Add PKCS#8 ECPrivateKey export/import functions.

crypto/ec_private_key_unittest.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/ec_private_key.h"
 
 #include <stdint.h>
 
 #include <memory>
 #include <vector>
 
 #include "base/macros.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
-// Generate random private keys. Export, then re-import. We should get
-// back the same exact public key, and the private key should have the same
-// value and elliptic curve params.
-TEST(ECPrivateKeyUnitTest, InitRandomTest) {
-  const std::string password1;
-  const std::string password2 = "test";
+namespace {
 
-  std::unique_ptr<crypto::ECPrivateKey> keypair1(
-      crypto::ECPrivateKey::Create());
-  std::unique_ptr<crypto::ECPrivateKey> keypair2(
-      crypto::ECPrivateKey::Create());
-  ASSERT_TRUE(keypair1.get());
-  ASSERT_TRUE(keypair2.get());
-
-  std::vector<uint8_t> key1value;
-  std::vector<uint8_t> key2value;
-  EXPECT_TRUE(keypair1->ExportValueForTesting(&key1value));
-  EXPECT_TRUE(keypair2->ExportValueForTesting(&key2value));
-
+void ExpectKeysEqual(const crypto::ECPrivateKey* keypair1,
+                     const crypto::ECPrivateKey* keypair2) {
   std::vector<uint8_t> privkey1;
   std::vector<uint8_t> privkey2;
+  EXPECT_TRUE(keypair1->ExportPrivateKey(&privkey1));
+  EXPECT_TRUE(keypair2->ExportPrivateKey(&privkey2));
+  EXPECT_EQ(privkey1, privkey2);
+
   std::vector<uint8_t> pubkey1;
   std::vector<uint8_t> pubkey2;
+  EXPECT_TRUE(keypair1->ExportPublicKey(&pubkey1));
+  EXPECT_TRUE(keypair2->ExportPublicKey(&pubkey2));
+  EXPECT_EQ(pubkey1, pubkey2);
+
   std::string raw_pubkey1;
   std::string raw_pubkey2;
-  ASSERT_TRUE(keypair1->ExportEncryptedPrivateKey(password1, 1, &privkey1));
-  ASSERT_TRUE(keypair2->ExportEncryptedPrivateKey(password2, 1, &privkey2));
-  EXPECT_TRUE(keypair1->ExportPublicKey(&pubkey1));
-  EXPECT_TRUE(keypair2->ExportPublicKey(&pubkey2));
   EXPECT_TRUE(keypair1->ExportRawPublicKey(&raw_pubkey1));
   EXPECT_TRUE(keypair2->ExportRawPublicKey(&raw_pubkey2));
+  EXPECT_EQ(raw_pubkey1, raw_pubkey2);
+}
 
-  std::unique_ptr<crypto::ECPrivateKey> keypair3(
-      crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
-          password1, privkey1, pubkey1));
-  std::unique_ptr<crypto::ECPrivateKey> keypair4(
-      crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
-          password2, privkey2, pubkey2));
-  ASSERT_TRUE(keypair3.get());
-  ASSERT_TRUE(keypair4.get());
+}  // namespace
 
-  std::vector<uint8_t> key3value;
-  std::vector<uint8_t> key4value;
-  EXPECT_TRUE(keypair3->ExportValueForTesting(&key3value));
-  EXPECT_TRUE(keypair4->ExportValueForTesting(&key4value));
+// Generate random private keys. Export, then re-import in several ways. We
+// should get back the same exact public key, and the private key should have
+// the same value and elliptic curve params.
+TEST(ECPrivateKeyUnitTest, InitRandomTest) {

[davidben, 2016/05/02 23:18:53]

(I more-or-less rewrote this test. The old version was rather hairy.)

+  static const char kPassword1[] = "";
+  static const char kPassword2[] = "test";
 
-  EXPECT_EQ(key1value, key3value);
-  EXPECT_EQ(key2value, key4value);
+  std::unique_ptr<crypto::ECPrivateKey> keypair(crypto::ECPrivateKey::Create());
+  ASSERT_TRUE(keypair.get());
 
-  std::vector<uint8_t> pubkey3;
-  std::vector<uint8_t> pubkey4;
-  std::string raw_pubkey3;
-  std::string raw_pubkey4;
-  EXPECT_TRUE(keypair3->ExportPublicKey(&pubkey3));
-  EXPECT_TRUE(keypair4->ExportPublicKey(&pubkey4));
-  EXPECT_TRUE(keypair3->ExportRawPublicKey(&raw_pubkey3));
-  EXPECT_TRUE(keypair4->ExportRawPublicKey(&raw_pubkey4));
+  // Re-import as a PrivateKeyInfo.
+  std::vector<uint8_t> privkey;
+  EXPECT_TRUE(keypair->ExportPrivateKey(&privkey));
+  std::unique_ptr<crypto::ECPrivateKey> keypair_copy =
+      crypto::ECPrivateKey::CreateFromPrivateKeyInfo(privkey);
+  ASSERT_TRUE(keypair_copy);
+  ExpectKeysEqual(keypair.get(), keypair_copy.get());
 
-  EXPECT_EQ(pubkey1, pubkey3);
-  EXPECT_EQ(pubkey2, pubkey4);
-  EXPECT_EQ(raw_pubkey1, raw_pubkey3);
-  EXPECT_EQ(raw_pubkey2, raw_pubkey4);
+  // Re-import as an EncryptedPrivateKeyInfo with kPassword1.
+  std::vector<uint8_t> encrypted_privkey;
+  std::vector<uint8_t> pubkey;
+  EXPECT_TRUE(
+      keypair->ExportEncryptedPrivateKey(kPassword1, 1, &encrypted_privkey));
+  EXPECT_TRUE(keypair->ExportPublicKey(&pubkey));
+  keypair_copy.reset(crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
+      kPassword1, encrypted_privkey, pubkey));
+  ASSERT_TRUE(keypair_copy);
+  ExpectKeysEqual(keypair.get(), keypair_copy.get());
+
+  // Re-import as an EncryptedPrivateKeyInfo with kPassword2.
+  EXPECT_TRUE(
+      keypair->ExportEncryptedPrivateKey(kPassword2, 1, &encrypted_privkey));
+  keypair_copy.reset(crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
+      kPassword2, encrypted_privkey, pubkey));
+  ASSERT_TRUE(keypair_copy);
+  ExpectKeysEqual(keypair.get(), keypair_copy.get());
 }
 
 TEST(ECPrivateKeyUnitTest, Copy) {
   std::unique_ptr<crypto::ECPrivateKey> keypair1(
       crypto::ECPrivateKey::Create());
   std::unique_ptr<crypto::ECPrivateKey> keypair2(keypair1->Copy());
   ASSERT_TRUE(keypair1.get());
   ASSERT_TRUE(keypair2.get());
 
-  std::vector<uint8_t> key1value;
-  std::vector<uint8_t> key2value;
-  EXPECT_TRUE(keypair1->ExportValueForTesting(&key1value));
-  EXPECT_TRUE(keypair2->ExportValueForTesting(&key2value));
-  EXPECT_EQ(key1value, key2value);
+  ExpectKeysEqual(keypair1.get(), keypair2.get());
+}
 
-  std::vector<uint8_t> pubkey1;
-  std::vector<uint8_t> pubkey2;
-  EXPECT_TRUE(keypair1->ExportPublicKey(&pubkey1));
-  EXPECT_TRUE(keypair2->ExportPublicKey(&pubkey2));
-  EXPECT_EQ(pubkey1, pubkey2);
+TEST(ECPrivateKeyUnitTest, CreateFromPrivateKeyInfo) {
+  static const uint8_t kPrivateKeyInfo[] = {
+      0x30, 0x81, 0x87, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
+      0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+      0x03, 0x01, 0x07, 0x04, 0x6d, 0x30, 0x6b, 0x02, 0x01, 0x01, 0x04, 0x20,
+      0x07, 0x0f, 0x08, 0x72, 0x7a, 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9,
+      0x4d, 0x89, 0x68, 0x77, 0x08, 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e,
+      0xe8, 0xd1, 0xc9, 0xce, 0x0a, 0x8b, 0xb4, 0x6a, 0xa1, 0x44, 0x03, 0x42,
+      0x00, 0x04, 0xe6, 0x2b, 0x69, 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f,
+      0x1e, 0x0d, 0x94, 0x8a, 0x4c, 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d,
+      0x46, 0xfb, 0xdd, 0xa9, 0xa9, 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7,
+      0xd6, 0x97, 0xa8, 0x0a, 0x18, 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2,
+      0x7c, 0x83, 0x48, 0xdb, 0x16, 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94,
+      0x2d, 0x4b, 0xcf, 0x72, 0x22, 0xc1,
+  };
+  static const uint8_t kSubjectPublicKeyInfo[] = {
+      0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
+      0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
+      0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69, 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe,
+      0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c, 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e,
+      0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9, 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01,
+      0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18, 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56,
+      0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16, 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1,
+      0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22, 0xc1,
+  };
+  static const uint8_t kRawPublicKey[] = {
+      0xe6, 0x2b, 0x69, 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e,
+      0x0d, 0x94, 0x8a, 0x4c, 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d,
+      0x46, 0xfb, 0xdd, 0xa9, 0xa9, 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01,
+      0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18, 0xf9, 0xc3, 0xc4, 0xa3, 0x1e,
+      0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16, 0x1a, 0x1c, 0xf5, 0x1d,
+      0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22, 0xc1,
+  };
 
-  std::string raw_pubkey1;
-  std::string raw_pubkey2;
-  EXPECT_TRUE(keypair1->ExportRawPublicKey(&raw_pubkey1));
-  EXPECT_TRUE(keypair2->ExportRawPublicKey(&raw_pubkey2));
-  EXPECT_EQ(raw_pubkey1, raw_pubkey2);
+  std::unique_ptr<crypto::ECPrivateKey> key =
+      crypto::ECPrivateKey::CreateFromPrivateKeyInfo(std::vector<uint8_t>(
+          std::begin(kPrivateKeyInfo), std::end(kPrivateKeyInfo)));
+  ASSERT_TRUE(key);
+
+  std::vector<uint8_t> public_key;
+  ASSERT_TRUE(key->ExportPublicKey(&public_key));
+  EXPECT_EQ(std::vector<uint8_t>(std::begin(kSubjectPublicKeyInfo),
+                                 std::end(kSubjectPublicKeyInfo)),
+            public_key);
+
+  std::string raw_public_key;
+  ASSERT_TRUE(key->ExportRawPublicKey(&raw_public_key));
+  EXPECT_EQ(std::string(reinterpret_cast<const char*>(kRawPublicKey),
+                        sizeof(kRawPublicKey)),
+            raw_public_key);
 }
 
 TEST(ECPrivateKeyUnitTest, BadPasswordTest) {
   const std::string password1;
   const std::string password2 = "test";
 
   std::unique_ptr<crypto::ECPrivateKey> keypair1(
       crypto::ECPrivateKey::Create());
   ASSERT_TRUE(keypair1.get());
 
@@ skipping 182 matching lines @@
 
   std::unique_ptr<crypto::ECPrivateKey> keypair_openssl(
       crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo(
           "",
           std::vector<uint8_t>(std::begin(kOpenSSLKey), std::end(kOpenSSLKey)),
           std::vector<uint8_t>(std::begin(kOpenSSLPublicKey),
                                std::end(kOpenSSLPublicKey))));
 
   EXPECT_TRUE(keypair_openssl.get());
 }