crypto/nss_key_util_unittest.cc

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/nss_key_util.h"
   6
   7 #include <keyhi.h>
   8 #include <pk11pub.h>
   9
  10 #include <vector>
  11
  12 #include "crypto/nss_util.h"
  13 #include "crypto/scoped_nss_types.h"
  14 #include "testing/gtest/include/gtest/gtest.h"
  15
  16 namespace crypto {
  17
  18 class NSSKeyUtilTest : public testing::Test {
  19  public:
  20   void SetUp() override {
  21     EnsureNSSInit();
  22
  23     internal_slot_.reset(PK11_GetInternalSlot());
  24     ASSERT_TRUE(internal_slot_);
  25   }
  26
  27   PK11SlotInfo* internal_slot() { return internal_slot_.get(); }
  28
  29  private:
  30   ScopedPK11Slot internal_slot_;
  31 };
  32
  33 TEST_F(NSSKeyUtilTest, GenerateRSAKeyPairNSS) {
  34   const int kKeySizeBits = 1024;
  35
  36   ScopedSECKEYPublicKey public_key;
  37   ScopedSECKEYPrivateKey private_key;
  38   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), kKeySizeBits,
  39                                     false /* not permanent */, &public_key,
  40                                     &private_key));
  41
  42   EXPECT_EQ(rsaKey, SECKEY_GetPublicKeyType(public_key.get()));
  43   EXPECT_EQ(rsaKey, SECKEY_GetPrivateKeyType(private_key.get()));
  44   EXPECT_EQ((kKeySizeBits + 7) / 8,
  45             PK11_GetPrivateModulusLen(private_key.get()));
  46 }
  47
  48 #if defined(USE_NSS_CERTS)
  49 TEST_F(NSSKeyUtilTest, FindNSSKeyFromPublicKeyInfo) {
  50   // Create an NSS keypair, which will put the keys in the user's NSSDB.
  51   ScopedSECKEYPublicKey public_key;
  52   ScopedSECKEYPrivateKey private_key;
  53   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256,
  54                                     false /* not permanent */, &public_key,
  55                                     &private_key));
  56
  57   ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get()));
  58   ASSERT_TRUE(item);
  59   std::vector<uint8_t> public_key_der(item->data, item->data + item->len);
  60
  61   ScopedSECKEYPrivateKey private_key2 =
  62       FindNSSKeyFromPublicKeyInfo(public_key_der);
  63   ASSERT_TRUE(private_key2);
  64   EXPECT_EQ(private_key->pkcs11ID, private_key2->pkcs11ID);
  65 }
  66
  67 TEST_F(NSSKeyUtilTest, FailedFindNSSKeyFromPublicKeyInfo) {
  68   // Create an NSS keypair, which will put the keys in the user's NSSDB.
  69   ScopedSECKEYPublicKey public_key;
  70   ScopedSECKEYPrivateKey private_key;
  71   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256,
  72                                     false /* not permanent */, &public_key,
  73                                     &private_key));
  74
  75   ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get()));
  76   ASSERT_TRUE(item);
  77   std::vector<uint8_t> public_key_der(item->data, item->data + item->len);
  78
  79   // Remove the keys from the DB, and make sure we can't find them again.
  80   PK11_DestroyTokenObject(private_key->pkcs11Slot, private_key->pkcs11ID);
  81   PK11_DestroyTokenObject(public_key->pkcs11Slot, public_key->pkcs11ID);
  82
  83   EXPECT_FALSE(FindNSSKeyFromPublicKeyInfo(public_key_der));
  84 }
  85 #endif  // defined(USE_NSS_CERTS)
  86
  87 }  // namespace crypto