Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(280)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm_unittest.cc

Issue 1218753002: Add DER parsing of AlgorithmId for signatures. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove clang-format off and just accept its formatting Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/signature_algorithm.cc ('K') | « net/cert/internal/signature_algorithm.cc ('k') | net/der/input.h » ('j') | net/der/input.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/internal/signature_algorithm.h"
6
7 #include "base/files/file_util.h"
8 #include "base/strings/string_number_conversions.h"
9 #include "net/base/test_data_directory.h"
10 #include "net/cert/pem_tokenizer.h"
11 #include "net/der/input.h"
12 #include "net/der/parser.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 namespace net {
16
17 namespace {
18
19 // Try parsing a SignatureAlgorithm given an empty DER input.
20 TEST(SignatureAlgorithmTest, ParseInvalidDer_Empty) {
21 SignatureAlgorithm algorithm;
22 ASSERT_FALSE(algorithm.AssignFromDer(der::Input()));
23 }
24
25 // Try parsing a SignatureAlgorithm given invalid DER input.
26 TEST(SignatureAlgorithmTest, ParseInvalidDer_Bogus) {
27 const uint8_t kData[] = {0x00};
28 SignatureAlgorithm algorithm;
29 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
30 }
31
32 // Parses a sha-1WithRSAEncryption which contains no parameters field.
33 //
34 // SEQUENCE (1 elem)
35 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
36 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_NoParams) {
37 const uint8_t kData[] = {0x30,
38 0x0B,
39 0x06,
40 0x09,
41 0x2A,
42 0x86,
43 0x48,
44 0x86,
45 0xF7,
46 0x0D,
47 0x01,
48 0x01,
49 0x05};
Ryan Sleevi 2015/06/29 14:45:24 See https://code.google.com/p/chromium/codesearch#
eroman 2015/06/29 15:19:00 I had used clang-format off in the earlier patchse
Ryan Sleevi 2015/06/29 16:36:28 On 2015/06/29 15:19:00, eroman wrote: > My slight
eroman 2015/06/30 15:53:15 Done
50 SignatureAlgorithm algorithm;
51 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
52
53 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1_5, algorithm.algorithm);
54 EXPECT_EQ(DigestAlgorithmId::Sha1, algorithm.digest);
55 }
56
57 // Parses a sha-1WithRSAEncryption which contains a NULL parameters field.
58 //
59 // SEQUENCE (2 elem)
60 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
61 // NULL
62 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_NullParams) {
63 const uint8_t kData[] = {0x30,
64 0x0D,
65 0x06,
66 0x09,
67 0x2A,
68 0x86,
69 0x48,
70 0x86,
71 0xF7,
72 0x0D,
73 0x01,
74 0x01,
75 0x05,
76 0x05,
77 0x00};
78 SignatureAlgorithm algorithm;
79 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
80
81 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1_5, algorithm.algorithm);
82 EXPECT_EQ(DigestAlgorithmId::Sha1, algorithm.digest);
83 }
84
85 // Parses a sha-1WithRSAEncryption which contains an unexpected parameters
86 // field. Instead of being NULL or omitted, it is an integer.
87 //
88 // SEQUENCE (2 elem)
89 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
90 // INTEGER 0
91 TEST(SignatureAlgorithmTest,
92 ParseInvalidDer_sha1WithRSAEncryption_NonNullParams) {
93 const uint8_t kData[] = {0x30,
94 0x0E,
95 0x06,
96 0x09,
97 0x2A,
98 0x86,
99 0x48,
100 0x86,
101 0xF7,
102 0x0D,
103 0x01,
104 0x01,
105 0x05,
106 0x02,
107 0x01,
108 0x00};
109 SignatureAlgorithm algorithm;
110 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
111 }
112
113 // Parses a sha-1WithRSAEncryption which contains a bad NULL parameters field.
114 // Normally NULL is encoded as {0x05, 0x00} (tag for NULL and length of 0). Here
115 // NULL is encoded as having a length of 1 instead, followed by data 0x09.
116 //
117 // SEQUENCE (2 elem)
118 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
119 // NULL
120 TEST(SignatureAlgorithmTest,
121 ParseInvalidDer_sha1WithRSAEncryption_BadNullParams) {
122 const uint8_t kData[] = {0x30,
123 0x0E,
124 0x06,
125 0x09,
126 0x2A,
127 0x86,
128 0x48,
129 0x86,
130 0xF7,
131 0x0D,
132 0x01,
133 0x01,
134 0x05,
135 0x05,
136 0x01,
137 0x09};
138 SignatureAlgorithm algorithm;
139 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
140 }
141
142 // Parses a sha-1WithRSAEncryption which contains a NULL parameters field,
143 // followed by an integer.
144 //
145 // SEQUENCE (3 elem)
146 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
147 // NULL
148 // INTEGER 0
149 TEST(SignatureAlgorithmTest,
150 ParseInvalidDer_sha1WithRSAEncryption_NullParamsThenInteger) {
151 const uint8_t kData[] = {0x30,
152 0x10,
153 0x06,
154 0x09,
155 0x2A,
156 0x86,
157 0x48,
158 0x86,
159 0xF7,
160 0x0D,
161 0x01,
162 0x01,
163 0x05,
164 0x05,
165 0x00,
166 0x02,
167 0x01,
168 0x00};
169 SignatureAlgorithm algorithm;
170 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
171 }
172
173 // Try parsing a SignatureAlgorithm given DER which does not encode a sequence.
174 //
175 // INTEGER 0
176 TEST(SignatureAlgorithmTest, ParseInvalidDer_NotASequence) {
177 const uint8_t kData[] = {
178 0x02, 0x01, 0x00,
179 };
180 SignatureAlgorithm algorithm;
181 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
182 }
183
184 // Parses a sha256WithRSAEncryption which contains no parameters field.
185 //
186 // SEQUENCE (1 elem)
187 // OBJECT IDENTIFIER 1.2.840.113549.1.1.11
188 TEST(SignatureAlgorithmTest, ParseDer_sha256WithRSAEncryption_NoParams) {
189 const uint8_t kData[] = {0x30,
190 0x0B,
191 0x06,
192 0x09,
193 0x2a,
194 0x86,
195 0x48,
196 0x86,
197 0xf7,
198 0x0d,
199 0x01,
200 0x01,
201 0x0b};
202 SignatureAlgorithm algorithm;
203 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
204
205 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1_5, algorithm.algorithm);
206 EXPECT_EQ(DigestAlgorithmId::Sha256, algorithm.digest);
207 }
208
209 // Parses a sha384WithRSAEncryption which contains no parameters field.
210 //
211 // SEQUENCE (1 elem)
212 // OBJECT IDENTIFIER 1.2.840.113549.1.1.12
213 TEST(SignatureAlgorithmTest, ParseDer_sha384WithRSAEncryption_NoParams) {
214 const uint8_t kData[] = {0x30,
215 0x0B,
216 0x06,
217 0x09,
218 0x2a,
219 0x86,
220 0x48,
221 0x86,
222 0xf7,
223 0x0d,
224 0x01,
225 0x01,
226 0x0c};
227 SignatureAlgorithm algorithm;
228 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
229
230 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1_5, algorithm.algorithm);
231 EXPECT_EQ(DigestAlgorithmId::Sha384, algorithm.digest);
232 }
233
234 // Parses a sha512WithRSAEncryption which contains no parameters field.
235 //
236 // SEQUENCE (1 elem)
237 // OBJECT IDENTIFIER 1.2.840.113549.1.1.13
238 TEST(SignatureAlgorithmTest, ParseDer_sha512WithRSAEncryption_NoParams) {
239 const uint8_t kData[] = {0x30,
240 0x0B,
241 0x06,
242 0x09,
243 0x2a,
244 0x86,
245 0x48,
246 0x86,
247 0xf7,
248 0x0d,
249 0x01,
250 0x01,
251 0x0d};
252 SignatureAlgorithm algorithm;
253 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
254
255 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1_5, algorithm.algorithm);
256 EXPECT_EQ(DigestAlgorithmId::Sha512, algorithm.digest);
257 }
258
259 // Parses a sha224WithRSAEncryption which contains no parameters field. This
260 // fails because the parsing code does not enumerate this OID (even though it is
261 // in fact valid).
262 //
263 // SEQUENCE (1 elem)
264 // OBJECT IDENTIFIER 1.2.840.113549.1.1.14
265 TEST(SignatureAlgorithmTest, ParseDer_sha224WithRSAEncryption_NoParams) {
266 const uint8_t kData[] = {0x30,
267 0x0B,
268 0x06,
269 0x09,
270 0x2a,
271 0x86,
272 0x48,
273 0x86,
274 0xf7,
275 0x0d,
276 0x01,
277 0x01,
278 0x0e};
279 SignatureAlgorithm algorithm;
280 ASSERT_FALSE(algorithm.AssignFromDer(der::Input(kData)));
281 }
282
283 // Parses a ecdsa-with-SHA1 which contains no parameters field.
284 //
285 // SEQUENCE (1 elem)
286 // OBJECT IDENTIFIER 1.2.840.10045.4.1
287 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA1_NoParams) {
288 const uint8_t kData[] = {
289 0x30, 0x09, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01};
290 SignatureAlgorithm algorithm;
291 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
292
293 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm.algorithm);
294 EXPECT_EQ(DigestAlgorithmId::Sha1, algorithm.digest);
295 }
296
297 // Parses a ecdsa-with-SHA256 which contains no parameters field.
298 //
299 // SEQUENCE (1 elem)
300 // OBJECT IDENTIFIER 1.2.840.10045.4.2
301 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA256_NoParams) {
302 const uint8_t kData[] = {
303 0x30, 0x0A, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02};
304 SignatureAlgorithm algorithm;
305 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
306
307 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm.algorithm);
308 EXPECT_EQ(DigestAlgorithmId::Sha256, algorithm.digest);
309 }
310
311 // Parses a ecdsa-with-SHA384 which contains no parameters field.
312 //
313 // SEQUENCE (1 elem)
314 // OBJECT IDENTIFIER 1.2.840.10045.4.3
315 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA384_NoParams) {
316 const uint8_t kData[] = {
317 0x30, 0x0A, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03};
318 SignatureAlgorithm algorithm;
319 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
320
321 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm.algorithm);
322 EXPECT_EQ(DigestAlgorithmId::Sha384, algorithm.digest);
323 }
324
325 // Parses a ecdsa-with-SHA512 which contains no parameters field.
326 //
327 // SEQUENCE (1 elem)
328 // OBJECT IDENTIFIER 1.2.840.10045.4.4
329 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA512_NoParams) {
330 const uint8_t kData[] = {
331 0x30, 0x0A, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04};
332 SignatureAlgorithm algorithm;
333 ASSERT_TRUE(algorithm.AssignFromDer(der::Input(kData)));
334
335 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm.algorithm);
336 EXPECT_EQ(DigestAlgorithmId::Sha512, algorithm.digest);
337 }
338
339 TEST(SignatureAlgorithmTest, Equals_DigestMismatch) {
340 SignatureAlgorithm alg1 = {SignatureAlgorithmId::RsaPkcs1_5,
341 DigestAlgorithmId::Sha1};
342 SignatureAlgorithm alg2 = {SignatureAlgorithmId::RsaPkcs1_5,
343 DigestAlgorithmId::Sha256};
344
345 ASSERT_FALSE(alg1.Equals(alg2));
346 }
347
348 TEST(SignatureAlgorithmTest, Equals_AlgorithmMismatch) {
349 SignatureAlgorithm alg1 = {SignatureAlgorithmId::Ecdsa,
350 DigestAlgorithmId::Sha256};
351 SignatureAlgorithm alg2 = {SignatureAlgorithmId::RsaPkcs1_5,
352 DigestAlgorithmId::Sha256};
353
354 ASSERT_FALSE(alg1.Equals(alg2));
355 }
356
357 TEST(SignatureAlgorithmTest, Equals_Match) {
358 SignatureAlgorithm alg1 = {SignatureAlgorithmId::Ecdsa,
359 DigestAlgorithmId::Sha256};
360 SignatureAlgorithm alg2 = {SignatureAlgorithmId::Ecdsa,
361 DigestAlgorithmId::Sha256};
362
363 ASSERT_TRUE(alg1.Equals(alg2));
364 }
365
366 } // namespace
367
368 } // namespace net
OLDNEW
« net/cert/internal/signature_algorithm.cc ('K') | « net/cert/internal/signature_algorithm.cc ('k') | net/der/input.h » ('j') | net/der/input.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698