From f1a0f0a56fdd0fc39f255174ce08c06b91c66c94 Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Fri, 23 Feb 2018 11:04:39 +0100 Subject: Update NSS to 3.35-RTM --- security/nss/gtests/pk11_gtest/manifest.mn | 9 +- .../nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc | 126 +++++++------ .../pk11_gtest/pk11_encrypt_derive_unittest.cc | 210 +++++++++++++++++++++ security/nss/gtests/pk11_gtest/pk11_gtest.gyp | 2 + .../nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc | 157 ++++++--------- .../nss/gtests/pk11_gtest/pk11_signature_test.h | 140 +++++++------- 6 files changed, 410 insertions(+), 234 deletions(-) create mode 100644 security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc (limited to 'security/nss/gtests/pk11_gtest') diff --git a/security/nss/gtests/pk11_gtest/manifest.mn b/security/nss/gtests/pk11_gtest/manifest.mn index fb773ee18..a3dff9d10 100644 --- a/security/nss/gtests/pk11_gtest/manifest.mn +++ b/security/nss/gtests/pk11_gtest/manifest.mn @@ -11,6 +11,7 @@ CPPSRCS = \ pk11_chacha20poly1305_unittest.cc \ pk11_curve25519_unittest.cc \ pk11_ecdsa_unittest.cc \ + pk11_encrypt_derive_unittest.cc \ pk11_export_unittest.cc \ pk11_pbkdf2_unittest.cc \ pk11_prf_unittest.cc \ @@ -23,10 +24,12 @@ INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \ -I$(CORE_DEPTH)/gtests/common \ -I$(CORE_DEPTH)/cpputil -REQUIRES = nspr nss libdbm gtest +REQUIRES = nspr nss libdbm gtest cpputil PROGRAM = pk11_gtest -EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)gtest.$(LIB_SUFFIX) $(EXTRA_OBJS) \ - $(DIST)/lib/$(LIB_PREFIX)gtestutil.$(LIB_SUFFIX) +EXTRA_LIBS = $(DIST)/lib/$(LIB_PREFIX)gtest.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)cpputil.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)gtestutil.$(LIB_SUFFIX) \ + $(NULL) diff --git a/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc index a54190c7c..fb0659852 100644 --- a/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc +++ b/security/nss/gtests/pk11_gtest/pk11_ecdsa_unittest.cc @@ -15,103 +15,117 @@ namespace nss_test { -class Pkcs11EcdsaTest : public Pk11SignatureTest { +class Pkcs11EcdsaTestBase : public Pk11SignatureTest { protected: - CK_MECHANISM_TYPE mechanism() { return CKM_ECDSA; } - SECItem* parameters() { return nullptr; } + Pkcs11EcdsaTestBase(SECOidTag hash_oid) + : Pk11SignatureTest(CKM_ECDSA, hash_oid) {} }; -class Pkcs11EcdsaSha256Test : public Pkcs11EcdsaTest { - protected: - SECOidTag hashOID() { return SEC_OID_SHA256; } +struct Pkcs11EcdsaTestParams { + SECOidTag hash_oid_; + Pkcs11SignatureTestParams sig_params_; }; -class Pkcs11EcdsaSha384Test : public Pkcs11EcdsaTest { - protected: - SECOidTag hashOID() { return SEC_OID_SHA384; } +class Pkcs11EcdsaTest + : public Pkcs11EcdsaTestBase, + public ::testing::WithParamInterface { + public: + Pkcs11EcdsaTest() : Pkcs11EcdsaTestBase(GetParam().hash_oid_) {} }; -class Pkcs11EcdsaSha512Test : public Pkcs11EcdsaTest { - protected: - SECOidTag hashOID() { return SEC_OID_SHA512; } -}; +TEST_P(Pkcs11EcdsaTest, Verify) { Verify(GetParam().sig_params_); } -TEST_F(Pkcs11EcdsaSha256Test, VerifyP256) { - SIG_TEST_VECTOR_VERIFY(kP256Spki, kP256Data, kP256Signature) -} -TEST_F(Pkcs11EcdsaSha256Test, SignAndVerifyP256) { - SIG_TEST_VECTOR_SIGN_VERIFY(kP256Pkcs8, kP256Spki, kP256Data) +TEST_P(Pkcs11EcdsaTest, SignAndVerify) { + SignAndVerify(GetParam().sig_params_); } -TEST_F(Pkcs11EcdsaSha384Test, VerifyP384) { - SIG_TEST_VECTOR_VERIFY(kP384Spki, kP384Data, kP384Signature) -} -TEST_F(Pkcs11EcdsaSha384Test, SignAndVerifyP384) { - SIG_TEST_VECTOR_SIGN_VERIFY(kP384Pkcs8, kP384Spki, kP384Data) -} - -TEST_F(Pkcs11EcdsaSha512Test, VerifyP521) { - SIG_TEST_VECTOR_VERIFY(kP521Spki, kP521Data, kP521Signature) -} -TEST_F(Pkcs11EcdsaSha512Test, SignAndVerifyP521) { - SIG_TEST_VECTOR_SIGN_VERIFY(kP521Pkcs8, kP521Spki, kP521Data) -} +static const Pkcs11EcdsaTestParams kEcdsaVectors[] = { + {SEC_OID_SHA256, + {DataBuffer(kP256Pkcs8, sizeof(kP256Pkcs8)), + DataBuffer(kP256Spki, sizeof(kP256Spki)), + DataBuffer(kP256Data, sizeof(kP256Data)), + DataBuffer(kP256Signature, sizeof(kP256Signature))}}, + {SEC_OID_SHA384, + {DataBuffer(kP384Pkcs8, sizeof(kP384Pkcs8)), + DataBuffer(kP384Spki, sizeof(kP384Spki)), + DataBuffer(kP384Data, sizeof(kP384Data)), + DataBuffer(kP384Signature, sizeof(kP384Signature))}}, + {SEC_OID_SHA512, + {DataBuffer(kP521Pkcs8, sizeof(kP521Pkcs8)), + DataBuffer(kP521Spki, sizeof(kP521Spki)), + DataBuffer(kP521Data, sizeof(kP521Data)), + DataBuffer(kP521Signature, sizeof(kP521Signature))}}}; + +INSTANTIATE_TEST_CASE_P(EcdsaSignVerify, Pkcs11EcdsaTest, + ::testing::ValuesIn(kEcdsaVectors)); + +class Pkcs11EcdsaSha256Test : public Pkcs11EcdsaTestBase { + public: + Pkcs11EcdsaSha256Test() : Pkcs11EcdsaTestBase(SEC_OID_SHA256) {} +}; // Importing a private key in PKCS#8 format must fail when the outer AlgID // struct contains neither id-ecPublicKey nor a namedCurve parameter. TEST_F(Pkcs11EcdsaSha256Test, ImportNoCurveOIDOrAlgorithmParams) { - EXPECT_FALSE(ImportPrivateKey(kP256Pkcs8NoCurveOIDOrAlgorithmParams, - sizeof(kP256Pkcs8NoCurveOIDOrAlgorithmParams))); + DataBuffer k(kP256Pkcs8NoCurveOIDOrAlgorithmParams, + sizeof(kP256Pkcs8NoCurveOIDOrAlgorithmParams)); + EXPECT_FALSE(ImportPrivateKey(k)); }; // Importing a private key in PKCS#8 format must succeed when only the outer // AlgID struct contains the namedCurve parameters. TEST_F(Pkcs11EcdsaSha256Test, ImportOnlyAlgorithmParams) { - EXPECT_TRUE(ImportPrivateKeyAndSignHashedData( - kP256Pkcs8OnlyAlgorithmParams, sizeof(kP256Pkcs8OnlyAlgorithmParams), - kP256Data, sizeof(kP256Data))); + DataBuffer k(kP256Pkcs8OnlyAlgorithmParams, + sizeof(kP256Pkcs8OnlyAlgorithmParams)); + DataBuffer data(kP256Data, sizeof(kP256Data)); + DataBuffer sig; + EXPECT_TRUE(ImportPrivateKeyAndSignHashedData(k, data, &sig)); }; // Importing a private key in PKCS#8 format must succeed when the outer AlgID // struct and the inner ECPrivateKey contain the same namedCurve parameters. // The inner curveOID is always ignored, so only the outer one will be used. TEST_F(Pkcs11EcdsaSha256Test, ImportMatchingCurveOIDAndAlgorithmParams) { - EXPECT_TRUE(ImportPrivateKeyAndSignHashedData( - kP256Pkcs8MatchingCurveOIDAndAlgorithmParams, - sizeof(kP256Pkcs8MatchingCurveOIDAndAlgorithmParams), kP256Data, - sizeof(kP256Data))); + DataBuffer k(kP256Pkcs8MatchingCurveOIDAndAlgorithmParams, + sizeof(kP256Pkcs8MatchingCurveOIDAndAlgorithmParams)); + DataBuffer data(kP256Data, sizeof(kP256Data)); + DataBuffer sig; + EXPECT_TRUE(ImportPrivateKeyAndSignHashedData(k, data, &sig)); }; // Importing a private key in PKCS#8 format must succeed when the outer AlgID // struct and the inner ECPrivateKey contain dissimilar namedCurve parameters. // The inner curveOID is always ignored, so only the outer one will be used. TEST_F(Pkcs11EcdsaSha256Test, ImportDissimilarCurveOIDAndAlgorithmParams) { - EXPECT_TRUE(ImportPrivateKeyAndSignHashedData( - kP256Pkcs8DissimilarCurveOIDAndAlgorithmParams, - sizeof(kP256Pkcs8DissimilarCurveOIDAndAlgorithmParams), kP256Data, - sizeof(kP256Data))); + DataBuffer k(kP256Pkcs8DissimilarCurveOIDAndAlgorithmParams, + sizeof(kP256Pkcs8DissimilarCurveOIDAndAlgorithmParams)); + DataBuffer data(kP256Data, sizeof(kP256Data)); + DataBuffer sig; + EXPECT_TRUE(ImportPrivateKeyAndSignHashedData(k, data, &sig)); }; // Importing a private key in PKCS#8 format must fail when the outer ASN.1 // AlgorithmID struct contains only id-ecPublicKey but no namedCurve parameter. TEST_F(Pkcs11EcdsaSha256Test, ImportNoAlgorithmParams) { - EXPECT_FALSE(ImportPrivateKey(kP256Pkcs8NoAlgorithmParams, - sizeof(kP256Pkcs8NoAlgorithmParams))); + DataBuffer k(kP256Pkcs8NoAlgorithmParams, + sizeof(kP256Pkcs8NoAlgorithmParams)); + EXPECT_FALSE(ImportPrivateKey(k)); }; // Importing a private key in PKCS#8 format must fail when id-ecPublicKey is // given (so we know it's an EC key) but the namedCurve parameter is unknown. TEST_F(Pkcs11EcdsaSha256Test, ImportInvalidAlgorithmParams) { - EXPECT_FALSE(ImportPrivateKey(kP256Pkcs8InvalidAlgorithmParams, - sizeof(kP256Pkcs8InvalidAlgorithmParams))); + DataBuffer k(kP256Pkcs8InvalidAlgorithmParams, + sizeof(kP256Pkcs8InvalidAlgorithmParams)); + EXPECT_FALSE(ImportPrivateKey(k)); }; // Importing a private key in PKCS#8 format with a point not on the curve will // succeed. Using the contained public key however will fail when trying to // import it before using it for any operation. TEST_F(Pkcs11EcdsaSha256Test, ImportPointNotOnCurve) { - ScopedSECKEYPrivateKey privKey(ImportPrivateKey( - kP256Pkcs8PointNotOnCurve, sizeof(kP256Pkcs8PointNotOnCurve))); + DataBuffer k(kP256Pkcs8PointNotOnCurve, sizeof(kP256Pkcs8PointNotOnCurve)); + ScopedSECKEYPrivateKey privKey(ImportPrivateKey(k)); ASSERT_TRUE(privKey); ScopedSECKEYPublicKey pubKey(SECKEY_ConvertToPublicKey(privKey.get())); @@ -127,23 +141,23 @@ TEST_F(Pkcs11EcdsaSha256Test, ImportPointNotOnCurve) { // Importing a private key in PKCS#8 format must fail when no point is given. // PK11 currently offers no APIs to derive raw public keys from private values. TEST_F(Pkcs11EcdsaSha256Test, ImportNoPublicKey) { - EXPECT_FALSE( - ImportPrivateKey(kP256Pkcs8NoPublicKey, sizeof(kP256Pkcs8NoPublicKey))); + DataBuffer k(kP256Pkcs8NoPublicKey, sizeof(kP256Pkcs8NoPublicKey)); + EXPECT_FALSE(ImportPrivateKey(k)); }; // Importing a public key in SPKI format must fail when id-ecPublicKey is // given (so we know it's an EC key) but the namedCurve parameter is missing. TEST_F(Pkcs11EcdsaSha256Test, ImportSpkiNoAlgorithmParams) { - EXPECT_FALSE(ImportPublicKey(kP256SpkiNoAlgorithmParams, - sizeof(kP256SpkiNoAlgorithmParams))); + DataBuffer k(kP256SpkiNoAlgorithmParams, sizeof(kP256SpkiNoAlgorithmParams)); + EXPECT_FALSE(ImportPublicKey(k)); } // Importing a public key in SPKI format with a point not on the curve will // succeed. Using the public key however will fail when trying to import // it before using it for any operation. TEST_F(Pkcs11EcdsaSha256Test, ImportSpkiPointNotOnCurve) { - ScopedSECKEYPublicKey pubKey(ImportPublicKey( - kP256SpkiPointNotOnCurve, sizeof(kP256SpkiPointNotOnCurve))); + DataBuffer k(kP256SpkiPointNotOnCurve, sizeof(kP256SpkiPointNotOnCurve)); + ScopedSECKEYPublicKey pubKey(ImportPublicKey(k)); ASSERT_TRUE(pubKey); ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); diff --git a/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc new file mode 100644 index 000000000..aa92756f2 --- /dev/null +++ b/security/nss/gtests/pk11_gtest/pk11_encrypt_derive_unittest.cc @@ -0,0 +1,210 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "pk11pub.h" +#include "nssutil.h" +#include +#include "prerror.h" +#include "nss.h" +#include "gtest/gtest.h" +#include "scoped_ptrs.h" +#include "cpputil.h" +#include "databuffer.h" +#include "util.h" + +#define MAX_KEY_SIZE 24 + +namespace nss_test { + +static const uint8_t kIv[] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77}; +static const uint8_t kInput[] = { + 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00, 0xff, 0xee, 0xdd, 0xcc, + 0xbb, 0xaa, 0x99, 0x88, 0x77, 0x66, 0x55, 0x44, 0x33, 0x22, 0x11, 0x00}; + +class EncryptDeriveTest + : public ::testing::Test, + public ::testing::WithParamInterface { + public: + void TestEncryptDerive() { + ScopedPK11SymKey derived_key(PK11_Derive(key_.get(), derive_mech(), + derive_param(), encrypt_mech(), + CKA_DECRYPT, keysize())); + ASSERT_TRUE(derived_key); + + uint8_t derived_key_data[MAX_KEY_SIZE]; + ASSERT_GE(sizeof(derived_key_data), keysize()); + GetKeyData(derived_key, derived_key_data, keysize()); + RemoveChecksum(derived_key_data); + + uint8_t reference_key_data[MAX_KEY_SIZE]; + unsigned int reference_len = 0; + SECStatus rv = PK11_Encrypt(key_.get(), encrypt_mech(), encrypt_param(), + reference_key_data, &reference_len, keysize(), + kInput, keysize()); + ASSERT_EQ(SECSuccess, rv); + ASSERT_EQ(keysize(), static_cast(reference_len)); + RemoveChecksum(reference_key_data); + + EXPECT_EQ(DataBuffer(reference_key_data, keysize()), + DataBuffer(derived_key_data, keysize())); + } + + protected: + unsigned int keysize() const { return 16; } + + private: + CK_MECHANISM_TYPE encrypt_mech() const { return GetParam(); } + + CK_MECHANISM_TYPE derive_mech() const { + switch (encrypt_mech()) { + case CKM_DES3_ECB: + return CKM_DES3_ECB_ENCRYPT_DATA; + case CKM_DES3_CBC: + return CKM_DES3_CBC_ENCRYPT_DATA; + case CKM_AES_ECB: + return CKM_AES_ECB_ENCRYPT_DATA; + case CKM_AES_CBC: + return CKM_AES_CBC_ENCRYPT_DATA; + case CKM_CAMELLIA_ECB: + return CKM_CAMELLIA_ECB_ENCRYPT_DATA; + case CKM_CAMELLIA_CBC: + return CKM_CAMELLIA_CBC_ENCRYPT_DATA; + case CKM_SEED_ECB: + return CKM_SEED_ECB_ENCRYPT_DATA; + case CKM_SEED_CBC: + return CKM_SEED_CBC_ENCRYPT_DATA; + default: + ADD_FAILURE() << "Unknown mechanism"; + break; + } + return CKM_INVALID_MECHANISM; + } + + SECItem* derive_param() const { + static CK_AES_CBC_ENCRYPT_DATA_PARAMS aes_data; + static CK_DES_CBC_ENCRYPT_DATA_PARAMS des_data; + static CK_KEY_DERIVATION_STRING_DATA string_data; + static SECItem param = {siBuffer, NULL, 0}; + + switch (encrypt_mech()) { + case CKM_DES3_ECB: + case CKM_AES_ECB: + case CKM_CAMELLIA_ECB: + case CKM_SEED_ECB: + string_data.pData = toUcharPtr(kInput); + string_data.ulLen = keysize(); + param.data = reinterpret_cast(&string_data); + param.len = sizeof(string_data); + break; + + case CKM_DES3_CBC: + des_data.pData = toUcharPtr(kInput); + des_data.length = keysize(); + PORT_Memcpy(des_data.iv, kIv, 8); + param.data = reinterpret_cast(&des_data); + param.len = sizeof(des_data); + break; + + case CKM_AES_CBC: + case CKM_CAMELLIA_CBC: + case CKM_SEED_CBC: + aes_data.pData = toUcharPtr(kInput); + aes_data.length = keysize(); + PORT_Memcpy(aes_data.iv, kIv, keysize()); + param.data = reinterpret_cast(&aes_data); + param.len = sizeof(aes_data); + break; + + default: + ADD_FAILURE() << "Unknown mechanism"; + break; + } + return ¶m; + } + + SECItem* encrypt_param() const { + static SECItem param = {siBuffer, NULL, 0}; + + switch (encrypt_mech()) { + case CKM_DES3_ECB: + case CKM_AES_ECB: + case CKM_CAMELLIA_ECB: + case CKM_SEED_ECB: + // No parameter needed here. + break; + + case CKM_DES3_CBC: + case CKM_AES_CBC: + case CKM_CAMELLIA_CBC: + case CKM_SEED_CBC: + param.data = toUcharPtr(kIv); + param.len = keysize(); + break; + + default: + ADD_FAILURE() << "Unknown mechanism"; + break; + } + return ¶m; + } + + virtual void SetUp() { + slot_.reset(PK11_GetBestSlot(derive_mech(), NULL)); + ASSERT_TRUE(slot_); + + key_.reset(PK11_TokenKeyGenWithFlags(slot_.get(), encrypt_mech(), NULL, + keysize(), NULL, + CKF_ENCRYPT | CKF_DERIVE, 0, NULL)); + ASSERT_TRUE(key_); + } + + void GetKeyData(ScopedPK11SymKey& key, uint8_t* buf, size_t max_len) const { + ASSERT_EQ(SECSuccess, PK11_ExtractKeyValue(key.get())); + SECItem* data = PK11_GetKeyData(key.get()); + ASSERT_TRUE(data); + ASSERT_EQ(max_len, static_cast(data->len)); + PORT_Memcpy(buf, data->data, data->len); + } + + // Remove checksum if the key is a 3DES key. + void RemoveChecksum(uint8_t* key_data) const { + if (encrypt_mech() != CKM_DES3_CBC && encrypt_mech() != CKM_DES3_ECB) { + return; + } + for (size_t i = 0; i < keysize(); ++i) { + key_data[i] &= 0xfe; + } + } + + ScopedPK11SlotInfo slot_; + ScopedPK11SymKey key_; +}; + +TEST_P(EncryptDeriveTest, Test) { TestEncryptDerive(); } + +static const CK_MECHANISM_TYPE kEncryptDeriveMechanisms[] = { + CKM_DES3_ECB, CKM_DES3_CBC, CKM_AES_ECB, CKM_AES_ECB, CKM_AES_CBC, + CKM_CAMELLIA_ECB, CKM_CAMELLIA_CBC, CKM_SEED_ECB, CKM_SEED_CBC}; + +INSTANTIATE_TEST_CASE_P(EncryptDeriveTests, EncryptDeriveTest, + ::testing::ValuesIn(kEncryptDeriveMechanisms)); + +// This class handles the case where 3DES takes a 192-bit key +// where all 24 octets will be used. +class EncryptDerive3Test : public EncryptDeriveTest { + protected: + unsigned int keysize() const { return 24; } +}; + +TEST_P(EncryptDerive3Test, Test) { TestEncryptDerive(); } + +static const CK_MECHANISM_TYPE kDES3EncryptDeriveMechanisms[] = {CKM_DES3_ECB, + CKM_DES3_CBC}; + +INSTANTIATE_TEST_CASE_P(Encrypt3DeriveTests, EncryptDerive3Test, + ::testing::ValuesIn(kDES3EncryptDeriveMechanisms)); + +} // namespace nss_test diff --git a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp index c47ff4778..076b4d37f 100644 --- a/security/nss/gtests/pk11_gtest/pk11_gtest.gyp +++ b/security/nss/gtests/pk11_gtest/pk11_gtest.gyp @@ -16,6 +16,7 @@ 'pk11_chacha20poly1305_unittest.cc', 'pk11_curve25519_unittest.cc', 'pk11_ecdsa_unittest.cc', + 'pk11_encrypt_derive_unittest.cc', 'pk11_pbkdf2_unittest.cc', 'pk11_prf_unittest.cc', 'pk11_prng_unittest.cc', @@ -26,6 +27,7 @@ 'dependencies': [ '<(DEPTH)/exports.gyp:nss_exports', '<(DEPTH)/lib/util/util.gyp:nssutil3', + '<(DEPTH)/cpputil/cpputil.gyp:cpputil', '<(DEPTH)/gtests/google_test/google_test.gyp:gtest', ], 'conditions': [ diff --git a/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc b/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc index 012bae0e9..6c8c5ab4e 100644 --- a/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc +++ b/security/nss/gtests/pk11_gtest/pk11_rsapss_unittest.cc @@ -12,14 +12,14 @@ #include "gtest/gtest.h" #include "scoped_ptrs.h" -#include "pk11_rsapss_vectors.h" #include "pk11_signature_test.h" +#include "pk11_rsapss_vectors.h" namespace nss_test { -class Pkcs11RsaPssVectorTest : public Pk11SignatureTest { +class Pkcs11RsaPssTest : public Pk11SignatureTest { public: - Pkcs11RsaPssVectorTest() { + Pkcs11RsaPssTest() : Pk11SignatureTest(CKM_RSA_PKCS_PSS, SEC_OID_SHA1) { rsaPssParams_.hashAlg = CKM_SHA_1; rsaPssParams_.mgf = CKG_MGF1_SHA1; rsaPssParams_.sLen = HASH_ResultLenByOidTag(SEC_OID_SHA1); @@ -30,16 +30,14 @@ class Pkcs11RsaPssVectorTest : public Pk11SignatureTest { } protected: - CK_MECHANISM_TYPE mechanism() { return CKM_RSA_PKCS_PSS; } - SECItem* parameters() { return ¶ms_; } - SECOidTag hashOID() { return SEC_OID_SHA1; } + const SECItem* parameters() const { return ¶ms_; } private: CK_RSA_PKCS_PSS_PARAMS rsaPssParams_; SECItem params_; }; -TEST_F(Pkcs11RsaPssVectorTest, GenerateAndSignAndVerify) { +TEST_F(Pkcs11RsaPssTest, GenerateAndSignAndVerify) { // Sign data with a 1024-bit RSA key, using PSS/SHA-256. SECOidTag hashOid = SEC_OID_SHA256; CK_MECHANISM_TYPE hashMech = CKM_SHA256; @@ -95,105 +93,56 @@ TEST_F(Pkcs11RsaPssVectorTest, GenerateAndSignAndVerify) { EXPECT_EQ(rv, SECFailure); } -// RSA-PSS test vectors, pss-vect.txt, Example 1.1: A 1024-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature1) { - SIG_TEST_VECTOR_VERIFY(kTestVector1Spki, kTestVector1Data, kTestVector1Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify1) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector1Pkcs8, kTestVector1Spki, - kTestVector1Data); -} +class Pkcs11RsaPssVectorTest + : public Pkcs11RsaPssTest, + public ::testing::WithParamInterface {}; -// RSA-PSS test vectors, pss-vect.txt, Example 2.1: A 1025-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature2) { - SIG_TEST_VECTOR_VERIFY(kTestVector2Spki, kTestVector2Data, kTestVector2Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify2) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector2Pkcs8, kTestVector2Spki, - kTestVector2Data); -} +TEST_P(Pkcs11RsaPssVectorTest, Verify) { Verify(GetParam()); } -// RSA-PSS test vectors, pss-vect.txt, Example 3.1: A 1026-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature3) { - SIG_TEST_VECTOR_VERIFY(kTestVector3Spki, kTestVector3Data, kTestVector3Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify3) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector3Pkcs8, kTestVector3Spki, - kTestVector3Data); -} +TEST_P(Pkcs11RsaPssVectorTest, SignAndVerify) { SignAndVerify(GetParam()); } -// RSA-PSS test vectors, pss-vect.txt, Example 4.1: A 1027-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature4) { - SIG_TEST_VECTOR_VERIFY(kTestVector4Spki, kTestVector4Data, kTestVector4Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify4) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector4Pkcs8, kTestVector4Spki, - kTestVector4Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 5.1: A 1028-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature5) { - SIG_TEST_VECTOR_VERIFY(kTestVector5Spki, kTestVector5Data, kTestVector5Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify5) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector5Pkcs8, kTestVector5Spki, - kTestVector5Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 6.1: A 1029-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature6) { - SIG_TEST_VECTOR_VERIFY(kTestVector6Spki, kTestVector6Data, kTestVector6Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify6) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector6Pkcs8, kTestVector6Spki, - kTestVector6Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 7.1: A 1030-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature7) { - SIG_TEST_VECTOR_VERIFY(kTestVector7Spki, kTestVector7Data, kTestVector7Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify7) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector7Pkcs8, kTestVector7Spki, - kTestVector7Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 8.1: A 1031-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature8) { - SIG_TEST_VECTOR_VERIFY(kTestVector8Spki, kTestVector8Data, kTestVector8Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify8) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector8Pkcs8, kTestVector8Spki, - kTestVector8Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 9.1: A 1536-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature9) { - SIG_TEST_VECTOR_VERIFY(kTestVector9Spki, kTestVector9Data, kTestVector9Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify9) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector9Pkcs8, kTestVector9Spki, - kTestVector9Data); -} - -// RSA-PSS test vectors, pss-vect.txt, Example 10.1: A 2048-bit RSA Key Pair -// -TEST_F(Pkcs11RsaPssVectorTest, VerifyKnownSignature10) { - SIG_TEST_VECTOR_VERIFY(kTestVector10Spki, kTestVector10Data, - kTestVector10Sig); -} -TEST_F(Pkcs11RsaPssVectorTest, SignAndVerify10) { - SIG_TEST_VECTOR_SIGN_VERIFY(kTestVector10Pkcs8, kTestVector10Spki, - kTestVector10Data); -} +#define VECTOR(pkcs8, spki, data, sig) \ + { \ + DataBuffer(pkcs8, sizeof(pkcs8)), DataBuffer(spki, sizeof(spki)), \ + DataBuffer(data, sizeof(data)), DataBuffer(sig, sizeof(sig)) \ + } +#define VECTOR_N(n) \ + VECTOR(kTestVector##n##Pkcs8, kTestVector##n##Spki, kTestVector##n##Data, \ + kTestVector##n##Sig) + +static const Pkcs11SignatureTestParams kRsaPssVectors[] = { + // RSA-PSS test vectors, pss-vect.txt, Example 1.1: A 1024-bit RSA Key Pair + // + VECTOR_N(1), + // RSA-PSS test vectors, pss-vect.txt, Example 2.1: A 1025-bit RSA Key Pair + // + VECTOR_N(2), + // RSA-PSS test vectors, pss-vect.txt, Example 3.1: A 1026-bit RSA Key Pair + // + VECTOR_N(3), + // RSA-PSS test vectors, pss-vect.txt, Example 4.1: A 1027-bit RSA Key Pair + // + VECTOR_N(4), + // RSA-PSS test vectors, pss-vect.txt, Example 5.1: A 1028-bit RSA Key Pair + // + VECTOR_N(5), + // RSA-PSS test vectors, pss-vect.txt, Example 6.1: A 1029-bit RSA Key Pair + // + VECTOR_N(6), + // RSA-PSS test vectors, pss-vect.txt, Example 7.1: A 1030-bit RSA Key Pair + // + VECTOR_N(7), + // RSA-PSS test vectors, pss-vect.txt, Example 8.1: A 1031-bit RSA Key Pair + // + VECTOR_N(8), + // RSA-PSS test vectors, pss-vect.txt, Example 9.1: A 1536-bit RSA Key Pair + // + VECTOR_N(9), + // RSA-PSS test vectors, pss-vect.txt, Example 10.1: A 2048-bit RSA Key Pair + // + VECTOR_N(10)}; + +INSTANTIATE_TEST_CASE_P(RsaPssSignVerify, Pkcs11RsaPssVectorTest, + ::testing::ValuesIn(kRsaPssVectors)); } // namespace nss_test diff --git a/security/nss/gtests/pk11_gtest/pk11_signature_test.h b/security/nss/gtests/pk11_gtest/pk11_signature_test.h index e6a0a9c57..b14104371 100644 --- a/security/nss/gtests/pk11_gtest/pk11_signature_test.h +++ b/security/nss/gtests/pk11_gtest/pk11_signature_test.h @@ -9,26 +9,37 @@ #include "cpputil.h" #include "scoped_ptrs.h" +#include "databuffer.h" #include "gtest/gtest.h" namespace nss_test { +// For test vectors. +struct Pkcs11SignatureTestParams { + const DataBuffer pkcs8_; + const DataBuffer spki_; + const DataBuffer data_; + const DataBuffer signature_; +}; + class Pk11SignatureTest : public ::testing::Test { protected: - virtual CK_MECHANISM_TYPE mechanism() = 0; - virtual SECItem* parameters() = 0; - virtual SECOidTag hashOID() = 0; + Pk11SignatureTest(CK_MECHANISM_TYPE mechanism, SECOidTag hash_oid) + : mechanism_(mechanism), hash_oid_(hash_oid) {} - ScopedSECKEYPrivateKey ImportPrivateKey(const uint8_t* pkcs8, - size_t pkcs8_len) { + virtual const SECItem* parameters() const { return nullptr; } + CK_MECHANISM_TYPE mechanism() const { return mechanism_; } + + ScopedSECKEYPrivateKey ImportPrivateKey(const DataBuffer& pkcs8) { ScopedPK11SlotInfo slot(PK11_GetInternalSlot()); if (!slot) { + ADD_FAILURE() << "No slot"; return nullptr; } - SECItem pkcs8Item = {siBuffer, toUcharPtr(pkcs8), - static_cast(pkcs8_len)}; + SECItem pkcs8Item = {siBuffer, toUcharPtr(pkcs8.data()), + static_cast(pkcs8.len())}; SECKEYPrivateKey* key = nullptr; SECStatus rv = PK11_ImportDERPrivateKeyInfoAndReturnKey( @@ -42,9 +53,9 @@ class Pk11SignatureTest : public ::testing::Test { return ScopedSECKEYPrivateKey(key); } - ScopedSECKEYPublicKey ImportPublicKey(const uint8_t* spki, size_t spki_len) { - SECItem spkiItem = {siBuffer, toUcharPtr(spki), - static_cast(spki_len)}; + ScopedSECKEYPublicKey ImportPublicKey(const DataBuffer& spki) { + SECItem spkiItem = {siBuffer, toUcharPtr(spki.data()), + static_cast(spki.len())}; ScopedCERTSubjectPublicKeyInfo certSpki( SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem)); @@ -52,87 +63,74 @@ class Pk11SignatureTest : public ::testing::Test { return ScopedSECKEYPublicKey(SECKEY_ExtractPublicKey(certSpki.get())); } - ScopedSECItem ComputeHash(const uint8_t* data, size_t len) { - unsigned int hLen = HASH_ResultLenByOidTag(hashOID()); - ScopedSECItem hash(SECITEM_AllocItem(nullptr, nullptr, hLen)); - if (!hash) { - return nullptr; - } - - SECStatus rv = PK11_HashBuf(hashOID(), hash->data, data, len); - if (rv != SECSuccess) { - return nullptr; - } - - return hash; + bool ComputeHash(const DataBuffer& data, DataBuffer* hash) { + hash->Allocate(static_cast(HASH_ResultLenByOidTag(hash_oid_))); + SECStatus rv = + PK11_HashBuf(hash_oid_, hash->data(), data.data(), data.len()); + return rv == SECSuccess; } - ScopedSECItem SignHashedData(ScopedSECKEYPrivateKey& privKey, - ScopedSECItem& hash) { - unsigned int sLen = PK11_SignatureLen(privKey.get()); - ScopedSECItem sig(SECITEM_AllocItem(nullptr, nullptr, sLen)); - if (!sig) { - return nullptr; - } - - SECStatus rv = PK11_SignWithMechanism(privKey.get(), mechanism(), - parameters(), sig.get(), hash.get()); - if (rv != SECSuccess) { - return nullptr; - } - - return sig; + bool SignHashedData(ScopedSECKEYPrivateKey& privKey, const DataBuffer& hash, + DataBuffer* sig) { + SECItem hashItem = {siBuffer, toUcharPtr(hash.data()), + static_cast(hash.len())}; + int sigLen = PK11_SignatureLen(privKey.get()); + EXPECT_LT(0, sigLen); + sig->Allocate(static_cast(sigLen)); + SECItem sigItem = {siBuffer, toUcharPtr(sig->data()), + static_cast(sig->len())}; + SECStatus rv = PK11_SignWithMechanism(privKey.get(), mechanism_, + parameters(), &sigItem, &hashItem); + return rv == SECSuccess; } - ScopedSECItem ImportPrivateKeyAndSignHashedData(const uint8_t* pkcs8, - size_t pkcs8_len, - const uint8_t* data, - size_t data_len) { - ScopedSECKEYPrivateKey privKey(ImportPrivateKey(pkcs8, pkcs8_len)); + bool ImportPrivateKeyAndSignHashedData(const DataBuffer& pkcs8, + const DataBuffer& data, + DataBuffer* sig) { + ScopedSECKEYPrivateKey privKey(ImportPrivateKey(pkcs8)); if (!privKey) { - return nullptr; + return false; } - ScopedSECItem hash(ComputeHash(data, data_len)); - if (!hash) { - return nullptr; + DataBuffer hash; + if (!ComputeHash(data, &hash)) { + ADD_FAILURE() << "Failed to compute hash"; + return false; } - - return ScopedSECItem(SignHashedData(privKey, hash)); + return SignHashedData(privKey, hash, sig); } - void Verify(const uint8_t* spki, size_t spki_len, const uint8_t* data, - size_t data_len, const uint8_t* sig, size_t sig_len) { - ScopedSECKEYPublicKey pubKey(ImportPublicKey(spki, spki_len)); + void Verify(const Pkcs11SignatureTestParams& params, const DataBuffer& sig) { + ScopedSECKEYPublicKey pubKey(ImportPublicKey(params.spki_)); ASSERT_TRUE(pubKey); - ScopedSECItem hash(ComputeHash(data, data_len)); - ASSERT_TRUE(hash); - - SECItem sigItem = {siBuffer, toUcharPtr(sig), - static_cast(sig_len)}; + DataBuffer hash; + ASSERT_TRUE(ComputeHash(params.data_, &hash)); // Verify. + SECItem hashItem = {siBuffer, toUcharPtr(hash.data()), + static_cast(hash.len())}; + SECItem sigItem = {siBuffer, toUcharPtr(sig.data()), + static_cast(sig.len())}; SECStatus rv = PK11_VerifyWithMechanism( - pubKey.get(), mechanism(), parameters(), &sigItem, hash.get(), nullptr); + pubKey.get(), mechanism_, parameters(), &sigItem, &hashItem, nullptr); EXPECT_EQ(rv, SECSuccess); } - void SignAndVerify(const uint8_t* pkcs8, size_t pkcs8_len, - const uint8_t* spki, size_t spki_len, const uint8_t* data, - size_t data_len) { - ScopedSECItem sig( - ImportPrivateKeyAndSignHashedData(pkcs8, pkcs8_len, data, data_len)); - ASSERT_TRUE(sig); - - Verify(spki, spki_len, data, data_len, sig->data, sig->len); + void Verify(const Pkcs11SignatureTestParams& params) { + Verify(params, params.signature_); } -}; -#define SIG_TEST_VECTOR_VERIFY(spki, data, sig) \ - Verify(spki, sizeof(spki), data, sizeof(data), sig, sizeof(sig)); + void SignAndVerify(const Pkcs11SignatureTestParams& params) { + DataBuffer sig; + ASSERT_TRUE( + ImportPrivateKeyAndSignHashedData(params.pkcs8_, params.data_, &sig)); + Verify(params, sig); + } -#define SIG_TEST_VECTOR_SIGN_VERIFY(pkcs8, spki, data) \ - SignAndVerify(pkcs8, sizeof(pkcs8), spki, sizeof(spki), data, sizeof(data)); + private: + CK_MECHANISM_TYPE mechanism_; + SECOidTag hash_oid_; +}; } // namespace nss_test -- cgit v1.2.3