Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "crypto/ec_signature_creator.h" |
| 6 | |
| 7 | #include <string> |
| 8 | #include <vector> |
| 9 | |
| 10 | #include "base/memory/scoped_ptr.h" |
| 11 | #include "crypto/ec_private_key.h" |
| 12 | #include "crypto/signature_verifier.h" |
| 13 | #include "testing/gtest/include/gtest/gtest.h" |
| 14 | |
| 15 | #if defined(USE_OPENSSL) |
| 16 | // Once ECSignatureCreator is implemented for OpenSSL, remove this #if block. |
| 17 | // TODO(rch): When that happens, also add some exported keys from each to |
| 18 | // test interop between NSS and OpenSSL. |
| 19 | TEST(ECSignatureCreatorTest, OpenSSLStub) { |
| 20 | scoped_ptr<crypto::ECSignatureCreator> signer( |
| 21 | crypto::ECSignatureCreator::Create(NULL)); |
| 22 | ASSERT_TRUE(signer.get()); |
| 23 | EXPECT_FALSE(signer->Sign(NULL, 0, NULL)); |
| 24 | } |
| 25 | #else |
| 26 | TEST(ECSignatureCreatorTest, BasicTest) { |
| 27 | // Do a verify round trip. |
| 28 | scoped_ptr<crypto::ECPrivateKey> key_original( |
| 29 | crypto::ECPrivateKey::Create()); |
| 30 | ASSERT_TRUE(key_original.get()); |
| 31 | |
| 32 | std::vector<uint8> key_info; |
Torne (Richard Coles) | c2e0dbd | 2013-05-09 18:35:53 +0100 | [diff] [blame] | 33 | ASSERT_TRUE( |
| 34 | key_original->ExportEncryptedPrivateKey(std::string(), 1000, &key_info)); |
Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 35 | std::vector<uint8> pubkey_info; |
| 36 | ASSERT_TRUE(key_original->ExportPublicKey(&pubkey_info)); |
| 37 | |
| 38 | scoped_ptr<crypto::ECPrivateKey> key( |
Torne (Richard Coles) | c2e0dbd | 2013-05-09 18:35:53 +0100 | [diff] [blame] | 39 | crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
| 40 | std::string(), key_info, pubkey_info)); |
Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 41 | ASSERT_TRUE(key.get()); |
| 42 | ASSERT_TRUE(key->key() != NULL); |
| 43 | |
| 44 | scoped_ptr<crypto::ECSignatureCreator> signer( |
| 45 | crypto::ECSignatureCreator::Create(key.get())); |
| 46 | ASSERT_TRUE(signer.get()); |
| 47 | |
| 48 | std::string data("Hello, World!"); |
| 49 | std::vector<uint8> signature; |
| 50 | ASSERT_TRUE(signer->Sign(reinterpret_cast<const uint8*>(data.c_str()), |
| 51 | data.size(), |
| 52 | &signature)); |
| 53 | |
| 54 | std::vector<uint8> public_key_info; |
| 55 | ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info)); |
| 56 | |
Ben Murdoch | eb525c5 | 2013-07-10 11:40:50 +0100 | [diff] [blame] | 57 | // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT. |
| 58 | // RFC 5758: |
| 59 | // ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) |
| 60 | // us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 } |
| 61 | // ... |
| 62 | // When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or |
| 63 | // ecdsa-with-SHA512 algorithm identifier appears in the algorithm field |
| 64 | // as an AlgorithmIdentifier, the encoding MUST omit the parameters |
| 65 | // field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one |
| 66 | // component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with- |
| 67 | // SHA384, or ecdsa-with-SHA512. |
| 68 | // See also RFC 5480, Appendix A. |
Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 69 | const uint8 kECDSAWithSHA256AlgorithmID[] = { |
Ben Murdoch | eb525c5 | 2013-07-10 11:40:50 +0100 | [diff] [blame] | 70 | 0x30, 0x0a, |
Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 71 | 0x06, 0x08, |
| 72 | 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, |
Torne (Richard Coles) | 5821806 | 2012-11-14 11:43:16 +0000 | [diff] [blame] | 73 | }; |
| 74 | crypto::SignatureVerifier verifier; |
| 75 | ASSERT_TRUE(verifier.VerifyInit( |
| 76 | kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID), |
| 77 | &signature[0], signature.size(), |
| 78 | &public_key_info.front(), public_key_info.size())); |
| 79 | |
| 80 | verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), |
| 81 | data.size()); |
| 82 | ASSERT_TRUE(verifier.VerifyFinal()); |
| 83 | } |
| 84 | #endif // !defined(USE_OPENSSL) |