proxygen
ValidatorTest.cpp
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-present, Facebook, Inc.
3  * All rights reserved.
4  *
5  * This source code is licensed under the BSD-style license found in the
6  * LICENSE file in the root directory of this source tree.
7  */
8 
9 #include <gmock/gmock.h>
10 #include <gtest/gtest.h>
11 
12 #include <fizz/extensions/tokenbinding/Types.h>
13 #include <fizz/extensions/tokenbinding/Validator.h>
14 
15 using namespace folly;
16 using namespace folly::io;
17 using namespace folly::ssl;
18 
19 using testing::_;
20 using namespace testing;
21 
22 namespace fizz {
23 namespace extensions {
24 namespace test {
25 
26 // Test values from using chrome to hit my sandbox
27 StringPiece chrome_session_ekm{
28  "9d20b2acf86f893a240642593cfc53102b9fb76b37f059d4bff47a0e6fee25e7"};
29 StringPiece chrome_session_key{
30  "40dd2fa2430a0f54ca96454bdf23c264353a252812bc5fa7b851a6fa9d620424bf43e20e50a4ca0a1769f4024db346ca5075eecdb7f62d0018cf1642b75f679d98"};
31 StringPiece chrome_session_signature{
32  "d2c9c04957013f38369a18a5d5b47d6492f0f0f5c8772a27cc3770f23dda94d30fc3a6d0dc110c78e668a44c3b8b61842a6e72795f61f51f398f8dedd2ceb9a3"};
33 
34 class ValidatorTest : public Test {
35  public:
36  void SetUp() override {
37  OpenSSL_add_all_algorithms();
38  ekm_ = getBuf(chrome_session_ekm);
39  }
40 
41  TokenBinding setUpWithKeyParameters(TokenBindingKeyParameters params) {
42  TokenBinding tokenBinding;
43  tokenBinding.tokenbinding_type = TokenBindingType::provided_token_binding;
44  tokenBinding.extensions = folly::IOBuf::create(0);
45  TokenBindingID id;
46  id.key_parameters = params;
47  switch (params) {
48  case TokenBindingKeyParameters::ecdsap256: {
49  id.key = getBuf(chrome_session_key);
50  tokenBinding.tokenbindingid = std::move(id);
51  tokenBinding.signature = getBuf(chrome_session_signature);
52  return tokenBinding;
53  }
54  default: // rsa_pss and rsa_pkcs
55  throw std::runtime_error("not implemented");
56  }
57  }
58 
59  Buf getBuf(StringPiece hex) {
60  auto data = unhexlify(hex);
61  return folly::IOBuf::copyBuffer(data.data(), data.size());
62  }
63 
64  Buf ekm_;
65 };
66 
67 TEST_F(ValidatorTest, TestBadKeySent) {
68  StringPiece bad_ecdsa_key{
69  "3060FED4BA255A9D31C961EB74C6356D68C049B8923B41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4461FA6CE669622E60F29FB67903FE1008B8BC99A62299"};
70  auto binding = setUpWithKeyParameters(TokenBindingKeyParameters::ecdsap256);
71 
72  binding.tokenbindingid.key = getBuf(bad_ecdsa_key);
73  EXPECT_FALSE(
74  Validator::validateTokenBinding(
75  std::move(binding), ekm_, TokenBindingKeyParameters::ecdsap256)
76  .hasValue());
77 }
78 
79 TEST_F(ValidatorTest, TestMismatchKeyParams) {
80  auto binding = setUpWithKeyParameters(TokenBindingKeyParameters::ecdsap256);
81  EXPECT_FALSE(
82  Validator::validateTokenBinding(
83  std::move(binding), ekm_, TokenBindingKeyParameters::rsa2048_pss)
84  .hasValue());
85 }
86 
87 TEST_F(ValidatorTest, TestChromeSignature) {
88  auto binding = setUpWithKeyParameters(TokenBindingKeyParameters::ecdsap256);
89  EXPECT_TRUE(
90  Validator::validateTokenBinding(
91  std::move(binding), ekm_, TokenBindingKeyParameters::ecdsap256)
92  .hasValue());
93 }
94 
95 TEST_F(ValidatorTest, TestInvalidSignature) {
96  auto binding = setUpWithKeyParameters(TokenBindingKeyParameters::ecdsap256);
97  *binding.signature->writableData() ^= 0x04;
98  EXPECT_FALSE(
99  Validator::validateTokenBinding(
100  std::move(binding), ekm_, TokenBindingKeyParameters::ecdsap256)
101  .hasValue());
102 }
103 
104 TEST_F(ValidatorTest, TestTruncatedSignature) {
105  auto binding = setUpWithKeyParameters(TokenBindingKeyParameters::ecdsap256);
106  binding.signature->trimEnd(4);
107  EXPECT_FALSE(
108  Validator::validateTokenBinding(
109  std::move(binding), ekm_, TokenBindingKeyParameters::ecdsap256)
110  .hasValue());
111 }
112 } // namespace test
113 } // namespace extensions
114 } // namespace fizz
folly::unhexlify
bool unhexlify(const InputString &input, OutputString &output)
Definition: String-inl.h:616
folly::IOBuf::create
static std::unique_ptr< IOBuf > create(std::size_t capacity)
Definition: IOBuf.cpp:229
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
folly
—— Concurrent Priority Queue Implementation ——
Definition: AtomicBitSet.h:29
fizz::extensions::TokenBinding::tokenbinding_type
TokenBindingType tokenbinding_type
Definition: Types.h:57
fizz::extensions::TokenBindingKeyParameters
TokenBindingKeyParameters
Definition: Types.h:33
params
constexpr Params params[]
Definition: FlatCombiningTest.cpp:94
folly::data
constexpr auto data(C &c) -> decltype(c.data())
Definition: Access.h:71
fizz
Definition: Actions.h:16
tokenBinding
StringPiece tokenBinding
Definition: TokenBindingTest.cpp:26
fizz::extensions::TokenBindingID::key_parameters
TokenBindingKeyParameters key_parameters
Definition: Types.h:47
folly::TEST_F
TEST_F(AsyncSSLSocketWriteTest, write_coalescing1)
Definition: AsyncSSLSocketWriteTest.cpp:120
fizz::extensions::TokenBinding::tokenbindingid
TokenBindingID tokenbindingid
Definition: Types.h:58
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: gtest.h:1859
fizz::Buf
std::unique_ptr< folly::IOBuf > Buf
Definition: Types.h:22
fizz::extensions::test::chrome_session_signature
StringPiece chrome_session_signature
Definition: ValidatorTest.cpp:31
testing::_
const internal::AnythingMatcher _
Definition: gmock-matchers.h:3729
EXPECT_FALSE
#define EXPECT_FALSE(condition)
Definition: gtest.h:1862
fizz::extensions::test::ValidatorTest::setUpWithKeyParameters
TokenBinding setUpWithKeyParameters(TokenBindingKeyParameters params)
Definition: ValidatorTest.cpp:41
fizz::extensions::test::chrome_session_ekm
StringPiece chrome_session_ekm
Definition: ValidatorTest.cpp:27
folly::IOBuf::copyBuffer
static std::unique_ptr< IOBuf > copyBuffer(const void *buf, std::size_t size, std::size_t headroom=0, std::size_t minTailroom=0)
Definition: IOBuf.h:1587
fizz::extensions::test::chrome_session_key
StringPiece chrome_session_key
Definition: ValidatorTest.cpp:29