| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "crypto/nss_key_util.h" |
| 6 |
| 7 #include <keyhi.h> |
| 8 #include <pk11pub.h> |
| 9 |
| 10 #include <vector> |
| 11 |
| 12 #include "crypto/nss_util.h" |
| 13 #include "crypto/scoped_nss_types.h" |
| 14 #include "testing/gtest/include/gtest/gtest.h" |
| 15 |
| 16 namespace crypto { |
| 17 |
| 18 class NSSKeyUtilTest : public testing::Test { |
| 19 public: |
| 20 void SetUp() override { |
| 21 EnsureNSSInit(); |
| 22 |
| 23 internal_slot_.reset(PK11_GetInternalSlot()); |
| 24 ASSERT_TRUE(internal_slot_); |
| 25 } |
| 26 |
| 27 PK11SlotInfo* internal_slot() { return internal_slot_.get(); } |
| 28 |
| 29 private: |
| 30 ScopedPK11Slot internal_slot_; |
| 31 }; |
| 32 |
| 33 TEST_F(NSSKeyUtilTest, GenerateRSAKeyPairNSS) { |
| 34 const int kKeySizeBits = 1024; |
| 35 |
| 36 ScopedSECKEYPublicKey public_key; |
| 37 ScopedSECKEYPrivateKey private_key; |
| 38 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), kKeySizeBits, |
| 39 false /* not permanent */, &public_key, |
| 40 &private_key)); |
| 41 |
| 42 EXPECT_EQ(rsaKey, SECKEY_GetPublicKeyType(public_key.get())); |
| 43 EXPECT_EQ(rsaKey, SECKEY_GetPrivateKeyType(private_key.get())); |
| 44 EXPECT_EQ((kKeySizeBits + 7) / 8, |
| 45 PK11_GetPrivateModulusLen(private_key.get())); |
| 46 } |
| 47 |
| 48 #if defined(USE_NSS_CERTS) |
| 49 TEST_F(NSSKeyUtilTest, FindNSSKeyFromPublicKeyInfo) { |
| 50 // Create an NSS keypair, which will put the keys in the user's NSSDB. |
| 51 ScopedSECKEYPublicKey public_key; |
| 52 ScopedSECKEYPrivateKey private_key; |
| 53 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, |
| 54 false /* not permanent */, &public_key, |
| 55 &private_key)); |
| 56 |
| 57 ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); |
| 58 ASSERT_TRUE(item); |
| 59 std::vector<uint8_t> public_key_der(item->data, item->data + item->len); |
| 60 |
| 61 ScopedSECKEYPrivateKey private_key2 = |
| 62 FindNSSKeyFromPublicKeyInfo(public_key_der); |
| 63 ASSERT_TRUE(private_key2); |
| 64 EXPECT_EQ(private_key->pkcs11ID, private_key2->pkcs11ID); |
| 65 } |
| 66 |
| 67 TEST_F(NSSKeyUtilTest, FailedFindNSSKeyFromPublicKeyInfo) { |
| 68 // Create an NSS keypair, which will put the keys in the user's NSSDB. |
| 69 ScopedSECKEYPublicKey public_key; |
| 70 ScopedSECKEYPrivateKey private_key; |
| 71 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, |
| 72 false /* not permanent */, &public_key, |
| 73 &private_key)); |
| 74 |
| 75 ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); |
| 76 ASSERT_TRUE(item); |
| 77 std::vector<uint8_t> public_key_der(item->data, item->data + item->len); |
| 78 |
| 79 // Remove the keys from the DB, and make sure we can't find them again. |
| 80 PK11_DestroyTokenObject(private_key->pkcs11Slot, private_key->pkcs11ID); |
| 81 PK11_DestroyTokenObject(public_key->pkcs11Slot, public_key->pkcs11ID); |
| 82 |
| 83 EXPECT_FALSE(FindNSSKeyFromPublicKeyInfo(public_key_der)); |
| 84 } |
| 85 #endif // defined(USE_NSS_CERTS) |
| 86 |
| 87 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1106103003:
Don't use RSAPrivateKey in NSS integration code. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-refactor