net/cert/jwk_serializer_unittest.cc - Issue 21561003: Add a utility method to convert SPKI from DER to JWK, so far implemented only for EC P256v1 (which …

Side by Side Diff: net/cert/jwk_serializer_unittest.cc

Issue 21561003: Add a utility method to convert SPKI from DER to JWK, so far implemented only for EC P256v1 (which … (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@domain-bound-public-key

Patch Set: s/uint8_t/unsigned char/g, for windows compile Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "net/cert/jwk_serializer.h"

	6

	7 #include "base/base64.h"

	8 #include "base/values.h"

	9 #include "testing/gtest/include/gtest/gtest.h"

	10

	11 namespace net {

	12

	13 // This is the ASN.1 prefix for a P-256 public key. Specifically it's:

	14 // SEQUENCE

	15 // SEQUENCE

	16 // OID id-ecPublicKey

	17 // OID prime256v1

	18 // BIT STRING, length 66, 0 trailing bits: 0x04

	19 //

	20 // The 0x04 in the BIT STRING is the prefix for an uncompressed, X9.62

	21 // public key. Following that are the two field elements as 32-byte,

	22 // big-endian numbers, as required by the Channel ID.

	23 static const unsigned char kP256SpkiPrefix[] = {

	24 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,

	25 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,

	26 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,

	27 0x42, 0x00, 0x04

	28 };

	29 static const unsigned int kEcPointSize = 32U;
	wtc 2013/08/08 19:26:09 The constant name kEcPointSize is confusing becaus The constant name kEcPointSize is confusing because an EC point consists of the x and y coordinates, but 32U is the size of just one coordinate.
	30

	31 // This is a valid P-256 public key.

	32 static const unsigned char kSpkiEc[] = {

	33 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,

	34 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,

	35 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,

	36 0x42, 0x00, 0x04,

	37 0x29, 0x5d, 0x6e, 0xfe, 0x33, 0x77, 0x26, 0xea,

	38 0x5b, 0xa4, 0xe6, 0x1b, 0x34, 0x6e, 0x7b, 0xa0,

	39 0xa3, 0x8f, 0x33, 0x49, 0xa0, 0x9c, 0xae, 0x98,

	40 0xbd, 0x46, 0x0d, 0xf6, 0xd4, 0x5a, 0xdc, 0x8a,

	41 0x1f, 0x8a, 0xb2, 0x20, 0x51, 0xb7, 0xd2, 0x87,

	42 0x0d, 0x53, 0x7e, 0x5d, 0x94, 0xa3, 0xe0, 0x34,

	43 0x16, 0xa1, 0xcc, 0x10, 0x48, 0xcd, 0x70, 0x9c,

	44 0x05, 0xd3, 0xd2, 0xca, 0xdf, 0x44, 0x2f, 0xf4

	45 };

	46

	47 // This is a P-256 public key with 0 X and Y values.

	48 static const unsigned char kSpkiEcWithZeroXY[] = {

	49 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,

	50 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,

	51 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,

	52 0x42, 0x00, 0x04,

	53 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	54 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	55 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	56 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	57 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	59 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,

	60 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00

	61 };

	62

	63 #if !defined(USE_OPENSSL)

	64

	65 TEST(JwkSerializerNSSTest, ConvertSpkiFromDerToJwkEc) {

	66 base::StringPiece spki;

	67 base::DictionaryValue public_key_jwk;

	68

	69 EXPECT_FALSE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));

	70 EXPECT_TRUE(public_key_jwk.empty());

	71

	72 // Test the result of a "normal" point on this curve.

	73 spki.set(reinterpret_cast<const char*>(kSpkiEc), sizeof(kSpkiEc));

	74 EXPECT_TRUE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));

	75

	76 std::string string_value;

	77 EXPECT_TRUE(public_key_jwk.GetString("alg", &string_value));

	78 EXPECT_STREQ("EC", string_value.c_str());

	79 EXPECT_TRUE(public_key_jwk.GetString("crv", &string_value));

	80 EXPECT_STREQ("P-256", string_value.c_str());

	81

	82 EXPECT_TRUE(public_key_jwk.GetString("x", &string_value));

	83 std::string decoded_coordinate;

	84 EXPECT_TRUE(base::Base64Decode(string_value, &decoded_coordinate));

	85 EXPECT_EQ(kEcPointSize, decoded_coordinate.size());

	86 EXPECT_EQ(0,

	87 memcmp(decoded_coordinate.data(),

	88 kSpkiEc + sizeof(kP256SpkiPrefix),

	89 kEcPointSize));

	90

	91 EXPECT_TRUE(public_key_jwk.GetString("y", &string_value));

	92 EXPECT_TRUE(base::Base64Decode(string_value, &decoded_coordinate));

	93 EXPECT_EQ(kEcPointSize, decoded_coordinate.size());

	94 EXPECT_EQ(0,

	95 memcmp(decoded_coordinate.data(),

	96 kSpkiEc + sizeof(kP256SpkiPrefix) + kEcPointSize,

	97 kEcPointSize));

	98

	99 // Test the result of a corner case: leading 0s in the x, y coordinates are

	100 // not trimmed, but the point is fixed-length encoded.

	101 spki.set(reinterpret_cast<const char*>(kSpkiEcWithZeroXY),

	102 sizeof(kSpkiEcWithZeroXY));

	103 EXPECT_TRUE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));

	104

	105 EXPECT_TRUE(public_key_jwk.GetString("alg", &string_value));

	106 EXPECT_STREQ("EC", string_value.c_str());

	107 EXPECT_TRUE(public_key_jwk.GetString("crv", &string_value));

	108 EXPECT_STREQ("P-256", string_value.c_str());

	109

	110 EXPECT_TRUE(public_key_jwk.GetString("x", &string_value));

	111 EXPECT_TRUE(base::Base64Decode(string_value, &decoded_coordinate));

	112 EXPECT_EQ(kEcPointSize, decoded_coordinate.size());

	113 EXPECT_EQ(0,

	114 memcmp(decoded_coordinate.data(),

	115 kSpkiEcWithZeroXY + sizeof(kP256SpkiPrefix),

	116 kEcPointSize));

	117

	118 EXPECT_TRUE(public_key_jwk.GetString("y", &string_value));

	119 EXPECT_TRUE(base::Base64Decode(string_value, &decoded_coordinate));

	120 EXPECT_EQ(kEcPointSize, decoded_coordinate.size());

	121 EXPECT_EQ(0,

	122 memcmp(decoded_coordinate.data(),

	123 kSpkiEcWithZeroXY + sizeof(kP256SpkiPrefix) + kEcPointSize,

	124 kEcPointSize));

	125 }

	126

	127 #else

	128

	129 // For OpenSSL, JwkSerializer::ConvertSpkiFromDerToJwk() is not yet implemented

	130 // and should return false. This unit test ensures that a stub implementation

	131 // is present.

	132 TEST(JwkSerializerOpenSSLTest, ConvertSpkiFromDerToJwkNotImplemented) {

	133 base::StringPiece spki;

	134 base::DictionaryValue public_key_jwk;

	135

	136 // The empty SPKI is trivially non-convertible...

	137 EXPECT_FALSE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));

	138 EXPECT_TRUE(public_key_jwk.empty());

	139 // but even a valid SPKI is non-convertible via the stub OpenSSL

	140 // implementation.

	141 spki.set(reinterpret_cast<const char*>(kSpkiEc), sizeof(kSpkiEc));

	142 EXPECT_FALSE(JwkSerializer::ConvertSpkiFromDerToJwk(spki, &public_key_jwk));

	143 EXPECT_TRUE(public_key_jwk.empty());

	144 }

	145

	146 #endif // !defined(USE_OPENSSL)

	147

	148 } // namespace net

OLD	NEW

« net/cert/jwk_serializer_openssl.cc ('K') | « net/cert/jwk_serializer_openssl.cc ('k') | net/net.gyp » ('j') | no next file with comments »