github.com/zmap/zcrypto@v0.0.0-20240512203510-0fef58d9a9db/x509/cert_pool_test.go

github.com/zmap/zcrypto@v0.0.0-20240512203510-0fef58d9a9db/x509/cert_pool_test.go (about)

     1  // Copyright 2017 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package x509
     6  
     7  import (
     8  	"bytes"
     9  	"crypto/rand"
    10  	"testing"
    11  )
    12  
    13  func TestSubjects(t *testing.T) {
    14  	certs := makeRandomCertsForPool(1000)
    15  	pool := NewCertPool()
    16  	for _, c := range certs {
    17  		pool.AddCert(c)
    18  	}
    19  	subjects := pool.Subjects()
    20  	for i := range subjects {
    21  		if bytes.Compare(subjects[i], pool.Certificates()[i].RawSubject) != 0 {
    22  			t.Fail()
    23  		}
    24  	}
    25  }
    26  
    27  func TestSumAndContains(t *testing.T) {
    28  	certs1 := makeRandomCertsForPool(1000)
    29  	pool1 := NewCertPool()
    30  	for _, c := range certs1 {
    31  		pool1.AddCert(c)
    32  	}
    33  	certs2 := makeRandomCertsForPool(1000)
    34  	pool2 := NewCertPool()
    35  	for _, c := range certs2 {
    36  		pool2.AddCert(c)
    37  	}
    38  	sum := pool1.Sum(pool2)
    39  	for _, c := range pool1.Certificates() {
    40  		if !sum.Contains(c) {
    41  			t.Fail()
    42  		}
    43  	}
    44  	for _, c := range sum.Certificates() {
    45  		if !pool1.Contains(c) && !pool2.Contains(c) {
    46  			t.Fail()
    47  		}
    48  	}
    49  }
    50  
    51  func TestSumAndSize(t *testing.T) {
    52  	certs1 := makeRandomCertsForPool(1000)
    53  	pool1 := NewCertPool()
    54  	for _, c := range certs1 {
    55  		pool1.AddCert(c)
    56  	}
    57  	certs2 := makeRandomCertsForPool(1000)
    58  	pool2 := NewCertPool()
    59  	for _, c := range certs2 {
    60  		pool2.AddCert(c)
    61  	}
    62  	sum := pool1.Sum(pool2)
    63  	if sum.Size() != 2000 {
    64  		t.Fail()
    65  	}
    66  }
    67  
    68  func TestSumAndCovers(t *testing.T) {
    69  	certs1 := makeRandomCertsForPool(1000)
    70  	pool1 := NewCertPool()
    71  	for _, c := range certs1 {
    72  		pool1.AddCert(c)
    73  	}
    74  	certs2 := makeRandomCertsForPool(1000)
    75  	pool2 := NewCertPool()
    76  	for _, c := range certs2 {
    77  		pool2.AddCert(c)
    78  	}
    79  	sum := pool1.Sum(pool2)
    80  	if !sum.Covers(pool1) || !sum.Covers(pool2) {
    81  		t.Fail()
    82  	}
    83  	if pool1.Covers(sum) || pool2.Covers(sum) {
    84  		t.Fail()
    85  	}
    86  }
    87  
    88  func makeRandomCertsForPool(n int) []*Certificate {
    89  	out := make([]*Certificate, 0, n)
    90  	for i := 0; i < n; i++ {
    91  		c := new(Certificate)
    92  		c.FingerprintSHA256 = make([]byte, 256/8)
    93  		if _, err := rand.Read(c.FingerprintSHA256); err != nil {
    94  			panic(err)
    95  		}
    96  		c.RawSubject = make([]byte, 1)
    97  		if _, err := rand.Read(c.RawSubject); err != nil {
    98  			panic(err)
    99  		}
   100  		c.SubjectKeyId = make([]byte, 2)
   101  		if _, err := rand.Read(c.SubjectKeyId); err != nil {
   102  			panic(err)
   103  		}
   104  		c.Raw = make([]byte, 2048)
   105  		if _, err := rand.Read(c.Raw); err != nil {
   106  			panic(err)
   107  		}
   108  		out = append(out, c)
   109  	}
   110  	return out
   111  }
   112  
   113  func doBench(b *testing.B, certs []*Certificate) {
   114  	b.ResetTimer()
   115  	for i := 0; i < b.N; i++ {
   116  		pool := NewCertPool()
   117  		for _, c := range certs {
   118  			pool.AddCert(c)
   119  		}
   120  	}
   121  }
   122  
   123  func BenchmarkCertPoolAdd10(b *testing.B) {
   124  	certs := makeRandomCertsForPool(10)
   125  	doBench(b, certs)
   126  }
   127  
   128  func BenchmarkCertPoolAdd100(b *testing.B) {
   129  	certs := makeRandomCertsForPool(100)
   130  	doBench(b, certs)
   131  }
   132  
   133  func BenchmarkCertPoolAdd200(b *testing.B) {
   134  	certs := makeRandomCertsForPool(200)
   135  	doBench(b, certs)
   136  }
   137  
   138  func BenchmarkCertPoolAdd300(b *testing.B) {
   139  	certs := makeRandomCertsForPool(300)
   140  	doBench(b, certs)
   141  }
   142  
   143  func BenchmarkCertPoolAdd400(b *testing.B) {
   144  	certs := makeRandomCertsForPool(400)
   145  	doBench(b, certs)
   146  }
   147  
   148  func BenchmarkCertPoolAdd500(b *testing.B) {
   149  	certs := makeRandomCertsForPool(500)
   150  	doBench(b, certs)
   151  }
   152  
   153  func BenchmarkCertPoolAdd600(b *testing.B) {
   154  	certs := makeRandomCertsForPool(600)
   155  	doBench(b, certs)
   156  }
   157  
   158  func BenchmarkCertPoolAdd700(b *testing.B) {
   159  	certs := makeRandomCertsForPool(700)
   160  	doBench(b, certs)
   161  }
   162  
   163  func BenchmarkCertPoolAdd800(b *testing.B) {
   164  	certs := makeRandomCertsForPool(800)
   165  	doBench(b, certs)
   166  }
   167  
   168  func BenchmarkCertPoolAdd900(b *testing.B) {
   169  	certs := makeRandomCertsForPool(900)
   170  	doBench(b, certs)
   171  }
   172  
   173  func BenchmarkCertPoolAdd1000(b *testing.B) {
   174  	certs := makeRandomCertsForPool(1000)
   175  	doBench(b, certs)
   176  }
   177  
   178  func BenchmarkCertPoolAdd10000(b *testing.B) {
   179  	certs := makeRandomCertsForPool(10000)
   180  	doBench(b, certs)
   181  }
   182  
   183  func BenchmarkCertPoolAdd100000(b *testing.B) {
   184  	certs := makeRandomCertsForPool(100000)
   185  	doBench(b, certs)
   186  }