Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(97)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_platform_key_android_unittest.cc

Issue 2391213002: Report curve types in ECDSA SSLPrivateKeys. (Closed)
Patch Set: rebase Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/ssl_platform_key_android.cc ('k') | net/ssl/ssl_platform_key_chromecast.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <openssl/bytestring.h> 5 #include <openssl/bytestring.h>
6 #include <openssl/digest.h> 6 #include <openssl/digest.h>
7 #include <openssl/ecdsa.h> 7 #include <openssl/ecdsa.h>
8 #include <openssl/err.h> 8 #include <openssl/err.h>
9 #include <openssl/evp.h> 9 #include <openssl/evp.h>
10 #include <openssl/pem.h> 10 #include <openssl/pem.h>
(...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after
102 env, reinterpret_cast<const uint8_t*>(pkcs8_key.data()), 102 env, reinterpret_cast<const uint8_t*>(pkcs8_key.data()),
103 pkcs8_key.size())); 103 pkcs8_key.size()));
104 104
105 ScopedJava key(Java_AndroidKeyStoreTestUtil_createPrivateKeyFromPKCS8( 105 ScopedJava key(Java_AndroidKeyStoreTestUtil_createPrivateKeyFromPKCS8(
106 env, key_type, bytes)); 106 env, key_type, bytes));
107 107
108 return key; 108 return key;
109 } 109 }
110 110
111 const char kTestRsaKeyFile[] = "client_1.pk8"; 111 const char kTestRsaKeyFile[] = "client_1.pk8";
112 const char kTestRsaCertificateFile[] = "client_1.pem";
112 113
113 // Retrieve a JNI local ref for our test RSA key. 114 // Retrieve a JNI local ref for our test RSA key.
114 ScopedJava GetRSATestKeyJava() { 115 ScopedJava GetRSATestKeyJava() {
115 std::string key; 116 std::string key;
116 if (!ReadTestFile(kTestRsaKeyFile, &key)) 117 if (!ReadTestFile(kTestRsaKeyFile, &key))
117 return ScopedJava(); 118 return ScopedJava();
118 return GetPKCS8PrivateKeyJava(android::PRIVATE_KEY_TYPE_RSA, key); 119 return GetPKCS8PrivateKeyJava(android::PRIVATE_KEY_TYPE_RSA, key);
119 } 120 }
120 121
121 const char kTestEcdsaKeyFile[] = "client_4.pk8"; 122 const char kTestEcdsaKeyFile[] = "client_4.pk8";
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after
280 {"SHA-256", NID_sha256, SSLPrivateKey::Hash::SHA256}, 281 {"SHA-256", NID_sha256, SSLPrivateKey::Hash::SHA256},
281 {"SHA-384", NID_sha384, SSLPrivateKey::Hash::SHA384}, 282 {"SHA-384", NID_sha384, SSLPrivateKey::Hash::SHA384},
282 {"SHA-512", NID_sha512, SSLPrivateKey::Hash::SHA512}, 283 {"SHA-512", NID_sha512, SSLPrivateKey::Hash::SHA512},
283 }; 284 };
284 285
285 } // namespace 286 } // namespace
286 287
287 TEST(SSLPlatformKeyAndroid, RSA) { 288 TEST(SSLPlatformKeyAndroid, RSA) {
288 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 289 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
289 290
291 scoped_refptr<X509Certificate> cert =
292 ImportCertFromFile(GetTestCertsDirectory(), kTestRsaCertificateFile);
293 ASSERT_TRUE(cert);
290 ScopedJava rsa_key = GetRSATestKeyJava(); 294 ScopedJava rsa_key = GetRSATestKeyJava();
291 ASSERT_FALSE(rsa_key.is_null()); 295 ASSERT_FALSE(rsa_key.is_null());
292 296
293 scoped_refptr<SSLPrivateKey> wrapper_key = WrapJavaPrivateKey(rsa_key); 297 scoped_refptr<SSLPrivateKey> wrapper_key =
298 WrapJavaPrivateKey(cert.get(), rsa_key);
294 ASSERT_TRUE(wrapper_key); 299 ASSERT_TRUE(wrapper_key);
295 300
296 bssl::UniquePtr<EVP_PKEY> openssl_key = ImportPrivateKeyFile(kTestRsaKeyFile); 301 bssl::UniquePtr<EVP_PKEY> openssl_key = ImportPrivateKeyFile(kTestRsaKeyFile);
297 ASSERT_TRUE(openssl_key); 302 ASSERT_TRUE(openssl_key);
298 303
299 // Check that the wrapper key returns the correct length and type. 304 // Check that the wrapper key returns the correct length and type.
300 EXPECT_EQ(SSLPrivateKey::Type::RSA, wrapper_key->GetType()); 305 EXPECT_EQ(SSLPrivateKey::Type::RSA, wrapper_key->GetType());
301 EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())), 306 EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())),
302 wrapper_key->GetMaxSignatureLengthInBytes()); 307 wrapper_key->GetMaxSignatureLengthInBytes());
303 308
304 // Test signing against each hash. 309 // Test signing against each hash.
305 for (const auto& hash : kHashes) { 310 for (const auto& hash : kHashes) {
306 SCOPED_TRACE(hash.name); 311 SCOPED_TRACE(hash.name);
307 312
308 const EVP_MD* md = EVP_get_digestbynid(hash.nid); 313 const EVP_MD* md = EVP_get_digestbynid(hash.nid);
309 ASSERT_TRUE(md); 314 ASSERT_TRUE(md);
310 std::string digest(EVP_MD_size(md), 'a'); 315 std::string digest(EVP_MD_size(md), 'a');
311 316
312 std::string signature; 317 std::string signature;
313 DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature); 318 DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature);
314 ASSERT_TRUE(CompareSignatureWithOpenSSL(hash.nid, digest, signature, 319 ASSERT_TRUE(CompareSignatureWithOpenSSL(hash.nid, digest, signature,
315 openssl_key.get())); 320 openssl_key.get()));
316 } 321 }
317 } 322 }
318 323
319 TEST(SSLPlatformKeyAndroid, ECDSA) { 324 TEST(SSLPlatformKeyAndroid, ECDSA) {
320 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 325 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
321 326
327 scoped_refptr<X509Certificate> cert =
328 ImportCertFromFile(GetTestCertsDirectory(), kTestEcdsaCertificateFile);
329 ASSERT_TRUE(cert);
322 ScopedJava ecdsa_key = GetECDSATestKeyJava(); 330 ScopedJava ecdsa_key = GetECDSATestKeyJava();
323 ASSERT_FALSE(ecdsa_key.is_null()); 331 ASSERT_FALSE(ecdsa_key.is_null());
324 332
325 scoped_refptr<SSLPrivateKey> wrapper_key = WrapJavaPrivateKey(ecdsa_key); 333 scoped_refptr<SSLPrivateKey> wrapper_key =
334 WrapJavaPrivateKey(cert.get(), ecdsa_key);
326 ASSERT_TRUE(wrapper_key); 335 ASSERT_TRUE(wrapper_key);
327 336
328 bssl::UniquePtr<EVP_PKEY> openssl_key = 337 bssl::UniquePtr<EVP_PKEY> openssl_key =
329 ImportPrivateKeyFile(kTestEcdsaKeyFile); 338 ImportPrivateKeyFile(kTestEcdsaKeyFile);
330 ASSERT_TRUE(openssl_key); 339 ASSERT_TRUE(openssl_key);
331 340
332 // Check that the wrapper key returns the correct length and type. 341 // Check that the wrapper key returns the correct length and type.
333 EXPECT_EQ(SSLPrivateKey::Type::ECDSA, wrapper_key->GetType()); 342 EXPECT_EQ(SSLPrivateKey::Type::ECDSA_P256, wrapper_key->GetType());
334 EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())), 343 EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())),
335 wrapper_key->GetMaxSignatureLengthInBytes()); 344 wrapper_key->GetMaxSignatureLengthInBytes());
336 345
337 // Test signing against each hash. 346 // Test signing against each hash.
338 for (const auto& hash : kHashes) { 347 for (const auto& hash : kHashes) {
339 // ECDSA does not sign MD5-SHA1. 348 // ECDSA does not sign MD5-SHA1.
340 if (hash.nid == NID_md5_sha1) 349 if (hash.nid == NID_md5_sha1)
341 continue; 350 continue;
342 351
343 SCOPED_TRACE(hash.name); 352 SCOPED_TRACE(hash.name);
344 const EVP_MD* md = EVP_get_digestbynid(hash.nid); 353 const EVP_MD* md = EVP_get_digestbynid(hash.nid);
345 ASSERT_TRUE(md); 354 ASSERT_TRUE(md);
346 std::string digest(EVP_MD_size(md), 'a'); 355 std::string digest(EVP_MD_size(md), 'a');
347 356
348 std::string signature; 357 std::string signature;
349 DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature); 358 DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature);
350 ASSERT_TRUE(VerifyTestECDSASignature(digest, signature)); 359 ASSERT_TRUE(VerifyTestECDSASignature(digest, signature));
351 } 360 }
352 } 361 }
353 362
354 } // namespace net 363 } // namespace net
OLDNEW
« no previous file with comments | « net/ssl/ssl_platform_key_android.cc ('k') | net/ssl/ssl_platform_key_chromecast.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698