Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(633)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm_unittest.cc

Issue 1217653006: Add DER parsing for rsaPss signature algorithms. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@sign_parse_alg
Patch Set: rebase Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/signature_algorithm.cc ('K') | « net/cert/internal/signature_algorithm.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/signature_algorithm.h" 5 #include "net/cert/internal/signature_algorithm.h"
6 6
7 #include "base/files/file_util.h" 7 #include "base/files/file_util.h"
8 #include "base/strings/string_number_conversions.h" 8 #include "base/strings/string_number_conversions.h"
9 #include "net/base/test_data_directory.h" 9 #include "net/base/test_data_directory.h"
10 #include "net/cert/pem_tokenizer.h" 10 #include "net/cert/pem_tokenizer.h"
(...skipping 438 matching lines...) Expand 10 before | Expand all | Expand 10 after
449 EXPECT_FALSE(alg1.ParamsForRsaPss()); 449 EXPECT_FALSE(alg1.ParamsForRsaPss());
450 } 450 }
451 451
452 // Tests that the parmeters returned for an invalid algorithm are null. 452 // Tests that the parmeters returned for an invalid algorithm are null.
453 TEST(SignatureAlgorithmTest, ParamsAreNullForWrongType_Invalid) { 453 TEST(SignatureAlgorithmTest, ParamsAreNullForWrongType_Invalid) {
454 SignatureAlgorithm alg1; 454 SignatureAlgorithm alg1;
455 455
456 EXPECT_FALSE(alg1.ParamsForRsaPss()); 456 EXPECT_FALSE(alg1.ParamsForRsaPss());
457 } 457 }
458 458
459 // Parses a rsaPss algorithm that uses SHA1 and a salt length of 20.
460 //
461 // SEQUENCE (2 elem)
462 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
463 // SEQUENCE (4 elem)
464 // [0] (1 elem)
465 // SEQUENCE (2 elem)
466 // OBJECT IDENTIFIER 1.3.14.3.2.26
467 // NULL
468 // [1] (1 elem)
469 // SEQUENCE (2 elem)
470 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
471 // SEQUENCE (2 elem)
472 // OBJECT IDENTIFIER 1.3.14.3.2.26
473 // NULL
474 // [2] (1 elem)
475 // INTEGER 20
476 // [3] (1 elem)
477 // INTEGER 1
478 TEST(SignatureAlgorithmTest, ParseDer_rsaPss) {
479 // clang-format off
480 const uint8_t kData[] = {
481 0x30, 0x3E, // SEQUENCE (62 bytes)
482 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
483 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
484 0x30, 0x31, // SEQUENCE (49 bytes)
485 0xA0, 0x0B, // [0] (11 bytes)
486 0x30, 0x09, // SEQUENCE (9 bytes)
487 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
488 0x2B, 0x0E, 0x03, 0x02, 0x1A,
489 0x05, 0x00, // NULL (0 bytes)
490 0xA1, 0x18, // [1] (24 bytes)
491 0x30, 0x16, // SEQUENCE (22 bytes)
492 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
493 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
494 0x30, 0x09, // SEQUENCE (9 bytes)
495 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
496 0x2B, 0x0E, 0x03, 0x02, 0x1A,
497 0x05, 0x00, // NULL (0 bytes)
498 0xA2, 0x03, // [2] (3 bytes)
499 0x02, 0x01, // INTEGER (1 byte)
500 0x14,
501 0xA3, 0x03, // [3] (3 bytes)
502 0x02, 0x01, // INTEGER (1 byte)
503 0x01,
504 };
505 // clang-format on
506 SignatureAlgorithm algorithm;
507 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
508
509 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
510 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm.digest());
511
512 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
513
514 ASSERT_TRUE(params);
515 EXPECT_EQ(DigestAlgorithm::Sha1, params->mgf1_hash());
516 EXPECT_EQ(20u, params->salt_length());
517 }
518
519 // Parses a rsaPss algorithm that has an empty parameters. It should use all the
520 // default values (SHA1 and salt length of 20).
521 //
522 // SEQUENCE (2 elem)
523 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
524 // SEQUENCE (0 elem)
525 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_EmptyParams) {
526 // clang-format off
527 const uint8_t kData[] = {
528 0x30, 0x0D, // SEQUENCE (13 bytes)
529 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
530 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
531 0x30, 0x00, // SEQUENCE (0 bytes)
532 };
533 // clang-format on
534 SignatureAlgorithm algorithm;
535 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
536
537 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
538 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm.digest());
539
540 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
541
542 ASSERT_TRUE(params);
543 EXPECT_EQ(DigestAlgorithm::Sha1, params->mgf1_hash());
544 EXPECT_EQ(20u, params->salt_length());
545 }
546
547 // Parses a rsaPss algorithm that has NULL parameters. This fails.
548 //
549 // SEQUENCE (2 elem)
550 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
551 // NULL
552 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NullParams) {
553 // clang-format off
554 const uint8_t kData[] = {
555 0x30, 0x0D, // SEQUENCE (13 bytes)
556 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
557 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
558 0x05, 0x00, // NULL (0 bytes)
559 };
560 // clang-format on
561 SignatureAlgorithm algorithm;
562 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
563 }
564
565 // Parses a rsaPss algorithm that has no parameters. This fails.
566 //
567 // SEQUENCE (1 elem)
568 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
569 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NoParams) {
570 // clang-format off
571 const uint8_t kData[] = {
572 0x30, 0x0B, // SEQUENCE (11 bytes)
573 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
574 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
575 };
576 // clang-format on
577 SignatureAlgorithm algorithm;
578 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
579 }
580
581 // Parses a rsaPss algorithm that has data after the parameters sequence.
582 //
583 // SEQUENCE (3 elem)
584 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
585 // SEQUENCE (0 elem)
586 // NULL
587 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_DataAfterParams) {
588 // clang-format off
589 const uint8_t kData[] = {
590 0x30, 0x0F, // SEQUENCE (15 bytes)
591 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
592 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
593 0x30, 0x00, // SEQUENCE (0 bytes)
594 0x05, 0x00, // NULL (0 bytes)
595 };
596 // clang-format on
597 SignatureAlgorithm algorithm;
598 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
599 }
600
601 // Parses a rsaPss algorithm that uses defaults (by ommitting the values) for
602 // everything except the salt length.
603 //
604 // SEQUENCE (2 elem)
605 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
606 // SEQUENCE (1 elem)
607 // [2] (1 elem)
608 // INTEGER 23
609 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_DefaultsExceptForSaltLength) {
610 // clang-format off
611 const uint8_t kData[] = {
612 0x30, 0x12, // SEQUENCE (62 bytes)
613 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
614 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
615 0x30, 0x05, // SEQUENCE (5 bytes)
616 0xA2, 0x03, // [2] (3 bytes)
617 0x02, 0x01, // INTEGER (1 byte)
618 0x17,
619 };
620 // clang-format on
621 SignatureAlgorithm algorithm;
622 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
623
624 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
625 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm.digest());
626
627 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
628
629 ASSERT_TRUE(params);
630 EXPECT_EQ(DigestAlgorithm::Sha1, params->mgf1_hash());
631 EXPECT_EQ(23u, params->salt_length());
632 }
633
634 // Parses a rsaPss algorithm that has unrecognized data (NULL) within the
635 // parameters sequence.
636 //
637 // SEQUENCE (2 elem)
638 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
639 // SEQUENCE (2 elem)
640 // [2] (1 elem)
641 // INTEGER 23
642 // NULL
Ryan Sleevi 2015/07/06 15:03:18 This should work, and is valid.
643 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NullInsideParams) {
644 // clang-format off
645 const uint8_t kData[] = {
646 0x30, 0x14, // SEQUENCE (62 bytes)
647 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
648 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
649 0x30, 0x07, // SEQUENCE (5 bytes)
650 0xA2, 0x03, // [2] (3 bytes)
651 0x02, 0x01, // INTEGER (1 byte)
652 0x17,
653 0x05, 0x00, // NULL (0 bytes)
654 };
655 // clang-format on
656 SignatureAlgorithm algorithm;
657 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
658 }
659
660 // Parses a rsaPss algorithm that has an unsupported trailer value (2). Only
661 // trailer values of 1 are allowed by RFC 4055.
662 //
663 // SEQUENCE (2 elem)
664 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
665 // SEQUENCE (1 elem)
666 // [3] (1 elem)
667 // INTEGER 2
668 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_UnsupportedTrailer) {
669 // clang-format off
670 const uint8_t kData[] = {
671 0x30, 0x12, // SEQUENCE (18 bytes)
672 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
673 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
674 0x30, 0x05, // SEQUENCE (5 bytes)
675 0xA3, 0x03, // [3] (3 bytes)
676 0x02, 0x01, // INTEGER (1 byte)
677 0x02,
678 };
679 // clang-format on
680 SignatureAlgorithm algorithm;
681 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
682 }
683
684 // Parses a rsaPss algorithm that has extra data appearing after the trailer in
685 // the [3] section.
686 //
687 // SEQUENCE (2 elem)
688 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
689 // SEQUENCE (1 elem)
690 // [3] (2 elem)
691 // INTEGER 1
692 // NULL
693 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_BadTrailer) {
694 // clang-format off
695 const uint8_t kData[] = {
696 0x30, 0x14, // SEQUENCE (20 bytes)
697 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
698 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
699 0x30, 0x07, // SEQUENCE (7 bytes)
700 0xA3, 0x05, // [3] (5 bytes)
701 0x02, 0x01, // INTEGER (1 byte)
702 0x01,
703 0x05, 0x00, // NULL (0 bytes)
704 };
705 // clang-format on
706 SignatureAlgorithm algorithm;
707 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
708 }
709
710 // Parses a rsaPss algorithm that uses SHA384 for the hash, and leaves the rest
711 // as defaults (including the mask gen).
712 //
713 // SEQUENCE (2 elem)
714 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
715 // SEQUENCE (1 elem)
716 // [0] (1 elem)
717 // SEQUENCE (2 elem)
718 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.2
719 // NULL
720 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NonDefaultHash) {
721 // clang-format off
722 const uint8_t kData[] = {
723 0x30, 0x1E, // SEQUENCE (30 bytes)
724 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
725 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
726 0x30, 0x11, // SEQUENCE (17 bytes)
727 0xA0, 0x0F, // [0] (15 bytes)
728 0x30, 0x0D, // SEQUENCE (13 bytes)
729 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
730 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
731 0x05, 0x00, // NULL (0 bytes)
732 };
733 // clang-format on
734 SignatureAlgorithm algorithm;
735 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
736
737 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
738 EXPECT_EQ(DigestAlgorithm::Sha384, algorithm.digest());
739
740 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
741
742 ASSERT_TRUE(params);
743 EXPECT_EQ(DigestAlgorithm::Sha1, params->mgf1_hash());
744 EXPECT_EQ(20u, params->salt_length());
745 }
746
747 // Parses a rsaPss algorithm that uses SHA384 for the hash, however in the
748 // AlgorithmIdentifier for the hash function the parameters are omitted instead
749 // of NULL.
750 //
751 // SEQUENCE (2 elem)
752 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
753 // SEQUENCE (1 elem)
754 // [0] (1 elem)
755 // SEQUENCE (1 elem)
756 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.2
757 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NonDefaultHash_AbsentParams) {
758 // clang-format off
759 const uint8_t kData[] = {
760 0x30, 0x1C, // SEQUENCE (28 bytes)
761 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
762 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
763 0x30, 0x0F, // SEQUENCE (15 bytes)
764 0xA0, 0x0D, // [0] (13 bytes)
765 0x30, 0x0B, // SEQUENCE (11 bytes)
766 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
767 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
768 };
769 // clang-format on
770 SignatureAlgorithm algorithm;
771 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
772
773 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
774 EXPECT_EQ(DigestAlgorithm::Sha384, algorithm.digest());
775
776 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
777
778 ASSERT_TRUE(params);
779 EXPECT_EQ(DigestAlgorithm::Sha1, params->mgf1_hash());
780 EXPECT_EQ(20u, params->salt_length());
781 }
782
783 // Parses a rsaPss algorithm that uses an invalid hash algorithm (twiddled the
784 // bytes for the SHA-384 OID a bit).
785 //
786 // SEQUENCE (2 elem)
787 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
788 // SEQUENCE (1 elem)
789 // [0] (1 elem)
790 // SEQUENCE (1 elem)
791 // OBJECT IDENTIFIER 2.16.840.2.103.19.4.2.2
792 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_UnsupportedHashOid) {
793 // clang-format off
794 const uint8_t kData[] = {
795 0x30, 0x1C, // SEQUENCE (28 bytes)
796 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
797 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
798 0x30, 0x0F, // SEQUENCE (15 bytes)
799 0xA0, 0x0D, // [0] (13 bytes)
800 0x30, 0x0B, // SEQUENCE (11 bytes)
801 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
802 0x60, 0x86, 0x48, 0x02, 0x67, 0x13, 0x04, 0x02, 0x02,
803 };
804 // clang-format on
805 SignatureAlgorithm algorithm;
806 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
807 }
808
809 // Parses a rsaPss algorithm that uses SHA512 MGF1 for the mask gen, and
810 // defaults for the rest.
811 //
812 // SEQUENCE (2 elem)
813 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
814 // SEQUENCE (1 elem)
815 // [1] (1 elem)
816 // SEQUENCE (2 elem)
817 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
818 // SEQUENCE (2 elem)
819 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
820 // NULL
821 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NonDefaultMaskGen) {
822 // clang-format off
823 const uint8_t kData[] = {
824 0x30, 0x2B, // SEQUENCE (43 bytes)
825 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
826 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
827 0x30, 0x1E, // SEQUENCE (30 bytes)
828 0xA1, 0x1C, // [1] (28 bytes)
829 0x30, 0x1A, // SEQUENCE (26 bytes)
830 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
831 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
832 0x30, 0x0D, // SEQUENCE (13 bytes)
833 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
834 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
835 0x05, 0x00, // NULL (0 bytes)
836 };
837 // clang-format on
838 SignatureAlgorithm algorithm;
839 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
840
841 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
842 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm.digest());
843
844 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
845
846 ASSERT_TRUE(params);
847 EXPECT_EQ(DigestAlgorithm::Sha512, params->mgf1_hash());
848 EXPECT_EQ(20u, params->salt_length());
849 }
850
851 // Parses a rsaPss algorithm that uses a mask gen with an unrecognized OID
852 // (twiddled some of the bits).
853 //
854 // SEQUENCE (2 elem)
855 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
856 // SEQUENCE (1 elem)
857 // [1] (1 elem)
858 // SEQUENCE (2 elem)
859 // OBJECT IDENTIFIER 1.2.840.113618.1.2.8
860 // SEQUENCE (2 elem)
861 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
862 // NULL
863 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_UnsupportedMaskGen) {
864 // clang-format off
865 const uint8_t kData[] = {
866 0x30, 0x2B, // SEQUENCE (43 bytes)
867 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
868 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
869 0x30, 0x1E, // SEQUENCE (30 bytes)
870 0xA1, 0x1C, // [1] (28 bytes)
871 0x30, 0x1A, // SEQUENCE (26 bytes)
872 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
873 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x52, 0x01, 0x02, 0x08,
874 0x30, 0x0D, // SEQUENCE (13 bytes)
875 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
876 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
877 0x05, 0x00, // NULL (0 bytes)
878 };
879 // clang-format on
880 SignatureAlgorithm algorithm;
881 ASSERT_FALSE(algorithm.ParseDer(der::Input(kData)));
882 }
883
884 // Parses a rsaPss algorithm that uses SHA256 for the hash, and SHA512 for the
885 // MGF1.
886 //
887 // SEQUENCE (2 elem)
888 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
889 // SEQUENCE (2 elem)
890 // [0] (1 elem)
891 // SEQUENCE (2 elem)
892 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
893 // NULL
894 // [1] (1 elem)
895 // SEQUENCE (2 elem)
896 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
897 // SEQUENCE (2 elem)
898 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
899 // NULL
900 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NonDefaultHashAndMaskGen) {
901 // clang-format off
902 const uint8_t kData[] = {
903 0x30, 0x3C, // SEQUENCE (60 bytes)
904 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
905 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
906 0x30, 0x2F, // SEQUENCE (47 bytes)
907 0xA0, 0x0F, // [0] (15 bytes)
908 0x30, 0x0D, // SEQUENCE (13 bytes)
909 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
910 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
911 0x05, 0x00, // NULL (0 bytes)
912 0xA1, 0x1C, // [1] (28 bytes)
913 0x30, 0x1A, // SEQUENCE (26 bytes)
914 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
915 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
916 0x30, 0x0D, // SEQUENCE (13 bytes)
917 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
918 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
919 0x05, 0x00, // NULL (0 bytes)
920 };
921 // clang-format on
922 SignatureAlgorithm algorithm;
923 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
924
925 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
926 EXPECT_EQ(DigestAlgorithm::Sha256, algorithm.digest());
927
928 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
929
930 ASSERT_TRUE(params);
931 EXPECT_EQ(DigestAlgorithm::Sha512, params->mgf1_hash());
932 EXPECT_EQ(20u, params->salt_length());
933 }
934
935 // Parses a rsaPss algorithm that uses SHA256 for the hash, and SHA256 for the
936 // MGF1, and a salt length of 10.
937 //
938 // SEQUENCE (2 elem)
939 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
940 // SEQUENCE (3 elem)
941 // [0] (1 elem)
942 // SEQUENCE (2 elem)
943 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
944 // NULL
945 // [1] (1 elem)
946 // SEQUENCE (2 elem)
947 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
948 // SEQUENCE (2 elem)
949 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
950 // NULL
951 // [2] (1 elem)
952 // INTEGER 10
953 TEST(SignatureAlgorithmTest, ParseDer_rsaPss_NonDefaultHashAndMaskGenAndSalt) {
954 // clang-format off
955 const uint8_t kData[] = {
956 0x30, 0x41, // SEQUENCE (65 bytes)
957 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
958 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
959 0x30, 0x34, // SEQUENCE (52 bytes)
960 0xA0, 0x0F, // [0] (15 bytes)
961 0x30, 0x0D, // SEQUENCE (13 bytes)
962 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
963 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
964 0x05, 0x00, // NULL (0 bytes)
965 0xA1, 0x1C, // [1] (28 bytes)
966 0x30, 0x1A, // SEQUENCE (26 bytes)
967 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
968 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
969 0x30, 0x0D, // SEQUENCE (13 bytes)
970 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
971 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
972 0x05, 0x00, // NULL (0 bytes)
973 0xA2, 0x03, // [2] (3 bytes)
974 0x02, 0x01, // INTEGER (1 byte)
975 0x0A,
976 };
977 // clang-format on
978 SignatureAlgorithm algorithm;
979 ASSERT_TRUE(algorithm.ParseDer(der::Input(kData)));
980
981 ASSERT_EQ(SignatureAlgorithmId::RsaPss, algorithm.algorithm());
982 EXPECT_EQ(DigestAlgorithm::Sha256, algorithm.digest());
983
984 const RsaPssParameters* params = algorithm.ParamsForRsaPss();
985
986 ASSERT_TRUE(params);
987 EXPECT_EQ(DigestAlgorithm::Sha256, params->mgf1_hash());
988 EXPECT_EQ(10u, params->salt_length());
989 }
990
459 } // namespace 991 } // namespace
460 992
461 } // namespace net 993 } // namespace net
OLDNEW
« net/cert/internal/signature_algorithm.cc ('K') | « net/cert/internal/signature_algorithm.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698