1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "net/quic/crypto/crypto_utils.h"
#include "net/quic/test_tools/quic_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace net {
namespace test {
namespace {
TEST(CryptoUtilsTest, IsValidSNI) {
// IP as SNI.
EXPECT_FALSE(CryptoUtils::IsValidSNI("192.168.0.1"));
// SNI without any dot.
EXPECT_FALSE(CryptoUtils::IsValidSNI("somedomain"));
// Invalid RFC2396 hostname
// TODO(rtenneti): Support RFC2396 hostname.
// EXPECT_FALSE(CryptoUtils::IsValidSNI("some_domain.com"));
// An empty string must be invalid otherwise the QUIC client will try sending
// it.
EXPECT_FALSE(CryptoUtils::IsValidSNI(""));
// Valid SNI
EXPECT_TRUE(CryptoUtils::IsValidSNI("test.google.com"));
}
TEST(CryptoUtilsTest, NormalizeHostname) {
struct {
const char *input, *expected;
} tests[] = {
{ "www.google.com", "www.google.com", },
{ "WWW.GOOGLE.COM", "www.google.com", },
{ "www.google.com.", "www.google.com", },
{ "www.google.COM.", "www.google.com", },
{ "www.google.com..", "www.google.com", },
{ "www.google.com........", "www.google.com", },
};
for (size_t i = 0; i < arraysize(tests); ++i) {
EXPECT_EQ(std::string(tests[i].expected),
CryptoUtils::NormalizeHostname(tests[i].input));
}
}
TEST(CryptoUtilsTest, TestExportKeyingMaterial) {
const struct TestVector {
// Input (strings of hexadecimal digits):
const char* subkey_secret;
const char* label;
const char* context;
size_t result_len;
// Expected output (string of hexadecimal digits):
const char* expected; // Null if it should fail.
} test_vector[] = {
// Try a typical input
{ "4823c1189ecc40fce888fbb4cf9ae6254f19ba12e6d9af54788f195a6f509ca3",
"e934f78d7a71dd85420fceeb8cea0317",
"b8d766b5d3c8aba0009c7ed3de553eba53b4de1030ea91383dcdf724cd8b7217",
32,
"a9979da0d5f1c1387d7cbe68f5c4163ddb445a03c4ad6ee72cb49d56726d679e"
},
// Don't let the label contain nulls
{ "14fe51e082ffee7d1b4d8d4ab41f8c55",
"3132333435363700",
"58585858585858585858585858585858",
16,
nullptr
},
// Make sure nulls in the context are fine
{ "d862c2e36b0a42f7827c67ebc8d44df7",
"7a5b95e4e8378123",
"4142434445464700",
16,
"12d418c6d0738a2e4d85b2d0170f76e1"
},
// ... and give a different result than without
{ "d862c2e36b0a42f7827c67ebc8d44df7",
"7a5b95e4e8378123",
"41424344454647",
16,
"abfa1c479a6e3ffb98a11dee7d196408"
},
// Try weird lengths
{ "d0ec8a34f6cc9a8c96",
"49711798cc6251",
"933d4a2f30d22f089cfba842791116adc121e0",
23,
"c9a46ed0757bd1812f1f21b4d41e62125fec8364a21db7"
},
};
for (size_t i = 0; i < arraysize(test_vector); i++) {
// Decode the test vector.
string subkey_secret;
string label;
string context;
ASSERT_TRUE(DecodeHexString(test_vector[i].subkey_secret, &subkey_secret));
ASSERT_TRUE(DecodeHexString(test_vector[i].label, &label));
ASSERT_TRUE(DecodeHexString(test_vector[i].context, &context));
size_t result_len = test_vector[i].result_len;
bool expect_ok = test_vector[i].expected != nullptr;
string expected;
if (expect_ok) {
ASSERT_TRUE(DecodeHexString(test_vector[i].expected, &expected));
}
string result;
bool ok = CryptoUtils::ExportKeyingMaterial(subkey_secret,
label,
context,
result_len,
&result);
EXPECT_EQ(expect_ok, ok);
if (expect_ok) {
EXPECT_EQ(result_len, result.length());
test::CompareCharArraysWithHexError("HKDF output",
result.data(),
result.length(),
expected.data(),
expected.length());
}
}
}
} // namespace
} // namespace test
} // namespace net
|
