crypto/ec_signature_creator_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/ec_signature_creator.h"
   6
   7 #include <string>
   8 #include <vector>
   9
  10 #include "base/memory/scoped_ptr.h"
  11 #include "crypto/ec_private_key.h"
  12 #include "crypto/signature_verifier.h"
  13 #include "testing/gtest/include/gtest/gtest.h"
  14
  15 #if defined(USE_OPENSSL)
  16 // Once ECSignatureCreator is implemented for OpenSSL, remove this #if block.
  17 // TODO(rch): When that happens, also add some exported keys from each to
  18 // test interop between NSS and OpenSSL.
  19 TEST(ECSignatureCreatorTest, OpenSSLStub) {
  20   scoped_ptr<crypto::ECSignatureCreator> signer(
  21       crypto::ECSignatureCreator::Create(NULL));
  22   ASSERT_TRUE(signer.get());
  23   EXPECT_FALSE(signer->Sign(NULL, 0, NULL));
  24 }
  25 #else
  26 TEST(ECSignatureCreatorTest, BasicTest) {
  27   // Do a verify round trip.
  28   scoped_ptr<crypto::ECPrivateKey> key_original(
  29       crypto::ECPrivateKey::Create());
  30   ASSERT_TRUE(key_original.get());
  31
  32   std::vector<uint8> key_info;
  33   ASSERT_TRUE(
  34       key_original->ExportEncryptedPrivateKey(std::string(), 1000, &key_info));
  35   std::vector<uint8> pubkey_info;
  36   ASSERT_TRUE(key_original->ExportPublicKey(&pubkey_info));
  37
  38   scoped_ptr<crypto::ECPrivateKey> key(
  39       crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
  40           std::string(), key_info, pubkey_info));
  41   ASSERT_TRUE(key.get());
  42   ASSERT_TRUE(key->key() != NULL);
  43
  44   scoped_ptr<crypto::ECSignatureCreator> signer(
  45       crypto::ECSignatureCreator::Create(key.get()));
  46   ASSERT_TRUE(signer.get());
  47
  48   std::string data("Hello, World!");
  49   std::vector<uint8> signature;
  50   ASSERT_TRUE(signer->Sign(reinterpret_cast<const uint8*>(data.c_str()),
  51                            data.size(),
  52                            &signature));
  53
  54   std::vector<uint8> public_key_info;
  55   ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info));
  56
  57   // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT.
  58   // RFC 5758:
  59   //   ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
  60   //        us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 }
  61   //   ...
  62   //   When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or
  63   //   ecdsa-with-SHA512 algorithm identifier appears in the algorithm field
  64   //   as an AlgorithmIdentifier, the encoding MUST omit the parameters
  65   //   field.  That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one
  66   //   component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-
  67   //   SHA384, or ecdsa-with-SHA512.
  68   // See also RFC 5480, Appendix A.
  69   const uint8 kECDSAWithSHA256AlgorithmID[] = {
  70     0x30, 0x0a,
  71       0x06, 0x08,
  72         0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
  73   };
  74   crypto::SignatureVerifier verifier;
  75   ASSERT_TRUE(verifier.VerifyInit(
  76       kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID),
  77       &signature[0], signature.size(),
  78       &public_key_info.front(), public_key_info.size()));
  79
  80   verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()),
  81                         data.size());
  82   ASSERT_TRUE(verifier.VerifyFinal());
  83 }
  84 #endif  // !defined(USE_OPENSSL)