| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "net/cert/internal/verify_signed_data.h" |
| 6 |
| 7 #include <set> |
| 8 |
| 9 #include "base/base_paths.h" |
| 10 #include "base/files/file_util.h" |
| 11 #include "base/path_service.h" |
| 12 #include "net/cert/internal/signature_algorithm.h" |
| 13 #include "net/cert/pem_tokenizer.h" |
| 14 #include "net/der/input.h" |
| 15 #include "testing/gtest/include/gtest/gtest.h" |
| 16 |
| 17 namespace net { |
| 18 |
| 19 namespace { |
| 20 |
| 21 // Creates a der::Input from an std::string. The lifetimes are a bit subtle |
| 22 // when using this function: |
| 23 // |
| 24 // The returned der::Input() is only valid so long as the input string is alive |
| 25 // and is not mutated. |
| 26 // |
| 27 // Note that the input parameter has been made a pointer to prevent callers |
| 28 // from accidentally passing an r-value. |
| 29 der::Input InputFromString(const std::string* s) { |
| 30 return der::Input(reinterpret_cast<const uint8_t*>(s->data()), s->size()); |
| 31 } |
| 32 |
| 33 // Reads a signature verification test file. |
| 34 // |
| 35 // The test file is a series of PEM blocks (PEM is just base64 data) with |
| 36 // headings of: |
| 37 // |
| 38 // "PUBLIC KEY" - DER encoding of the SubjectPublicKeyInfo |
| 39 // "ALGORITHM" - DER encoding of the AlgorithmIdentifier for the signature |
| 40 // algorithm (signatureAlgorithm in X.509) |
| 41 // "DATA" - The data that was signed (tbsCertificate in X.509) |
| 42 // "SIGNATURE" - The result of signing DATA. |
| 43 ::testing::AssertionResult ParseTestDataFile(const std::string& file_data, |
| 44 std::string* public_key, |
| 45 std::string* algorithm, |
| 46 std::string* signed_data, |
| 47 std::string* signature_value) { |
| 48 const char kPublicKeyBlock[] = "PUBLIC KEY"; |
| 49 const char kAlgorithmBlock[] = "ALGORITHM"; |
| 50 const char kSignedDataBlock[] = "DATA"; |
| 51 const char kSignatureBlock[] = "SIGNATURE"; |
| 52 |
| 53 std::vector<std::string> pem_headers; |
| 54 pem_headers.push_back(kPublicKeyBlock); |
| 55 pem_headers.push_back(kAlgorithmBlock); |
| 56 pem_headers.push_back(kSignedDataBlock); |
| 57 pem_headers.push_back(kSignatureBlock); |
| 58 |
| 59 // Keep track of which blocks have been encountered (by elimination). |
| 60 std::set<std::string> remaining_blocks(pem_headers.begin(), |
| 61 pem_headers.end()); |
| 62 |
| 63 PEMTokenizer pem_tokenizer(file_data, pem_headers); |
| 64 while (pem_tokenizer.GetNext()) { |
| 65 const std::string& block_type = pem_tokenizer.block_type(); |
| 66 if (block_type == kPublicKeyBlock) { |
| 67 public_key->assign(pem_tokenizer.data()); |
| 68 } else if (block_type == kAlgorithmBlock) { |
| 69 algorithm->assign(pem_tokenizer.data()); |
| 70 } else if (block_type == kSignedDataBlock) { |
| 71 signed_data->assign(pem_tokenizer.data()); |
| 72 } else if (block_type == kSignatureBlock) { |
| 73 signature_value->assign(pem_tokenizer.data()); |
| 74 } |
| 75 |
| 76 if (remaining_blocks.erase(block_type) != 1u) { |
| 77 return ::testing::AssertionFailure() |
| 78 << "PEM block defined multiple times: " << block_type; |
| 79 } |
| 80 } |
| 81 |
| 82 if (!remaining_blocks.empty()) { |
| 83 // Print one of the missing PEM blocks. |
| 84 return ::testing::AssertionFailure() << "PEM block missing: " |
| 85 << *remaining_blocks.begin(); |
| 86 } |
| 87 |
| 88 return ::testing::AssertionSuccess(); |
| 89 } |
| 90 |
| 91 // Returns a path to the file |file_name| within the unittest data directory. |
| 92 base::FilePath GetTestFilePath(const char* file_name) { |
| 93 base::FilePath src_root; |
| 94 PathService::Get(base::DIR_SOURCE_ROOT, &src_root); |
| 95 return src_root.Append( |
| 96 FILE_PATH_LITERAL("net/data/verify_signed_data_unittest")) |
| 97 .AppendASCII(file_name); |
| 98 } |
| 99 |
| 100 enum VerifyResult { |
| 101 SUCCESS, |
| 102 FAILURE, |
| 103 }; |
| 104 |
| 105 // Reads test data from |file_name| and runs VerifySignedData() over its inputs. |
| 106 // |
| 107 // If expected_result was SUCCESS then the test will only succeed if |
| 108 // VerifySignedData() returns true. |
| 109 // |
| 110 // If expected_result was FAILURE then the test will only succeed if |
| 111 // VerifySignedData() returns false. |
| 112 void RunTestCase(VerifyResult expected_result, const char* file_name) { |
| 113 #if !defined(USE_OPENSSL) |
| 114 LOG(INFO) << "Skipping test, only implemented for BoringSSL"; |
| 115 return; |
| 116 #endif |
| 117 |
| 118 base::FilePath test_file_path = GetTestFilePath(file_name); |
| 119 |
| 120 std::string file_data; |
| 121 ASSERT_TRUE(base::ReadFileToString(test_file_path, &file_data)) |
| 122 << "Couldn't read file: " << test_file_path.value(); |
| 123 |
| 124 std::string public_key; |
| 125 std::string algorithm; |
| 126 std::string signed_data; |
| 127 std::string signature_value; |
| 128 |
| 129 ASSERT_TRUE(ParseTestDataFile(file_data, &public_key, &algorithm, |
| 130 &signed_data, &signature_value)); |
| 131 |
| 132 scoped_ptr<SignatureAlgorithm> signature_algorithm = |
| 133 SignatureAlgorithm::CreateFromDer(InputFromString(&algorithm)); |
| 134 ASSERT_TRUE(signature_algorithm); |
| 135 |
| 136 bool expected_result_bool = expected_result == SUCCESS; |
| 137 |
| 138 EXPECT_EQ( |
| 139 expected_result_bool, |
| 140 VerifySignedData(*signature_algorithm, InputFromString(&signed_data), |
| 141 InputFromString(&signature_value), |
| 142 InputFromString(&public_key))); |
| 143 } |
| 144 |
| 145 // Read the descriptions in the test files themselves for details on what is |
| 146 // being tested. |
| 147 |
| 148 TEST(VerifySignedDataTest, RsaPkcs1Sha1) { |
| 149 RunTestCase(SUCCESS, "rsa-pkcs1-sha1.pem"); |
| 150 } |
| 151 |
| 152 TEST(VerifySignedDataTest, RsaPkcs1Sha256) { |
| 153 RunTestCase(SUCCESS, "rsa-pkcs1-sha256.pem"); |
| 154 } |
| 155 |
| 156 TEST(VerifySignedDataTest, RsaPkcs1Sha256KeyEncodedBer) { |
| 157 // TODO(eroman): This should fail! (SPKI should be DER-encoded). |
| 158 RunTestCase(SUCCESS, "rsa-pkcs1-sha256-key-encoded-ber.pem"); |
| 159 } |
| 160 |
| 161 TEST(VerifySignedDataTest, EcdsaSecp384r1Sha256) { |
| 162 RunTestCase(SUCCESS, "ecdsa-secp384r1-sha256.pem"); |
| 163 } |
| 164 |
| 165 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512) { |
| 166 RunTestCase(SUCCESS, "ecdsa-prime256v1-sha512.pem"); |
| 167 } |
| 168 |
| 169 TEST(VerifySignedDataTest, RsaPssSha1) { |
| 170 RunTestCase(SUCCESS, "rsa-pss-sha1-salt20.pem"); |
| 171 } |
| 172 |
| 173 TEST(VerifySignedDataTest, RsaPssSha256Mgf1Sha512Salt33) { |
| 174 RunTestCase(SUCCESS, "rsa-pss-sha256-mgf1-sha512-salt33.pem"); |
| 175 } |
| 176 |
| 177 TEST(VerifySignedDataTest, RsaPssSha256) { |
| 178 RunTestCase(SUCCESS, "rsa-pss-sha256-salt10.pem"); |
| 179 } |
| 180 |
| 181 TEST(VerifySignedDataTest, RsaPssSha1WrongSalt) { |
| 182 RunTestCase(FAILURE, "rsa-pss-sha1-wrong-salt.pem"); |
| 183 } |
| 184 |
| 185 TEST(VerifySignedDataTest, EcdsaSecp384r1Sha256CorruptedData) { |
| 186 RunTestCase(FAILURE, "ecdsa-secp384r1-sha256-corrupted-data.pem"); |
| 187 } |
| 188 |
| 189 TEST(VerifySignedDataTest, RsaPkcs1Sha1WrongAlgorithm) { |
| 190 RunTestCase(FAILURE, "rsa-pkcs1-sha1-wrong-algorithm.pem"); |
| 191 } |
| 192 |
| 193 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512WrongSignatureFormat) { |
| 194 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-wrong-signature-format.pem"); |
| 195 } |
| 196 |
| 197 TEST(VerifySignedDataTest, EcdsaUsingRsaKey) { |
| 198 RunTestCase(FAILURE, "ecdsa-using-rsa-key.pem"); |
| 199 } |
| 200 |
| 201 TEST(VerifySignedDataTest, RsaUsingEcKey) { |
| 202 RunTestCase(FAILURE, "rsa-using-ec-key.pem"); |
| 203 } |
| 204 |
| 205 TEST(VerifySignedDataTest, RsaPkcs1Sha1BadKeyDerNull) { |
| 206 RunTestCase(FAILURE, "rsa-pkcs1-sha1-bad-key-der-null.pem"); |
| 207 } |
| 208 |
| 209 TEST(VerifySignedDataTest, RsaPkcs1Sha1BadKeyDerLength) { |
| 210 RunTestCase(FAILURE, "rsa-pkcs1-sha1-bad-key-der-length.pem"); |
| 211 } |
| 212 |
| 213 TEST(VerifySignedDataTest, RsaPkcs1Sha256UsingEcdsaAlgorithm) { |
| 214 RunTestCase(FAILURE, "rsa-pkcs1-sha256-using-ecdsa-algorithm.pem"); |
| 215 } |
| 216 |
| 217 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UsingRsaAlgorithm) { |
| 218 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-using-rsa-algorithm.pem"); |
| 219 } |
| 220 |
| 221 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UsingEcdhKey) { |
| 222 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-using-ecdh-key.pem"); |
| 223 } |
| 224 |
| 225 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512UsingEcmqvKey) { |
| 226 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-using-ecmqv-key.pem"); |
| 227 } |
| 228 |
| 229 TEST(VerifySignedDataTest, RsaPkcs1Sha1KeyParamsAbsent) { |
| 230 // TODO(eroman): This should fail! (key algoritm parsing is too permissive) |
| 231 RunTestCase(SUCCESS, "rsa-pkcs1-sha1-key-params-absent.pem"); |
| 232 } |
| 233 |
| 234 TEST(VerifySignedDataTest, RsaPssSha1Salt20UsingPssKeyNoParams) { |
| 235 // TODO(eroman): This should pass! (rsaPss not currently supported in key |
| 236 // algorithm). |
| 237 RunTestCase(FAILURE, "rsa-pss-sha1-salt20-using-pss-key-no-params.pem"); |
| 238 } |
| 239 |
| 240 TEST(VerifySignedDataTest, RsaPkcs1Sha1UsingPssKeyNoParams) { |
| 241 RunTestCase(FAILURE, "rsa-pkcs1-sha1-using-pss-key-no-params.pem"); |
| 242 } |
| 243 |
| 244 TEST(VerifySignedDataTest, RsaPssSha256Salt10UsingPssKeyWithParams) { |
| 245 // TODO(eroman): This should pass! (rsaPss not currently supported in key |
| 246 // algorithm). |
| 247 RunTestCase(FAILURE, "rsa-pss-sha256-salt10-using-pss-key-with-params.pem"); |
| 248 } |
| 249 |
| 250 TEST(VerifySignedDataTest, RsaPssSha256Salt10UsingPssKeyWithWrongParams) { |
| 251 RunTestCase(FAILURE, |
| 252 "rsa-pss-sha256-salt10-using-pss-key-with-wrong-params.pem"); |
| 253 } |
| 254 |
| 255 TEST(VerifySignedDataTest, RsaPssSha256Salt12UsingPssKeyWithNullParams) { |
| 256 RunTestCase(FAILURE, |
| 257 "rsa-pss-sha1-salt20-using-pss-key-with-null-params.pem"); |
| 258 } |
| 259 |
| 260 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512SpkiParamsNull) { |
| 261 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-spki-params-null.pem"); |
| 262 } |
| 263 |
| 264 TEST(VerifySignedDataTest, RsaPkcs1Sha256UsingIdEaRsa) { |
| 265 // TODO(eroman): This should fail! (shouldn't recognize this weird OID). |
| 266 RunTestCase(SUCCESS, "rsa-pkcs1-sha256-using-id-ea-rsa.pem"); |
| 267 } |
| 268 |
| 269 TEST(VerifySignedDataTest, RsaPkcs1Sha256SpkiNonNullParams) { |
| 270 // TODO(eroman): This should fail! (shouldn't recognize bogus params in rsa |
| 271 // SPKI). |
| 272 RunTestCase(SUCCESS, "rsa-pkcs1-sha256-spki-non-null-params.pem"); |
| 273 } |
| 274 |
| 275 TEST(VerifySignedDataTest, EcdsaPrime256v1Sha512SignatureNotBitString) { |
| 276 RunTestCase(FAILURE, "ecdsa-prime256v1-sha512-signature-not-bitstring.pem"); |
| 277 } |
| 278 |
| 279 } // namespace |
| 280 |
| 281 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1209283004:
Implement VerifySignedData() for ECDSA, RSA PKCS#1 and RSA PSS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@parse_pss