// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "crypto/ec_signature_creator.h" #include <string> #include <vector> #include "base/memory/scoped_ptr.h" #include "crypto/ec_private_key.h" #include "crypto/signature_verifier.h" #include "testing/gtest/include/gtest/gtest.h" // TODO(rch): Add some exported keys from each to // test interop between NSS and OpenSSL. TEST(ECSignatureCreatorTest, BasicTest) { // Do a verify round trip. scoped_ptr<crypto::ECPrivateKey> key_original( crypto::ECPrivateKey::Create()); ASSERT_TRUE(key_original.get()); std::vector<uint8> key_info; ASSERT_TRUE( key_original->ExportEncryptedPrivateKey(std::string(), 1000, &key_info)); std::vector<uint8> pubkey_info; ASSERT_TRUE(key_original->ExportPublicKey(&pubkey_info)); scoped_ptr<crypto::ECPrivateKey> key( crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( std::string(), key_info, pubkey_info)); ASSERT_TRUE(key.get()); ASSERT_TRUE(key->key() != NULL); scoped_ptr<crypto::ECSignatureCreator> signer( crypto::ECSignatureCreator::Create(key.get())); ASSERT_TRUE(signer.get()); std::string data("Hello, World!"); std::vector<uint8> signature; ASSERT_TRUE(signer->Sign(reinterpret_cast<const uint8*>(data.c_str()), data.size(), &signature)); std::vector<uint8> public_key_info; ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info)); // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT. // RFC 5758: // ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) // us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 } // ... // When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or // ecdsa-with-SHA512 algorithm identifier appears in the algorithm field // as an AlgorithmIdentifier, the encoding MUST omit the parameters // field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one // component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with- // SHA384, or ecdsa-with-SHA512. // See also RFC 5480, Appendix A. const uint8 kECDSAWithSHA256AlgorithmID[] = { 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, }; crypto::SignatureVerifier verifier; ASSERT_TRUE(verifier.VerifyInit( kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID), &signature[0], signature.size(), &public_key_info.front(), public_key_info.size())); verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), data.size()); ASSERT_TRUE(verifier.VerifyFinal()); }