diff options
author | estark <estark@chromium.org> | 2015-04-24 21:52:25 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-04-25 04:53:31 +0000 |
commit | 03206a1fcfe475604570d49dca0a885591e45ad7 (patch) | |
tree | 9db0b365d0feffcd71793a677d7c377f1c875d96 /crypto/aead_openssl_unittest.cc | |
parent | 5d190be1a5da69d013592f5590a9f825a48c1200 (diff) | |
download | chromium_src-03206a1fcfe475604570d49dca0a885591e45ad7.zip chromium_src-03206a1fcfe475604570d49dca0a885591e45ad7.tar.gz chromium_src-03206a1fcfe475604570d49dca0a885591e45ad7.tar.bz2 |
Encrypt certificate reports before uploading to HTTP URLs
This CL introduces a new protobuf to store encrypted
CertLoggerRequests. Serialized certificate reports are encrypted with an
AES-CTR-128-HMAC-SHA256 AEAD (from BoringSSL, thus encrypted reports are
only supported on BoringSSL platforms) before being uploaded to HTTP
endpoints. |CertificateErrorReporter::IsHttpUploadUrlSupported| allows
users of the class to set an HTTP URL if supported.
BUG=461590
Committed: https://crrev.com/0a3351c2a7c81284f82e6531380a21d079f55056
Cr-Commit-Position: refs/heads/master@{#326876}
Review URL: https://codereview.chromium.org/1083493003
Cr-Commit-Position: refs/heads/master@{#326957}
Diffstat (limited to 'crypto/aead_openssl_unittest.cc')
-rw-r--r-- | crypto/aead_openssl_unittest.cc | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/crypto/aead_openssl_unittest.cc b/crypto/aead_openssl_unittest.cc new file mode 100644 index 0000000..446bca2 --- /dev/null +++ b/crypto/aead_openssl_unittest.cc @@ -0,0 +1,54 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "crypto/aead_openssl.h" + +#include <string> + +#include "testing/gtest/include/gtest/gtest.h" + +namespace { + +#if defined(USE_OPENSSL) + +TEST(AeadTest, SealOpen) { + crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); + std::string key(aead.KeyLength(), 0); + aead.Init(&key); + std::string nonce(aead.NonceLength(), 0); + std::string plaintext("this is the plaintext"); + std::string ad("this is the additional data"); + std::string ciphertext; + EXPECT_TRUE(aead.Seal(plaintext, nonce, ad, &ciphertext)); + EXPECT_LT(0U, ciphertext.size()); + + std::string decrypted; + EXPECT_TRUE(aead.Open(ciphertext, nonce, ad, &decrypted)); + + EXPECT_EQ(plaintext, decrypted); +} + +TEST(AeadTest, SealOpenWrongKey) { + crypto::Aead aead(crypto::Aead::AES_128_CTR_HMAC_SHA256); + std::string key(aead.KeyLength(), 0); + std::string wrong_key(aead.KeyLength(), 1); + aead.Init(&key); + crypto::Aead aead_wrong_key(crypto::Aead::AES_128_CTR_HMAC_SHA256); + aead_wrong_key.Init(&wrong_key); + + std::string nonce(aead.NonceLength(), 0); + std::string plaintext("this is the plaintext"); + std::string ad("this is the additional data"); + std::string ciphertext; + EXPECT_TRUE(aead.Seal(plaintext, nonce, ad, &ciphertext)); + EXPECT_LT(0U, ciphertext.size()); + + std::string decrypted; + EXPECT_FALSE(aead_wrong_key.Open(ciphertext, nonce, ad, &decrypted)); + EXPECT_EQ(0U, decrypted.size()); +} + +#endif + +} // namespace |