid Build Coastguard Worker 14*6777b538SAndroid Build Coastguard Worker #include "base/memory/scoped_refptr.h" 15*6777b538SAndroid Build Coastguard Worker #include "net/cert/signed_certificate_timestamp.h" 16*6777b538SAndroid Build Coastguard Worker #include "net/cert/signed_certificate_timestamp_and_status.h" 17*6777b538SAndroid Build Coastguard Worker 18*6777b538SAndroid Build Coastguard Worker namespace net::ct { 19*6777b538SAndroid Build Coastguard Worker 20*6777b538SAndroid Build Coastguard Worker struct DigitallySigned; 21*6777b538SAndroid Build Coastguard Worker struct MerkleTreeLeaf; 22*6777b538SAndroid Build Coastguard Worker struct SignedEntryData; 23*6777b538SAndroid Build Coastguard Worker struct SignedTreeHead; 24*6777b538SAndroid Build Coastguard Worker 25*6777b538SAndroid Build Coastguard Worker // Note: unless specified otherwise, all test data is taken from Certificate 26*6777b538SAndroid Build Coastguard Worker // Transparency test data repository. 27*6777b538SAndroid Build Coastguard Worker 28*6777b538SAndroid Build Coastguard Worker // Fills |entry| with test data for an X.509 entry. 29*6777b538SAndroid Build Coastguard Worker void GetX509CertSignedEntry(SignedEntryData* entry); 30*6777b538SAndroid Build Coastguard Worker 31*6777b538SAndroid Build Coastguard Worker // Fills |tree_leaf| with test data for an X.509 Merkle tree leaf. 32*6777b538SAndroid Build Coastguard Worker void GetX509CertTreeLeaf(MerkleTreeLeaf* tree_leaf); 33*6777b538SAndroid Build Coastguard Worker 34*6777b538SAndroid Build Coastguard Worker // Returns a DER-encoded X509 cert. The SCT provided by 35*6777b538SAndroid Build Coastguard Worker // GetX509CertSCT is signed over this certificate. 36*6777b538SAndroid Build Coastguard Worker std::string GetDerEncodedX509Cert(); 37*6777b538SAndroid Build Coastguard Worker 38*6777b538SAndroid Build Coastguard Worker // Fills |entry| with test data for a Precertificate entry. 39*6777b538SAndroid Build Coastguard Worker void GetPrecertSignedEntry(SignedEntryData* entry); 40*6777b538SAndroid Build Coastguard Worker 41*6777b538SAndroid Build Coastguard Worker // Fills |tree_leaf| with test data for a Precertificate Merkle tree leaf. 42*6777b538SAndroid Build Coastguard Worker void GetPrecertTreeLeaf(MerkleTreeLeaf* tree_leaf); 43*6777b538SAndroid Build Coastguard Worker 44*6777b538SAndroid Build Coastguard Worker // Returns the binary representation of a test DigitallySigned 45*6777b538SAndroid Build Coastguard Worker std::string GetTestDigitallySigned(); 46*6777b538SAndroid Build Coastguard Worker 47*6777b538SAndroid Build Coastguard Worker // Returns the binary representation of a test serialized SCT. 48*6777b538SAndroid Build Coastguard Worker std::string GetTestSignedCertificateTimestamp(); 49*6777b538SAndroid Build Coastguard Worker 50*6777b538SAndroid Build Coastguard Worker // Test log key 51*6777b538SAndroid Build Coastguard Worker std::string GetTestPublicKey(); 52*6777b538SAndroid Build Coastguard Worker 53*6777b538SAndroid Build Coastguard Worker // ID of test log key 54*6777b538SAndroid Build Coastguard Worker std::string GetTestPublicKeyId(); 55*6777b538SAndroid Build Coastguard Worker 56*6777b538SAndroid Build Coastguard Worker // SCT for the X509Certificate provided above. 57*6777b538SAndroid Build Coastguard Worker void GetX509CertSCT(scoped_refptr<SignedCertificateTimestamp>* sct); 58*6777b538SAndroid Build Coastguard Worker 59*6777b538SAndroid Build Coastguard Worker // SCT for the Precertificate log entry provided above. 60*6777b538SAndroid Build Coastguard Worker void GetPrecertSCT(scoped_refptr<SignedCertificateTimestamp>* sct); 61*6777b538SAndroid Build Coastguard Worker 62*6777b538SAndroid Build Coastguard Worker // Issuer key hash 63*6777b538SAndroid Build Coastguard Worker std::string GetDefaultIssuerKeyHash(); 64*6777b538SAndroid Build Coastguard Worker 65*6777b538SAndroid Build Coastguard Worker // Fake OCSP response with an embedded SCT list. 66*6777b538SAndroid Build Coastguard Worker std::string GetDerEncodedFakeOCSPResponse(); 67*6777b538SAndroid Build Coastguard Worker 68*6777b538SAndroid Build Coastguard Worker // The SCT list embedded in the response above. 69*6777b538SAndroid Build Coastguard Worker std::string GetFakeOCSPExtensionValue(); 70*6777b538SAndroid Build Coastguard Worker 71*6777b538SAndroid Build Coastguard Worker // The cert the OCSP response is for. 72*6777b538SAndroid Build Coastguard Worker std::string GetDerEncodedFakeOCSPResponseCert(); 73*6777b538SAndroid Build Coastguard Worker 74*6777b538SAndroid Build Coastguard Worker // The issuer of the previous cert. 75*6777b538SAndroid Build Coastguard Worker std::string GetDerEncodedFakeOCSPResponseIssuerCert(); 76*6777b538SAndroid Build Coastguard Worker 77*6777b538SAndroid Build Coastguard Worker // A sample, valid STH. 78*6777b538SAndroid Build Coastguard Worker bool GetSampleSignedTreeHead(SignedTreeHead* sth); 79*6777b538SAndroid Build Coastguard Worker 80*6777b538SAndroid Build Coastguard Worker // A valid STH for the empty tree. 81*6777b538SAndroid Build Coastguard Worker bool GetSampleEmptySignedTreeHead(SignedTreeHead* sth); 82*6777b538SAndroid Build Coastguard Worker 83*6777b538SAndroid Build Coastguard Worker // An STH for an empty tree where the root hash is not the hash of the empty 84*6777b538SAndroid Build Coastguard Worker // string, but the signature over the STH is valid. Such an STH is not valid 85*6777b538SAndroid Build Coastguard Worker // according to RFC6962. 86*6777b538SAndroid Build Coastguard Worker bool GetBadEmptySignedTreeHead(SignedTreeHead* sth); 87*6777b538SAndroid Build Coastguard Worker 88*6777b538SAndroid Build Coastguard Worker // The SHA256 root hash for the sample STH. 89*6777b538SAndroid Build Coastguard Worker std::string GetSampleSTHSHA256RootHash(); 90*6777b538SAndroid Build Coastguard Worker 91*6777b538SAndroid Build Coastguard Worker // The tree head signature for the sample STH. 92*6777b538SAndroid Build Coastguard Worker std::string GetSampleSTHTreeHeadSignature(); 93*6777b538SAndroid Build Coastguard Worker 94*6777b538SAndroid Build Coastguard Worker // The same signature as GetSampleSTHTreeHeadSignature, decoded. 95*6777b538SAndroid Build Coastguard Worker bool GetSampleSTHTreeHeadDecodedSignature(DigitallySigned* signature); 96*6777b538SAndroid Build Coastguard Worker 97*6777b538SAndroid Build Coastguard Worker // The sample STH in JSON form. 98*6777b538SAndroid Build Coastguard Worker std::string GetSampleSTHAsJson(); 99*6777b538SAndroid Build Coastguard Worker 100*6777b538SAndroid Build Coastguard Worker // Assembles, and returns, a sample STH in JSON format using 101*6777b538SAndroid Build Coastguard Worker // the provided parameters. 102*6777b538SAndroid Build Coastguard Worker std::string CreateSignedTreeHeadJsonString(size_t tree_size, 103*6777b538SAndroid Build Coastguard Worker int64_t timestamp, 104*6777b538SAndroid Build Coastguard Worker std::string sha256_root_hash, 105*6777b538SAndroid Build Coastguard Worker std::string tree_head_signature); 106*6777b538SAndroid Build Coastguard Worker 107*6777b538SAndroid Build Coastguard Worker // Assembles, and returns, a sample consistency proof in JSON format using 108*6777b538SAndroid Build Coastguard Worker // the provided raw nodes (i.e. the raw nodes will be base64-encoded). 109*6777b538SAndroid Build Coastguard Worker std::string CreateConsistencyProofJsonString( 110*6777b538SAndroid Build Coastguard Worker const std::vector<std::string>& raw_nodes); 111*6777b538SAndroid Build Coastguard Worker 112*6777b538SAndroid Build Coastguard Worker // Returns SCTList for testing. 113*6777b538SAndroid Build Coastguard Worker std::string GetSCTListForTesting(); 114*6777b538SAndroid Build Coastguard Worker 115*6777b538SAndroid Build Coastguard Worker // Returns a corrupted SCTList. This is done by changing a byte inside the 116*6777b538SAndroid Build Coastguard Worker // Log ID part of the SCT so it does not match the log used in the tests. 117*6777b538SAndroid Build Coastguard Worker std::string GetSCTListWithInvalidSCT(); 118*6777b538SAndroid Build Coastguard Worker 119*6777b538SAndroid Build Coastguard Worker // Returns true if |log_description| is in the |result|'s |verified_scts| and 120*6777b538SAndroid Build Coastguard Worker // number of |verified_scts| in |result| is equal to 1. 121*6777b538SAndroid Build Coastguard Worker bool CheckForSingleVerifiedSCTInResult( 122*6777b538SAndroid Build Coastguard Worker const SignedCertificateTimestampAndStatusList& scts, 123*6777b538SAndroid Build Coastguard Worker const std::string& log_description); 124*6777b538SAndroid Build Coastguard Worker 125*6777b538SAndroid Build Coastguard Worker // Returns true if |origin| is in the |result|'s |verified_scts|. 126*6777b538SAndroid Build Coastguard Worker bool CheckForSCTOrigin(const SignedCertificateTimestampAndStatusList& scts, 127*6777b538SAndroid Build Coastguard Worker SignedCertificateTimestamp::Origin origin); 128*6777b538SAndroid Build Coastguard Worker 129*6777b538SAndroid Build Coastguard Worker } // namespace net::ct 130*6777b538SAndroid Build Coastguard Worker 131*6777b538SAndroid Build Coastguard Worker #endif // NET_TEST_CT_TEST_UTIL_H_ 132