Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(90)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/data/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem

Issue 1259313002: Add some policy controls for VerifySignedData(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@add_python
Patch Set: Address more comments Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/internal/verify_signed_data_unittest.cc ('k') | net/net.gypi » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/data/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem
diff --git a/net/data/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem b/net/data/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem
new file mode 100644
index 0000000000000000000000000000000000000000..342a31b85eaa22c0f6e0a2f2ceb88b3da12800ee
--- /dev/null
+++ b/net/data/verify_signed_data_unittest/rsa2048-pkcs1-sha512.pem
@@ -0,0 +1,93 @@
+This test data was produced by creating a self-signed RSA cert using OpenSSL,
+and then extracting the relevant fields.
+
+It uses RSA PKCS#1 v1.5 with SHA-512 and a 2048-bit key.
+
+(1) Generate self-signed certificate
+
+ openssl genrsa -out rsa_key.pem 2048
+ openssl req -new -key rsa_key.pem -x509 -nodes -days 365 -sha512 -out cert.pem
+
+(2) Extract public key
+
+ openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
+ cat pubkey.pem
+
+(3) Extract signed data (tbsCertificate)
+
+ openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
+ base64 tbs
+
+(4) Extract signature algorithm
+
+ # Find the offset of the signature algorithm near the end (589 in this case)
+ openssl asn1parse -in cert.pem
+
+ openssl asn1parse -in cert.pem -out alg -noout -strparse 589
+ base64 alg
+
+(5) Extract the signature
+
+ # Find the final offset of BIT STRING (506 in this case)
+ openssl asn1parse -in cert.pem
+
+ openssl asn1parse -in cert.pem -out sig -noout -strparse 506
+ base64 sig
+
+
+
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcu2shJRrXFAwMkf30y2AY1zIg9VF/h
+egYcejzdR2AzUb8vU2TXld2i8pp44l+DrvtqmzS7G+yxx3uOx+zsoqBaUT0c9HfkbE+IRmcLkQF
+vYpSpm6Eu8OS14CSmEtiR91Et8LR0+bd0Gn3pgmb+epFJBaBPeDSiI/smqKCs7yP04+tS4Q4r47
+G04LhSp4/hmqH32b4Gcm9nsihHV9FfPfVdxDQUEJp3AgyBPwhPZEAyhoQS73TjjxXHqJRSz37Sl
+ueMVPuNncqbT4nAMKz25J1CtRlQh21uZzfY2QRP3m6rAZquQUos1febC6A7qmhQljWKKmXtfVY+
+fAamstdHrWwIDAQAB
+-----END PUBLIC KEY-----
+
+$ openssl asn1parse -i < [PUBLIC KEY]
+ 0:d=0 hl=4 l= 290 cons: SEQUENCE
+ 4:d=1 hl=2 l= 13 cons: SEQUENCE
+ 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 17:d=2 hl=2 l= 0 prim: NULL
+ 19:d=1 hl=4 l= 271 prim: BIT STRING
+
+
+
+-----BEGIN ALGORITHM-----
+MA0GCSqGSIb3DQEBDQUA
+-----END ALGORITHM-----
+
+$ openssl asn1parse -i < [ALGORITHM]
+ 0:d=0 hl=2 l= 13 cons: SEQUENCE
+ 2:d=1 hl=2 l= 9 prim: OBJECT :sha512WithRSAEncryption
+ 13:d=1 hl=2 l= 0 prim: NULL
+
+
+
+-----BEGIN DATA-----
+MIICRaADAgECAgkA7jWRLkwHvHswDQYJKoZIhvcNAQENBQAwRTELMAkGA1UEBhMCQVUxEzARBgN
+VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xNT
+A3MjgwMjIyMzFaFw0xNjA3MjcwMjIyMzFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lL
+VN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDNy7ayElGtcUDAyR/fTLYBjXMiD1UX+F6Bhx6PN1HYDNRvy9TZNeV
+3aLymnjiX4Ou+2qbNLsb7LHHe47H7OyioFpRPRz0d+RsT4hGZwuRAW9ilKmboS7w5LXgJKYS2JH
+3US3wtHT5t3QafemCZv56kUkFoE94NKIj+yaooKzvI/Tj61LhDivjsbTguFKnj+GaoffZvgZyb2
+eyKEdX0V899V3ENBQQmncCDIE/CE9kQDKGhBLvdOOPFceolFLPftKW54xU+42dyptPicAwrPbkn
+UK1GVCHbW5nN9jZBE/ebqsBmq5BSizV95sLoDuqaFCWNYoqZe19Vj58Bqay10etbAgMBAAGjUDB
+OMB0GA1UdDgQWBBRsCPajkEscZM6SpLbNTa/7dY5azzAfBgNVHSMEGDAWgBRsCPajkEscZM6SpL
+bNTa/7dY5azzAMBgNVHRMEBTADAQH/
+-----END DATA-----
+
+
+
+-----BEGIN SIGNATURE-----
+A4IBAQAhKSNq+X/CfzhtNsMo6MJpTBjJBV5fhHerIZr6e3ozCTBCR29vYsVnJ4/6i5lL1pNeOhM
+ldthnuSlMzTS1Zme1OqRWB3U8QmwCFwhDxW/i4fdT8kxDAmELNp4z0GcXbe27V895PE0R/m8P47
+B6xbra+SQlEMW12K1EndUqrO6vgLbobV14mveWdgc0KIOnDKgsTHV8NTV1w3qtp1ujfvizYfBZu
+yyMOA1yZPDpREZtClro7lufwDQ7+LgSdtNLMDAMzapfIjAEPVNVLmJzMgzaHqMsZM8gP8vWAdfc
+R4mCmWXVotrM6d1rjJGdRADAONYCC4/+d1IMkVGoVfpaej6I
+-----END SIGNATURE-----
+
+$ openssl asn1parse -i < [SIGNATURE]
+ 0:d=0 hl=4 l= 257 prim: BIT STRING
« no previous file with comments | « net/cert/internal/verify_signed_data_unittest.cc ('k') | net/net.gypi » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698