Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(353)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm_unittest.cc

Issue 1218753002: Add DER parsing of AlgorithmId for signatures. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: de-virtualize Equals() Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/internal/signature_algorithm.cc ('k') | net/net.gypi » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/internal/signature_algorithm.h"
6
7 #include "base/files/file_util.h"
8 #include "base/strings/string_number_conversions.h"
9 #include "net/base/test_data_directory.h"
10 #include "net/cert/pem_tokenizer.h"
11 #include "net/der/input.h"
12 #include "net/der/parser.h"
13 #include "testing/gtest/include/gtest/gtest.h"
14
15 namespace net {
16
17 namespace {
18
19 // Creates a SignatureAlgorithm given the DER as a byte array. Returns true on
20 // success and fills |*out| with a non-null pointer.
21 template <size_t N>
22 bool ParseDer(const uint8_t(&data)[N], scoped_ptr<SignatureAlgorithm>* out) {
23 *out = SignatureAlgorithm::CreateFromDer(der::Input(data, N));
24 return *out;
25 }
26
27 // Parses a SignatureAlgorithm given an empty DER input.
28 TEST(SignatureAlgorithmTest, ParseDer_Empty) {
29 scoped_ptr<SignatureAlgorithm> algorithm =
30 SignatureAlgorithm::CreateFromDer(der::Input());
31 ASSERT_FALSE(algorithm);
32 }
33
34 // Parses a SignatureAlgorithm given invalid DER input.
35 TEST(SignatureAlgorithmTest, ParseDer_Bogus) {
36 const uint8_t kData[] = {0x00};
37 scoped_ptr<SignatureAlgorithm> algorithm;
38 ASSERT_FALSE(ParseDer(kData, &algorithm));
39 }
40
41 // Parses a sha1WithRSAEncryption which contains a NULL parameters field.
42 //
43 // SEQUENCE (2 elem)
44 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
45 // NULL
46 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_NullParams) {
47 // clang-format off
48 const uint8_t kData[] = {
49 0x30, 0x0D, // SEQUENCE (13 bytes)
50 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
51 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
52 0x05, 0x00, // NULL (0 bytes)
53 };
54 // clang-format on
55 scoped_ptr<SignatureAlgorithm> algorithm;
56 ASSERT_TRUE(ParseDer(kData, &algorithm));
57
58 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1, algorithm->algorithm());
59 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm->digest());
60 }
61
62 // Parses a sha1WithRSAEncryption which contains no parameters field.
63 //
64 // SEQUENCE (1 elem)
65 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
66 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_NoParams) {
67 // clang-format off
68 const uint8_t kData[] = {
69 0x30, 0x0B, // SEQUENCE (11 bytes)
70 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
71 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
72 };
73 // clang-format on
74 scoped_ptr<SignatureAlgorithm> algorithm;
75 ASSERT_FALSE(ParseDer(kData, &algorithm));
76 }
77
78 // Parses a sha1WithRSAEncryption which contains an unexpected parameters
79 // field. Instead of being NULL it is an integer.
80 //
81 // SEQUENCE (2 elem)
82 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
83 // INTEGER 0
84 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_NonNullParams) {
85 // clang-format off
86 const uint8_t kData[] = {
87 0x30, 0x0E, // SEQUENCE (14 bytes)
88 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
89 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
90 0x02, 0x01, 0x00, // INTEGER (1 byte)
91 };
92 // clang-format on
93 scoped_ptr<SignatureAlgorithm> algorithm;
94 ASSERT_FALSE(ParseDer(kData, &algorithm));
95 }
96
97 // Parses a sha1WithRSAEncryption which contains values after the sequence.
98 //
99 // SEQUENCE (2 elem)
100 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
101 // NULL
102 // INTEGER 0
103 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRsaEncryption_DataAfterSequence) {
104 // clang-format off
105 const uint8_t kData[] = {
106 0x30, 0x0D, // SEQUENCE (13 bytes)
107 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
108 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
109 0x05, 0x00, // NULL (0 bytes)
110 0x02, 0x01, 0x00, // INTEGER (1 byte)
111 };
112 // clang-format on
113 scoped_ptr<SignatureAlgorithm> algorithm;
114 ASSERT_FALSE(ParseDer(kData, &algorithm));
115 }
116
117 // Parses a sha1WithRSAEncryption which contains a bad NULL parameters field.
118 // Normally NULL is encoded as {0x05, 0x00} (tag for NULL and length of 0). Here
119 // NULL is encoded as having a length of 1 instead, followed by data 0x09.
120 //
121 // SEQUENCE (2 elem)
122 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
123 // NULL
124 TEST(SignatureAlgorithmTest, ParseDer_sha1WithRSAEncryption_BadNullParams) {
125 // clang-format off
126 const uint8_t kData[] = {
127 0x30, 0x0E, // SEQUENCE (13 bytes)
128 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
129 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
130 0x05, 0x01, 0x09, // NULL (1 byte)
131 };
132 // clang-format on
133 scoped_ptr<SignatureAlgorithm> algorithm;
134 ASSERT_FALSE(ParseDer(kData, &algorithm));
135 }
136
137 // Parses a sha1WithRSAEncryption which contains a NULL parameters field,
138 // followed by an integer.
139 //
140 // SEQUENCE (3 elem)
141 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
142 // NULL
143 // INTEGER 0
144 TEST(SignatureAlgorithmTest,
145 ParseDer_sha1WithRSAEncryption_NullParamsThenInteger) {
146 // clang-format off
147 const uint8_t kData[] = {
148 0x30, 0x10, // SEQUENCE (16 bytes)
149 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
150 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
151 0x05, 0x00, // NULL (0 bytes)
152 0x02, 0x01, 0x00, // INTEGER (1 byte)
153 };
154 // clang-format on
155 scoped_ptr<SignatureAlgorithm> algorithm;
156 ASSERT_FALSE(ParseDer(kData, &algorithm));
157 }
158
159 // Parses a SignatureAlgorithm given DER which does not encode a sequence.
160 //
161 // INTEGER 0
162 TEST(SignatureAlgorithmTest, ParseDer_NotASequence) {
163 // clang-format off
164 const uint8_t kData[] = {
165 0x02, 0x01, 0x00, // INTEGER (1 byte)
166 };
167 // clang-format on
168 scoped_ptr<SignatureAlgorithm> algorithm;
169 ASSERT_FALSE(ParseDer(kData, &algorithm));
170 }
171
172 // Parses a sha256WithRSAEncryption which contains a NULL parameters field.
173 //
174 // SEQUENCE (2 elem)
175 // OBJECT IDENTIFIER 1.2.840.113549.1.1.11
176 // NULL
177 TEST(SignatureAlgorithmTest, ParseDer_sha256WithRSAEncryption_NullParams) {
178 // clang-format off
179 const uint8_t kData[] = {
180 0x30, 0x0D, // SEQUENCE (13 bytes)
181 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
182 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
183 0x05, 0x00, // NULL (0 bytes)
184 };
185 // clang-format on
186 scoped_ptr<SignatureAlgorithm> algorithm;
187 ASSERT_TRUE(ParseDer(kData, &algorithm));
188
189 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1, algorithm->algorithm());
190 EXPECT_EQ(DigestAlgorithm::Sha256, algorithm->digest());
191 }
192
193 // Parses a sha256WithRSAEncryption which contains no parameters field.
194 //
195 // SEQUENCE (1 elem)
196 // OBJECT IDENTIFIER 1.2.840.113549.1.1.11
197 TEST(SignatureAlgorithmTest, ParseDer_sha256WithRSAEncryption_NoParams) {
198 // clang-format off
199 const uint8_t kData[] = {
200 0x30, 0x0B, // SEQUENCE (11 bytes)
201 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
202 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
203 };
204 // clang-format on
205 scoped_ptr<SignatureAlgorithm> algorithm;
206 ASSERT_FALSE(ParseDer(kData, &algorithm));
207 }
208
209 // Parses a sha384WithRSAEncryption which contains a NULL parameters field.
210 //
211 // SEQUENCE (2 elem)
212 // OBJECT IDENTIFIER 1.2.840.113549.1.1.12
213 // NULL
214 TEST(SignatureAlgorithmTest, ParseDer_sha384WithRSAEncryption_NullParams) {
215 // clang-format off
216 const uint8_t kData[] = {
217 0x30, 0x0D, // SEQUENCE (13 bytes)
218 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
219 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
220 0x05, 0x00, // NULL (0 bytes)
221 };
222 // clang-format on
223 scoped_ptr<SignatureAlgorithm> algorithm;
224 ASSERT_TRUE(ParseDer(kData, &algorithm));
225
226 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1, algorithm->algorithm());
227 EXPECT_EQ(DigestAlgorithm::Sha384, algorithm->digest());
228 }
229
230 // Parses a sha384WithRSAEncryption which contains no parameters field.
231 //
232 // SEQUENCE (1 elem)
233 // OBJECT IDENTIFIER 1.2.840.113549.1.1.12
234 TEST(SignatureAlgorithmTest, ParseDer_sha384WithRSAEncryption_NoParams) {
235 // clang-format off
236 const uint8_t kData[] = {
237 0x30, 0x0B, // SEQUENCE (11 bytes)
238 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
239 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
240 };
241 // clang-format on
242 scoped_ptr<SignatureAlgorithm> algorithm;
243 ASSERT_FALSE(ParseDer(kData, &algorithm));
244 }
245
246 // Parses a sha512WithRSAEncryption which contains a NULL parameters field.
247 //
248 // SEQUENCE (2 elem)
249 // OBJECT IDENTIFIER 1.2.840.113549.1.1.13
250 // NULL
251 TEST(SignatureAlgorithmTest, ParseDer_sha512WithRSAEncryption_NullParams) {
252 // clang-format off
253 const uint8_t kData[] = {
254 0x30, 0x0D, // SEQUENCE (13 bytes)
255 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
256 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
257 0x05, 0x00, // NULL (0 bytes)
258 };
259 // clang-format on
260 scoped_ptr<SignatureAlgorithm> algorithm;
261 ASSERT_TRUE(ParseDer(kData, &algorithm));
262
263 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1, algorithm->algorithm());
264 EXPECT_EQ(DigestAlgorithm::Sha512, algorithm->digest());
265 }
266
267 // Parses a sha512WithRSAEncryption which contains no parameters field.
268 //
269 // SEQUENCE (1 elem)
270 // OBJECT IDENTIFIER 1.2.840.113549.1.1.13
271 TEST(SignatureAlgorithmTest, ParseDer_sha512WithRSAEncryption_NoParams) {
272 // clang-format off
273 const uint8_t kData[] = {
274 0x30, 0x0B, // SEQUENCE (11 bytes)
275 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
276 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
277 };
278 // clang-format on
279 scoped_ptr<SignatureAlgorithm> algorithm;
280 ASSERT_FALSE(ParseDer(kData, &algorithm));
281 }
282
283 // Parses a sha224WithRSAEncryption which contains a NULL parameters field.
284 // This fails because the parsing code does not enumerate this OID (even though
285 // it is in fact valid).
286 //
287 // SEQUENCE (2 elem)
288 // OBJECT IDENTIFIER 1.2.840.113549.1.1.14
289 // NULL
290 TEST(SignatureAlgorithmTest, ParseDer_sha224WithRSAEncryption_NullParams) {
291 // clang-format off
292 const uint8_t kData[] = {
293 0x30, 0x0D, // SEQUENCE (13 bytes)
294 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
295 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0e,
296 0x05, 0x00, // NULL (0 bytes)
297 };
298 // clang-format on
299 scoped_ptr<SignatureAlgorithm> algorithm;
300 ASSERT_FALSE(ParseDer(kData, &algorithm));
301 }
302
303 // Parses a ecdsa-with-SHA1 which contains no parameters field.
304 //
305 // SEQUENCE (1 elem)
306 // OBJECT IDENTIFIER 1.2.840.10045.4.1
307 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA1_NoParams) {
308 // clang-format off
309 const uint8_t kData[] = {
310 0x30, 0x09, // SEQUENCE (9 bytes)
311 0x06, 0x07, // OBJECT IDENTIFIER (7 bytes)
312 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
313 };
314 // clang-format on
315 scoped_ptr<SignatureAlgorithm> algorithm;
316 ASSERT_TRUE(ParseDer(kData, &algorithm));
317
318 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm->algorithm());
319 EXPECT_EQ(DigestAlgorithm::Sha1, algorithm->digest());
320 }
321
322 // Parses a ecdsa-with-SHA1 which contains a NULL parameters field.
323 //
324 // SEQUENCE (2 elem)
325 // OBJECT IDENTIFIER 1.2.840.10045.4.1
326 // NULL
327 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA1_NullParams) {
328 // clang-format off
329 const uint8_t kData[] = {
330 0x30, 0x0B, // SEQUENCE (11 bytes)
331 0x06, 0x07, // OBJECT IDENTIFIER (7 bytes)
332 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
333 0x05, 0x00, // NULL (0 bytes)
334 };
335 // clang-format on
336 scoped_ptr<SignatureAlgorithm> algorithm;
337 ASSERT_FALSE(ParseDer(kData, &algorithm));
338 }
339
340 // Parses a ecdsa-with-SHA256 which contains no parameters field.
341 //
342 // SEQUENCE (1 elem)
343 // OBJECT IDENTIFIER 1.2.840.10045.4.3.2
344 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA256_NoParams) {
345 // clang-format off
346 const uint8_t kData[] = {
347 0x30, 0x0A, // SEQUENCE (10 bytes)
348 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
349 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
350 };
351 // clang-format on
352 scoped_ptr<SignatureAlgorithm> algorithm;
353 ASSERT_TRUE(ParseDer(kData, &algorithm));
354
355 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm->algorithm());
356 EXPECT_EQ(DigestAlgorithm::Sha256, algorithm->digest());
357 }
358
359 // Parses a ecdsa-with-SHA256 which contains a NULL parameters field.
360 //
361 // SEQUENCE (2 elem)
362 // OBJECT IDENTIFIER 1.2.840.10045.4.3.2
363 // NULL
364 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA256_NullParams) {
365 // clang-format off
366 const uint8_t kData[] = {
367 0x30, 0x0C, // SEQUENCE (12 bytes)
368 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
369 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
370 0x05, 0x00, // NULL (0 bytes)
371 };
372 // clang-format on
373 scoped_ptr<SignatureAlgorithm> algorithm;
374 ASSERT_FALSE(ParseDer(kData, &algorithm));
375 }
376
377 // Parses a ecdsa-with-SHA384 which contains no parameters field.
378 //
379 // SEQUENCE (1 elem)
380 // OBJECT IDENTIFIER 1.2.840.10045.4.3.3
381 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA384_NoParams) {
382 // clang-format off
383 const uint8_t kData[] = {
384 0x30, 0x0A, // SEQUENCE (10 bytes)
385 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
386 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
387 };
388 // clang-format on
389 scoped_ptr<SignatureAlgorithm> algorithm;
390 ASSERT_TRUE(ParseDer(kData, &algorithm));
391
392 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm->algorithm());
393 EXPECT_EQ(DigestAlgorithm::Sha384, algorithm->digest());
394 }
395
396 // Parses a ecdsa-with-SHA384 which contains a NULL parameters field.
397 //
398 // SEQUENCE (2 elem)
399 // OBJECT IDENTIFIER 1.2.840.10045.4.3.3
400 // NULL
401 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA384_NullParams) {
402 // clang-format off
403 const uint8_t kData[] = {
404 0x30, 0x0C, // SEQUENCE (12 bytes)
405 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
406 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
407 0x05, 0x00, // NULL (0 bytes)
408 };
409 // clang-format on
410 scoped_ptr<SignatureAlgorithm> algorithm;
411 ASSERT_FALSE(ParseDer(kData, &algorithm));
412 }
413
414 // Parses a ecdsa-with-SHA512 which contains no parameters field.
415 //
416 // SEQUENCE (1 elem)
417 // OBJECT IDENTIFIER 1.2.840.10045.4.3.4
418 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA512_NoParams) {
419 // clang-format off
420 const uint8_t kData[] = {
421 0x30, 0x0A, // SEQUENCE (10 bytes)
422 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
423 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
424 };
425 // clang-format on
426 scoped_ptr<SignatureAlgorithm> algorithm;
427 ASSERT_TRUE(ParseDer(kData, &algorithm));
428
429 EXPECT_EQ(SignatureAlgorithmId::Ecdsa, algorithm->algorithm());
430 EXPECT_EQ(DigestAlgorithm::Sha512, algorithm->digest());
431 }
432
433 // Parses a ecdsa-with-SHA512 which contains a NULL parameters field.
434 //
435 // SEQUENCE (2 elem)
436 // OBJECT IDENTIFIER 1.2.840.10045.4.3.4
437 // NULL
438 TEST(SignatureAlgorithmTest, ParseDer_ecdsaWithSHA512_NullParams) {
439 // clang-format off
440 const uint8_t kData[] = {
441 0x30, 0x0C, // SEQUENCE (12 bytes)
442 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
443 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
444 0x05, 0x00, // NULL (0 bytes)
445 };
446 // clang-format on
447 scoped_ptr<SignatureAlgorithm> algorithm;
448 ASSERT_FALSE(ParseDer(kData, &algorithm));
449 }
450
451 // Tests that two RSA algorithms with different digests are not equal.
452 TEST(SignatureAlgorithmTest, Equals_RsaWithDifferentDigest) {
453 scoped_ptr<SignatureAlgorithm> alg1 =
454 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha1);
455
456 scoped_ptr<SignatureAlgorithm> alg2 =
457 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha256);
458
459 ASSERT_FALSE(alg1->Equals(*alg2));
460 }
461
462 // Tests that two ECDSA algorithms with different digests are not equal.
463 TEST(SignatureAlgorithmTest, Equals_EcdsaWithDifferentDigest) {
464 scoped_ptr<SignatureAlgorithm> alg1 =
465 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha1);
466
467 scoped_ptr<SignatureAlgorithm> alg2 =
468 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256);
469
470 ASSERT_FALSE(alg1->Equals(*alg2));
471 }
472
473 // Tests that an ECDSA algorithm is not equal to an RSA algorithm (even though
474 // digests match).
475 TEST(SignatureAlgorithmTest, Equals_EcdsaNotEqualRsa) {
476 scoped_ptr<SignatureAlgorithm> alg1 =
477 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256);
478
479 scoped_ptr<SignatureAlgorithm> alg2 =
480 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha256);
481
482 ASSERT_FALSE(alg1->Equals(*alg2));
483 }
484
485 // Tests that two identical ECDSA algorithms are equal - both use SHA-256.
486 TEST(SignatureAlgorithmTest, Equals_EcdsaMatch) {
487 scoped_ptr<SignatureAlgorithm> alg1 =
488 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256);
489
490 scoped_ptr<SignatureAlgorithm> alg2 =
491 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256);
492
493 ASSERT_TRUE(alg1->Equals(*alg2));
494 }
495
496 // Tests that two identical RSA algorithms are equal - both use SHA-512
497 TEST(SignatureAlgorithmTest, Equals_RsaPkcs1Match) {
498 scoped_ptr<SignatureAlgorithm> alg1 =
499 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha512);
500
501 scoped_ptr<SignatureAlgorithm> alg2 =
502 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha512);
503
504 ASSERT_TRUE(alg1->Equals(*alg2));
505 }
506
507 // Tests that two RSASSA-PSS algorithms are equal.
508 TEST(SignatureAlgorithmTest, Equals_RsaPssMatch) {
509 scoped_ptr<SignatureAlgorithm> alg1 = SignatureAlgorithm::CreateRsaPss(
510 DigestAlgorithm::Sha256, DigestAlgorithm::Sha1, 21);
511
512 scoped_ptr<SignatureAlgorithm> alg2 = SignatureAlgorithm::CreateRsaPss(
513 DigestAlgorithm::Sha256, DigestAlgorithm::Sha1, 21);
514
515 ASSERT_TRUE(alg1->Equals(*alg2));
516 }
517
518 // Tests that two RSASSA-PSS algorithms with different hashes are not equal.
519 TEST(SignatureAlgorithmTest, Equals_RsaPssWithDifferentDigest) {
520 scoped_ptr<SignatureAlgorithm> alg1 = SignatureAlgorithm::CreateRsaPss(
521 DigestAlgorithm::Sha1, DigestAlgorithm::Sha1, 20);
522
523 scoped_ptr<SignatureAlgorithm> alg2 = SignatureAlgorithm::CreateRsaPss(
524 DigestAlgorithm::Sha256, DigestAlgorithm::Sha1, 20);
525
526 ASSERT_FALSE(alg1->Equals(*alg2));
527 }
528
529 // Tests that two RSASSA-PSS algorithms with different mask gens are not equal.
530 TEST(SignatureAlgorithmTest, Equals_RsaPssWithDifferentMaskGen) {
531 scoped_ptr<SignatureAlgorithm> alg1 = SignatureAlgorithm::CreateRsaPss(
532 DigestAlgorithm::Sha256, DigestAlgorithm::Sha1, 20);
533
534 scoped_ptr<SignatureAlgorithm> alg2 = SignatureAlgorithm::CreateRsaPss(
535 DigestAlgorithm::Sha256, DigestAlgorithm::Sha256, 20);
536
537 ASSERT_FALSE(alg1->Equals(*alg2));
538 }
539
540 // Tests that two RSASSA-PSS algorithms with different salts
541 TEST(SignatureAlgorithmTest, Equals_RsaPssWithDifferentSalt) {
542 scoped_ptr<SignatureAlgorithm> alg1 = SignatureAlgorithm::CreateRsaPss(
543 DigestAlgorithm::Sha1, DigestAlgorithm::Sha1, 20);
544
545 scoped_ptr<SignatureAlgorithm> alg2 = SignatureAlgorithm::CreateRsaPss(
546 DigestAlgorithm::Sha1, DigestAlgorithm::Sha1, 16);
547
548 ASSERT_FALSE(alg1->Equals(*alg2));
549 }
550
551 // Tests that the parmeters returned for an ECDSA algorithm are null for
552 // non-ECDSA algorithms.
553 TEST(SignatureAlgorithmTest, ParamsAreNullForWrongType_Ecdsa) {
554 scoped_ptr<SignatureAlgorithm> alg1 =
555 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha1);
556
557 EXPECT_FALSE(alg1->ParamsForRsaPss());
558 }
559
560 // Tests that the parmeters returned for an RSA PKCS#1 v1.5 algorithm are null
561 // for non-RSA PKCS#1 v1.5 algorithms.
562 TEST(SignatureAlgorithmTest, ParamsAreNullForWrongType_RsaPkcs1) {
563 scoped_ptr<SignatureAlgorithm> alg1 =
564 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha1);
565
566 EXPECT_FALSE(alg1->ParamsForRsaPss());
567 }
568
569 } // namespace
570
571 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/internal/signature_algorithm.cc ('k') | net/net.gypi » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698