| Index: net/data/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem
|
| diff --git a/net/data/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem b/net/data/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..953f2aaaed020a7705242f41cebd603c19c15c54
|
| --- /dev/null
|
| +++ b/net/data/verify_signed_data_unittest/ecdsa-secp384r1-sha256.pem
|
| @@ -0,0 +1,77 @@
|
| +This test data was produced by creating a self-signed EC cert using OpenSSL,
|
| +and then extracting the relevant fields.
|
| +
|
| +It uses ECDSA with curve secp384r1 an SHA-256.
|
| +
|
| +(1) Generate self-signed certificate
|
| +
|
| + openssl ecparam -out ec_key.pem -name secp384r1 -genkey
|
| + openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem
|
| +
|
| +(2) Extract public key
|
| +
|
| + openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
|
| + cat pubkey.pem
|
| +
|
| +(3) Extract signed data (tbsCertificate)
|
| +
|
| + openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
|
| + base64 tbs
|
| +
|
| +(4) Extract signature algorithm
|
| +
|
| + # Find the offset of the signature algorithm near the end (496 in this case)
|
| + openssl asn1parse -in cert.pem
|
| +
|
| + openssl asn1parse -in cert.pem -out alg -noout -strparse 496
|
| + base64 alg
|
| +
|
| +(5) Extract the signature
|
| +
|
| + # Find the final offset of BIT STRING (508 in this case)
|
| + openssl asn1parse -in cert.pem
|
| +
|
| + openssl asn1parse -in cert.pem -out sig -noout -strparse 508
|
| + base64 sig
|
| +
|
| +
|
| +$ openssl asn1parse -i < [PUBLIC KEY]
|
| + 0:d=0 hl=2 l= 118 cons: SEQUENCE
|
| + 2:d=1 hl=2 l= 16 cons: SEQUENCE
|
| + 4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
|
| + 13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1
|
| + 20:d=1 hl=2 l= 98 prim: BIT STRING
|
| +-----BEGIN PUBLIC KEY-----
|
| +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q
|
| +qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5
|
| +emYjLtvDsQ
|
| +-----END PUBLIC KEY-----
|
| +
|
| +
|
| +$ openssl asn1parse -i < [ALGORITHM]
|
| + 0:d=0 hl=2 l= 10 cons: SEQUENCE
|
| + 2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
|
| +-----BEGIN ALGORITHM-----
|
| +MAoGCCqGSM49BAMC
|
| +-----END ALGORITHM-----
|
| +
|
| +
|
| +-----BEGIN DATA-----
|
| +MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg
|
| +MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw
|
| +wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M
|
| +DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
|
| +bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V
|
| +wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh
|
| +FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t
|
| +Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV
|
| +HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/
|
| +-----END DATA-----
|
| +
|
| +
|
| +$ openssl asn1parse -i < [SIGNATURE]
|
| + 0:d=0 hl=2 l= 105 prim: BIT STRING
|
| +-----BEGIN SIGNATURE-----
|
| +A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM
|
| +CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU=
|
| +-----END SIGNATURE-----
|
|
|
Chromium Code Reviews
Issue 1209283004:
Implement VerifySignedData() for ECDSA, RSA PKCS#1 and RSA PSS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@parse_pss