Index: crypto/ec_private_key_unittest.cc |
diff --git a/crypto/ec_private_key_unittest.cc b/crypto/ec_private_key_unittest.cc |
index 0f4479b72f0d8b7c14ead8e919e82358faf9e4a4..6993a20b08f8f872b7f7fda7e2d0f73c4c965057 100644 |
--- a/crypto/ec_private_key_unittest.cc |
+++ b/crypto/ec_private_key_unittest.cc |
@@ -6,6 +6,7 @@ |
#include <vector> |
+#include "base/macros.h" |
#include "base/memory/scoped_ptr.h" |
#include "testing/gtest/include/gtest/gtest.h" |
@@ -152,7 +153,6 @@ TEST(ECPrivateKeyUnitTest, LoadNSSKeyTest) { |
0x58, 0x82, 0x14, 0xfb, 0x47, 0x85, 0x3c, 0xc3, 0xdf, 0xdd, 0xcc, 0x79, |
0x9f, 0x41, 0x83, 0x72, 0xf2, 0x0a, 0xe9, 0xe1, 0x2c, 0x12, 0xb0, 0xb0, |
0x0a, 0xb2, 0x1d, 0xca, 0x15, 0xb2, 0xca}; |
- unsigned int nss_key_len = 187; |
static const unsigned char nss_pub_key[] = { |
0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, |
0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, |
@@ -162,22 +162,62 @@ TEST(ECPrivateKeyUnitTest, LoadNSSKeyTest) { |
0xd7, 0x5c, 0x5d, 0xc5, 0x53, 0x6e, 0xe5, 0xa9, 0x33, 0xd5, 0xcc, 0xab, |
0x53, 0x78, 0xdd, 0xd6, 0x12, 0x3a, 0x5e, 0xeb, 0xbf, 0xdf, 0x16, 0xd3, |
0x2c, 0x3b, 0xe8, 0xdb, 0x19, 0xfc, 0x5e}; |
- unsigned int nss_pub_key_len = 91; |
scoped_ptr<crypto::ECPrivateKey> keypair_nss( |
crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
"", |
- std::vector<uint8>(nss_key, nss_key + nss_key_len), |
- std::vector<uint8>(nss_pub_key, nss_pub_key + nss_pub_key_len))); |
+ std::vector<uint8>(nss_key, nss_key + arraysize(nss_key)), |
+ std::vector<uint8>(nss_pub_key, |
+ nss_pub_key + arraysize(nss_pub_key)))); |
EXPECT_TRUE(keypair_nss.get()); |
} |
-// The plan is to migrate to OpenSSL everywhere, so making NSS implementation be |
-// able to load the OpenSSL generated keys isn't that important. |
-#if defined(USE_OPENSSL) |
+// Although the plan is to transition from OpenSSL to NSS, ensure NSS can import |
+// OpenSSL's format so that it is possible to rollback. |
TEST(ECPrivateKeyUnitTest, LoadOpenSSLKeyTest) { |
static const unsigned char openssl_key[] = { |
+ 0x30, 0x81, 0xb0, 0x30, 0x1b, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, 0xf7, |
+ 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0d, 0x04, 0x08, 0xb2, 0xfe, 0x68, |
+ 0xc2, 0xea, 0x0f, 0x10, 0x9c, 0x02, 0x01, 0x01, 0x04, 0x81, 0x90, 0xe2, |
+ 0xf6, 0x1c, 0xca, 0xad, 0x64, 0x30, 0xbf, 0x88, 0x04, 0x35, 0xe5, 0x0f, |
+ 0x11, 0x49, 0x06, 0x01, 0x14, 0x33, 0x80, 0xa2, 0x78, 0x44, 0x5b, 0xaa, |
+ 0x0d, 0xd7, 0x00, 0x36, 0x9d, 0x91, 0x97, 0x37, 0x20, 0x7b, 0x27, 0xc1, |
+ 0xa0, 0xa2, 0x73, 0x06, 0x15, 0xdf, 0xc8, 0x13, 0x9b, 0xc9, 0x8c, 0x9c, |
+ 0xce, 0x00, 0xd0, 0xc8, 0x42, 0xc1, 0xda, 0x2b, 0x07, 0x2b, 0x12, 0xa3, |
+ 0xce, 0x10, 0x39, 0x7a, 0xf1, 0x55, 0x69, 0x8d, 0xa5, 0xc4, 0x2a, 0x00, |
+ 0x0d, 0x94, 0xc6, 0xde, 0x6a, 0x3d, 0xb7, 0xe5, 0x6d, 0x59, 0x3e, 0x09, |
+ 0xb5, 0xe3, 0x3e, 0xfc, 0x50, 0x56, 0xe9, 0x50, 0x42, 0x7c, 0xe7, 0xf0, |
+ 0x19, 0xbd, 0x31, 0xa7, 0x85, 0x47, 0xb3, 0xe9, 0xb3, 0x50, 0x3c, 0xc9, |
+ 0x32, 0x37, 0x1a, 0x93, 0x78, 0x48, 0x78, 0x82, 0xde, 0xad, 0x5c, 0xf2, |
+ 0xcf, 0xf2, 0xbb, 0x2c, 0x44, 0x05, 0x7f, 0x4a, 0xf9, 0xb1, 0x2b, 0xdd, |
+ 0x49, 0xf6, 0x7e, 0xd0, 0x42, 0xaa, 0x14, 0x3c, 0x24, 0x77, 0xb4}; |
davidben
2014/08/04 17:25:21
I believe this is slightly larger than the NSS one
Ryan Sleevi
2014/08/06 02:24:48
Not sure I understand?
davidben
2014/08/06 18:34:36
openssl_key is 4 bytes longer than nss_key. Was ma
|
+ static const unsigned char openssl_pub_key[] = { |
+ 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, |
+ 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, |
+ 0x42, 0x00, 0x04, 0xb9, 0xda, 0x0d, 0x71, 0x60, 0xb3, 0x63, 0x28, 0x22, |
+ 0x67, 0xe7, 0xe0, 0xa3, 0xf8, 0x00, 0x8e, 0x4c, 0x89, 0xed, 0x31, 0x34, |
+ 0xf6, 0xdb, 0xc4, 0xfe, 0x0b, 0x5d, 0xe1, 0x11, 0x39, 0x49, 0xa6, 0x50, |
+ 0xa8, 0xe3, 0x4a, 0xc0, 0x40, 0x88, 0xb8, 0x38, 0x3f, 0x56, 0xfb, 0x33, |
+ 0x8d, 0xd4, 0x64, 0x91, 0xd6, 0x15, 0x77, 0x42, 0x27, 0xc5, 0xaa, 0x44, |
+ 0xff, 0xab, 0x4d, 0xb5, 0x7e, 0x25, 0x3d}; |
+ |
+ scoped_ptr<crypto::ECPrivateKey> keypair_openssl( |
+ crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
+ "", |
+ std::vector<uint8>(openssl_key, openssl_key + arraysize(openssl_key)), |
+ std::vector<uint8>(openssl_pub_key, |
+ openssl_pub_key + arraysize(openssl_pub_key)))); |
+ |
+ EXPECT_TRUE(keypair_openssl.get()); |
+} |
+ |
+// The Android code writes out Channel IDs differently from the NSS |
+// implementation; the empty password is converted to "\0\0". The OpenSSL port |
+// should support either. |
+#if defined(USE_OPENSSL) |
+TEST(ECPrivateKeyUnitTest, LoadOldOpenSSLKeyTest) { |
+ static const unsigned char openssl_key[] = { |
davidben
2014/08/04 17:25:21
The /huge/ difference in size between this and the
Ryan Sleevi
2014/08/06 02:24:48
What's the ASN.1 dump say?
davidben
2014/08/06 18:34:36
Interesting. It's actually full-length. The differ
|
0x30, 0x82, 0x01, 0xa1, 0x30, 0x1b, 0x06, 0x0a, 0x2a, 0x86, 0x48, 0x86, |
0xf7, 0x0d, 0x01, 0x0c, 0x01, 0x03, 0x30, 0x0d, 0x04, 0x08, 0x86, 0xaa, |
0xd7, 0xdf, 0x3b, 0x91, 0x97, 0x60, 0x02, 0x01, 0x01, 0x04, 0x82, 0x01, |
@@ -214,7 +254,6 @@ TEST(ECPrivateKeyUnitTest, LoadOpenSSLKeyTest) { |
0xc2, 0xc1, 0x55, 0x22, 0x42, 0x2f, 0x13, 0x7d, 0x93, 0x27, 0xc8, 0x11, |
0x35, 0xc5, 0xe3, 0xc5, 0xaa, 0x15, 0x3c, 0xac, 0x30, 0xbc, 0x45, 0x16, |
0xed}; |
- unsigned int openssl_key_len = 421; |
static const unsigned char openssl_pub_key[] = { |
0x30, 0x82, 0x01, 0x4b, 0x30, 0x82, 0x01, 0x03, 0x06, 0x07, 0x2a, 0x86, |
0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01, 0x30, |
@@ -244,14 +283,13 @@ TEST(ECPrivateKeyUnitTest, LoadOpenSSLKeyTest) { |
0x88, 0x38, 0xc0, 0xdb, 0xba, 0xf6, 0x99, 0xd8, 0xa5, 0x3b, 0x83, 0xe9, |
0xe3, 0xd5, 0x61, 0x99, 0x73, 0x42, 0xc6, 0x6c, 0xe8, 0x0a, 0x95, 0x40, |
0x41, 0x3b, 0x0d, 0x10, 0xa7, 0x4a, 0x93, 0xdb, 0x5a, 0xe7, 0xec}; |
- unsigned int openssl_pub_key_len = 335; |
scoped_ptr<crypto::ECPrivateKey> keypair_openssl( |
crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( |
"", |
- std::vector<uint8>(openssl_key, openssl_key + openssl_key_len), |
+ std::vector<uint8>(openssl_key, openssl_key + arraysize(openssl_key)), |
std::vector<uint8>(openssl_pub_key, |
- openssl_pub_key + openssl_pub_key_len))); |
+ openssl_pub_key + arraysize(openssl_pub_key)))); |
EXPECT_TRUE(keypair_openssl.get()); |
} |