1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "crypto/ec_signature_creator.h" 6 7 #include <string> 8 #include <vector> 9 10 #include "base/memory/scoped_ptr.h" 11 #include "crypto/ec_private_key.h" 12 #include "crypto/signature_verifier.h" 13 #include "testing/gtest/include/gtest/gtest.h" 14 15 // TODO(rch): Add some exported keys from each to 16 // test interop between NSS and OpenSSL. 17 18 TEST(ECSignatureCreatorTest, BasicTest) { 19 // Do a verify round trip. 20 scoped_ptr<crypto::ECPrivateKey> key_original( 21 crypto::ECPrivateKey::Create()); 22 ASSERT_TRUE(key_original.get()); 23 24 std::vector<uint8> key_info; 25 ASSERT_TRUE( 26 key_original->ExportEncryptedPrivateKey(std::string(), 1000, &key_info)); 27 std::vector<uint8> pubkey_info; 28 ASSERT_TRUE(key_original->ExportPublicKey(&pubkey_info)); 29 30 scoped_ptr<crypto::ECPrivateKey> key( 31 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( 32 std::string(), key_info, pubkey_info)); 33 ASSERT_TRUE(key.get()); 34 ASSERT_TRUE(key->key() != NULL); 35 36 scoped_ptr<crypto::ECSignatureCreator> signer( 37 crypto::ECSignatureCreator::Create(key.get())); 38 ASSERT_TRUE(signer.get()); 39 40 std::string data("Hello, World!"); 41 std::vector<uint8> signature; 42 ASSERT_TRUE(signer->Sign(reinterpret_cast<const uint8*>(data.c_str()), 43 data.size(), 44 &signature)); 45 46 std::vector<uint8> public_key_info; 47 ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info)); 48 49 // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT. 50 // RFC 5758: 51 // ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) 52 // us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 } 53 // ... 54 // When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or 55 // ecdsa-with-SHA512 algorithm identifier appears in the algorithm field 56 // as an AlgorithmIdentifier, the encoding MUST omit the parameters 57 // field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one 58 // component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with- 59 // SHA384, or ecdsa-with-SHA512. 60 // See also RFC 5480, Appendix A. 61 const uint8 kECDSAWithSHA256AlgorithmID[] = { 62 0x30, 0x0a, 63 0x06, 0x08, 64 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 65 }; 66 crypto::SignatureVerifier verifier; 67 ASSERT_TRUE(verifier.VerifyInit( 68 kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID), 69 &signature[0], signature.size(), 70 &public_key_info.front(), public_key_info.size())); 71 72 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), 73 data.size()); 74 ASSERT_TRUE(verifier.VerifyFinal()); 75 } 76
