OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "crypto/nss_key_util.h" | |
6 | |
7 #include <keyhi.h> | |
8 #include <pk11pub.h> | |
9 | |
10 #include <vector> | |
11 | |
12 #include "crypto/nss_util.h" | |
13 #include "crypto/scoped_nss_types.h" | |
14 #include "testing/gtest/include/gtest/gtest.h" | |
15 | |
16 #if defined(USE_NSS_CERTS) | |
17 #include "crypto/scoped_test_nss_db.h" | |
18 #endif | |
19 | |
20 namespace crypto { | |
21 | |
22 class NSSKeyUtilTest : public testing::Test { | |
23 public: | |
24 void SetUp() override { | |
25 EnsureNSSInit(); | |
26 | |
27 internal_slot_.reset(PK11_GetInternalSlot()); | |
28 ASSERT_TRUE(internal_slot_); | |
29 } | |
30 | |
31 PK11SlotInfo* internal_slot() { return internal_slot_.get(); } | |
pneubeck (no reviews)
2015/04/28 09:56:27
can't you just return test_nssdb_.slot() ?
If not
davidben
2015/04/28 16:27:46
No, because that doesn't make sense in non-USE_NSS
| |
32 | |
33 private: | |
34 ScopedPK11Slot internal_slot_; | |
35 #if defined(USE_NSS_CERTS) | |
36 ScopedTestNSSDB test_nssdb_; | |
37 #endif | |
38 }; | |
39 | |
40 TEST_F(NSSKeyUtilTest, GenerateRSAKeyPairNSS) { | |
41 const int kKeySizeBits = 1024; | |
42 | |
43 ScopedSECKEYPublicKey public_key; | |
44 ScopedSECKEYPrivateKey private_key; | |
45 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), kKeySizeBits, | |
46 false /* not permanent */, &public_key, | |
47 &private_key)); | |
48 | |
49 EXPECT_EQ(rsaKey, SECKEY_GetPublicKeyType(public_key.get())); | |
50 EXPECT_EQ(rsaKey, SECKEY_GetPrivateKeyType(private_key.get())); | |
51 EXPECT_EQ((kKeySizeBits + 7) / 8, | |
52 PK11_GetPrivateModulusLen(private_key.get())); | |
53 } | |
54 | |
55 #if defined(USE_NSS_CERTS) | |
56 TEST_F(NSSKeyUtilTest, FindNSSKeyFromPublicKeyInfo) { | |
57 // Create an NSS keypair, which will put the keys in the user's NSSDB. | |
58 ScopedSECKEYPublicKey public_key; | |
59 ScopedSECKEYPrivateKey private_key; | |
60 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, | |
61 false /* not permanent */, &public_key, | |
62 &private_key)); | |
63 | |
64 ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); | |
65 ASSERT_TRUE(item); | |
66 std::vector<uint8_t> public_key_der(item->data, item->data + item->len); | |
67 | |
68 ScopedSECKEYPrivateKey private_key2 = | |
69 FindNSSKeyFromPublicKeyInfo(public_key_der); | |
70 ASSERT_TRUE(private_key2); | |
71 EXPECT_EQ(private_key->pkcs11ID, private_key2->pkcs11ID); | |
72 } | |
73 | |
74 TEST_F(NSSKeyUtilTest, FailedFindNSSKeyFromPublicKeyInfo) { | |
75 // Create an NSS keypair, which will put the keys in the user's NSSDB. | |
76 ScopedSECKEYPublicKey public_key; | |
77 ScopedSECKEYPrivateKey private_key; | |
78 ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 256, | |
79 false /* not permanent */, &public_key, | |
80 &private_key)); | |
81 | |
82 ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get())); | |
83 ASSERT_TRUE(item); | |
84 std::vector<uint8_t> public_key_der(item->data, item->data + item->len); | |
85 | |
86 // Remove the keys from the DB, and make sure we can't find them again. | |
87 PK11_DestroyTokenObject(private_key->pkcs11Slot, private_key->pkcs11ID); | |
88 PK11_DestroyTokenObject(public_key->pkcs11Slot, public_key->pkcs11ID); | |
89 | |
90 EXPECT_FALSE(FindNSSKeyFromPublicKeyInfo(public_key_der)); | |
91 } | |
92 #endif // defined(USE_NSS_CERTS) | |
93 | |
94 } // namespace crypto | |
OLD | NEW |