Evict resources from resource pool after timeout
[chromium-blink-merge.git] / crypto / ec_signature_creator_unittest.cc
blob2a40cfe0c12a40f93dfa7f4db51f779de18b8663
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/ec_signature_creator.h"
7 #include <string>
8 #include <vector>
10 #include "base/memory/scoped_ptr.h"
11 #include "crypto/ec_private_key.h"
12 #include "crypto/signature_verifier.h"
13 #include "testing/gtest/include/gtest/gtest.h"
15 // TODO(rch): Add some exported keys from each to
16 // test interop between NSS and OpenSSL.
18 TEST(ECSignatureCreatorTest, BasicTest) {
19 // Do a verify round trip.
20 scoped_ptr<crypto::ECPrivateKey> key_original(
21 crypto::ECPrivateKey::Create());
22 ASSERT_TRUE(key_original.get());
24 std::vector<uint8> key_info;
25 ASSERT_TRUE(
26 key_original->ExportEncryptedPrivateKey(std::string(), 1000, &key_info));
27 std::vector<uint8> pubkey_info;
28 ASSERT_TRUE(key_original->ExportPublicKey(&pubkey_info));
30 scoped_ptr<crypto::ECPrivateKey> key(
31 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
32 std::string(), key_info, pubkey_info));
33 ASSERT_TRUE(key.get());
34 ASSERT_TRUE(key->key() != NULL);
36 scoped_ptr<crypto::ECSignatureCreator> signer(
37 crypto::ECSignatureCreator::Create(key.get()));
38 ASSERT_TRUE(signer.get());
40 std::string data("Hello, World!");
41 std::vector<uint8> signature;
42 ASSERT_TRUE(signer->Sign(reinterpret_cast<const uint8*>(data.c_str()),
43 data.size(),
44 &signature));
46 std::vector<uint8> public_key_info;
47 ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info));
49 // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT.
50 // RFC 5758:
51 // ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
52 // us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 }
53 // ...
54 // When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
55 // ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
56 // as an AlgorithmIdentifier, the encoding MUST omit the parameters
57 // field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one
58 // component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-
59 // SHA384, or ecdsa-with-SHA512.
60 // See also RFC 5480, Appendix A.
61 const uint8 kECDSAWithSHA256AlgorithmID[] = {
62 0x30, 0x0a,
63 0x06, 0x08,
64 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
66 crypto::SignatureVerifier verifier;
67 ASSERT_TRUE(verifier.VerifyInit(
68 kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID),
69 &signature[0], signature.size(),
70 &public_key_info.front(), public_key_info.size()));
72 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()),
73 data.size());
74 ASSERT_TRUE(verifier.VerifyFinal());