1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/internal/signature_algorithm.h"
7 #include "base/files/file_util.h"
8 #include "base/strings/string_number_conversions.h"
9 #include "net/base/test_data_directory.h"
10 #include "net/cert/pem_tokenizer.h"
11 #include "net/der/input.h"
12 #include "net/der/parser.h"
13 #include "testing/gtest/include/gtest/gtest.h"
19 // Creates a SignatureAlgorithm given the DER as a byte array. Returns true on
20 // success and fills |*out| with a non-null pointer.
22 bool ParseDer(const uint8_t(&data
)[N
], scoped_ptr
<SignatureAlgorithm
>* out
) {
23 *out
= SignatureAlgorithm::CreateFromDer(der::Input(data
, N
));
27 // Parses a SignatureAlgorithm given an empty DER input.
28 TEST(SignatureAlgorithmTest
, ParseDerEmpty
) {
29 scoped_ptr
<SignatureAlgorithm
> algorithm
=
30 SignatureAlgorithm::CreateFromDer(der::Input());
31 ASSERT_FALSE(algorithm
);
34 // Parses a SignatureAlgorithm given invalid DER input.
35 TEST(SignatureAlgorithmTest
, ParseDerBogus
) {
36 const uint8_t kData
[] = {0x00};
37 scoped_ptr
<SignatureAlgorithm
> algorithm
;
38 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
41 // Parses a sha1WithRSAEncryption which contains a NULL parameters field.
44 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
46 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSAEncryptionNullParams
) {
48 const uint8_t kData
[] = {
49 0x30, 0x0D, // SEQUENCE (13 bytes)
50 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
51 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
52 0x05, 0x00, // NULL (0 bytes)
55 scoped_ptr
<SignatureAlgorithm
> algorithm
;
56 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
58 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1
, algorithm
->algorithm());
59 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
62 // Parses a sha1WithRSAEncryption which contains no parameters field.
65 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
66 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSAEncryptionNoParams
) {
68 const uint8_t kData
[] = {
69 0x30, 0x0B, // SEQUENCE (11 bytes)
70 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
71 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
74 scoped_ptr
<SignatureAlgorithm
> algorithm
;
75 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
78 // Parses a sha1WithRSAEncryption which contains an unexpected parameters
79 // field. Instead of being NULL it is an integer.
82 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
84 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSAEncryptionNonNullParams
) {
86 const uint8_t kData
[] = {
87 0x30, 0x0E, // SEQUENCE (14 bytes)
88 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
89 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
90 0x02, 0x01, 0x00, // INTEGER (1 byte)
93 scoped_ptr
<SignatureAlgorithm
> algorithm
;
94 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
97 // Parses a sha1WithRSASignature which contains a NULL parameters field.
100 // OBJECT IDENTIFIER 1.3.14.3.2.29
102 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSASignatureNullParams
) {
104 const uint8_t kData
[] = {
105 0x30, 0x09, // SEQUENCE (9 bytes)
106 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
107 0x2b, 0x0e, 0x03, 0x02, 0x1d,
108 0x05, 0x00, // NULL (0 bytes)
111 scoped_ptr
<SignatureAlgorithm
> algorithm
;
112 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
114 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1
, algorithm
->algorithm());
115 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
118 // Parses a sha1WithRSASignature which contains no parameters field.
121 // OBJECT IDENTIFIER 1.3.14.3.2.29
122 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSASignatureNoParams
) {
124 const uint8_t kData
[] = {
125 0x30, 0x07, // SEQUENCE (7 bytes)
126 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
127 0x2b, 0x0e, 0x03, 0x02, 0x1d,
130 scoped_ptr
<SignatureAlgorithm
> algorithm
;
131 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
134 // Parses a sha1WithRSAEncryption which contains values after the sequence.
137 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
140 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRsaEncryptionDataAfterSequence
) {
142 const uint8_t kData
[] = {
143 0x30, 0x0D, // SEQUENCE (13 bytes)
144 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
145 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
146 0x05, 0x00, // NULL (0 bytes)
147 0x02, 0x01, 0x00, // INTEGER (1 byte)
150 scoped_ptr
<SignatureAlgorithm
> algorithm
;
151 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
154 // Parses a sha1WithRSAEncryption which contains a bad NULL parameters field.
155 // Normally NULL is encoded as {0x05, 0x00} (tag for NULL and length of 0). Here
156 // NULL is encoded as having a length of 1 instead, followed by data 0x09.
159 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
161 TEST(SignatureAlgorithmTest
, ParseDerSha1WithRSAEncryptionBadNullParams
) {
163 const uint8_t kData
[] = {
164 0x30, 0x0E, // SEQUENCE (13 bytes)
165 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
166 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
167 0x05, 0x01, 0x09, // NULL (1 byte)
170 scoped_ptr
<SignatureAlgorithm
> algorithm
;
171 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
174 // Parses a sha1WithRSAEncryption which contains a NULL parameters field,
175 // followed by an integer.
178 // OBJECT IDENTIFIER 1.2.840.113549.1.1.5
181 TEST(SignatureAlgorithmTest
,
182 ParseDerSha1WithRSAEncryptionNullParamsThenInteger
) {
184 const uint8_t kData
[] = {
185 0x30, 0x10, // SEQUENCE (16 bytes)
186 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
187 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05,
188 0x05, 0x00, // NULL (0 bytes)
189 0x02, 0x01, 0x00, // INTEGER (1 byte)
192 scoped_ptr
<SignatureAlgorithm
> algorithm
;
193 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
196 // Parses a SignatureAlgorithm given DER which does not encode a sequence.
199 TEST(SignatureAlgorithmTest
, ParseDerNotASequence
) {
201 const uint8_t kData
[] = {
202 0x02, 0x01, 0x00, // INTEGER (1 byte)
205 scoped_ptr
<SignatureAlgorithm
> algorithm
;
206 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
209 // Parses a sha256WithRSAEncryption which contains a NULL parameters field.
212 // OBJECT IDENTIFIER 1.2.840.113549.1.1.11
214 TEST(SignatureAlgorithmTest
, ParseDerSha256WithRSAEncryptionNullParams
) {
216 const uint8_t kData
[] = {
217 0x30, 0x0D, // SEQUENCE (13 bytes)
218 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
219 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
220 0x05, 0x00, // NULL (0 bytes)
223 scoped_ptr
<SignatureAlgorithm
> algorithm
;
224 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
226 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1
, algorithm
->algorithm());
227 EXPECT_EQ(DigestAlgorithm::Sha256
, algorithm
->digest());
230 // Parses a sha256WithRSAEncryption which contains no parameters field.
233 // OBJECT IDENTIFIER 1.2.840.113549.1.1.11
234 TEST(SignatureAlgorithmTest
, ParseDerSha256WithRSAEncryptionNoParams
) {
236 const uint8_t kData
[] = {
237 0x30, 0x0B, // SEQUENCE (11 bytes)
238 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
239 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b,
242 scoped_ptr
<SignatureAlgorithm
> algorithm
;
243 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
246 // Parses a sha384WithRSAEncryption which contains a NULL parameters field.
249 // OBJECT IDENTIFIER 1.2.840.113549.1.1.12
251 TEST(SignatureAlgorithmTest
, ParseDerSha384WithRSAEncryptionNullParams
) {
253 const uint8_t kData
[] = {
254 0x30, 0x0D, // SEQUENCE (13 bytes)
255 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
256 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
257 0x05, 0x00, // NULL (0 bytes)
260 scoped_ptr
<SignatureAlgorithm
> algorithm
;
261 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
263 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1
, algorithm
->algorithm());
264 EXPECT_EQ(DigestAlgorithm::Sha384
, algorithm
->digest());
267 // Parses a sha384WithRSAEncryption which contains no parameters field.
270 // OBJECT IDENTIFIER 1.2.840.113549.1.1.12
271 TEST(SignatureAlgorithmTest
, ParseDerSha384WithRSAEncryptionNoParams
) {
273 const uint8_t kData
[] = {
274 0x30, 0x0B, // SEQUENCE (11 bytes)
275 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
276 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c,
279 scoped_ptr
<SignatureAlgorithm
> algorithm
;
280 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
283 // Parses a sha512WithRSAEncryption which contains a NULL parameters field.
286 // OBJECT IDENTIFIER 1.2.840.113549.1.1.13
288 TEST(SignatureAlgorithmTest
, ParseDerSha512WithRSAEncryptionNullParams
) {
290 const uint8_t kData
[] = {
291 0x30, 0x0D, // SEQUENCE (13 bytes)
292 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
293 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
294 0x05, 0x00, // NULL (0 bytes)
297 scoped_ptr
<SignatureAlgorithm
> algorithm
;
298 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
300 EXPECT_EQ(SignatureAlgorithmId::RsaPkcs1
, algorithm
->algorithm());
301 EXPECT_EQ(DigestAlgorithm::Sha512
, algorithm
->digest());
304 // Parses a sha512WithRSAEncryption which contains no parameters field.
307 // OBJECT IDENTIFIER 1.2.840.113549.1.1.13
308 TEST(SignatureAlgorithmTest
, ParseDerSha512WithRSAEncryptionNoParams
) {
310 const uint8_t kData
[] = {
311 0x30, 0x0B, // SEQUENCE (11 bytes)
312 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
313 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d,
316 scoped_ptr
<SignatureAlgorithm
> algorithm
;
317 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
320 // Parses a sha224WithRSAEncryption which contains a NULL parameters field.
321 // This fails because the parsing code does not enumerate this OID (even though
322 // it is in fact valid).
325 // OBJECT IDENTIFIER 1.2.840.113549.1.1.14
327 TEST(SignatureAlgorithmTest
, ParseDerSha224WithRSAEncryptionNullParams
) {
329 const uint8_t kData
[] = {
330 0x30, 0x0D, // SEQUENCE (13 bytes)
331 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
332 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0e,
333 0x05, 0x00, // NULL (0 bytes)
336 scoped_ptr
<SignatureAlgorithm
> algorithm
;
337 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
340 // Parses a ecdsa-with-SHA1 which contains no parameters field.
343 // OBJECT IDENTIFIER 1.2.840.10045.4.1
344 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA1NoParams
) {
346 const uint8_t kData
[] = {
347 0x30, 0x09, // SEQUENCE (9 bytes)
348 0x06, 0x07, // OBJECT IDENTIFIER (7 bytes)
349 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
352 scoped_ptr
<SignatureAlgorithm
> algorithm
;
353 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
355 EXPECT_EQ(SignatureAlgorithmId::Ecdsa
, algorithm
->algorithm());
356 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
359 // Parses a ecdsa-with-SHA1 which contains a NULL parameters field.
362 // OBJECT IDENTIFIER 1.2.840.10045.4.1
364 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA1NullParams
) {
366 const uint8_t kData
[] = {
367 0x30, 0x0B, // SEQUENCE (11 bytes)
368 0x06, 0x07, // OBJECT IDENTIFIER (7 bytes)
369 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01,
370 0x05, 0x00, // NULL (0 bytes)
373 scoped_ptr
<SignatureAlgorithm
> algorithm
;
374 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
377 // Parses a ecdsa-with-SHA256 which contains no parameters field.
380 // OBJECT IDENTIFIER 1.2.840.10045.4.3.2
381 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA256NoParams
) {
383 const uint8_t kData
[] = {
384 0x30, 0x0A, // SEQUENCE (10 bytes)
385 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
386 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
389 scoped_ptr
<SignatureAlgorithm
> algorithm
;
390 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
392 EXPECT_EQ(SignatureAlgorithmId::Ecdsa
, algorithm
->algorithm());
393 EXPECT_EQ(DigestAlgorithm::Sha256
, algorithm
->digest());
396 // Parses a ecdsa-with-SHA256 which contains a NULL parameters field.
399 // OBJECT IDENTIFIER 1.2.840.10045.4.3.2
401 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA256NullParams
) {
403 const uint8_t kData
[] = {
404 0x30, 0x0C, // SEQUENCE (12 bytes)
405 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
406 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02,
407 0x05, 0x00, // NULL (0 bytes)
410 scoped_ptr
<SignatureAlgorithm
> algorithm
;
411 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
414 // Parses a ecdsa-with-SHA384 which contains no parameters field.
417 // OBJECT IDENTIFIER 1.2.840.10045.4.3.3
418 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA384NoParams
) {
420 const uint8_t kData
[] = {
421 0x30, 0x0A, // SEQUENCE (10 bytes)
422 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
423 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
426 scoped_ptr
<SignatureAlgorithm
> algorithm
;
427 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
429 EXPECT_EQ(SignatureAlgorithmId::Ecdsa
, algorithm
->algorithm());
430 EXPECT_EQ(DigestAlgorithm::Sha384
, algorithm
->digest());
433 // Parses a ecdsa-with-SHA384 which contains a NULL parameters field.
436 // OBJECT IDENTIFIER 1.2.840.10045.4.3.3
438 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA384NullParams
) {
440 const uint8_t kData
[] = {
441 0x30, 0x0C, // SEQUENCE (12 bytes)
442 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
443 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x03,
444 0x05, 0x00, // NULL (0 bytes)
447 scoped_ptr
<SignatureAlgorithm
> algorithm
;
448 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
451 // Parses a ecdsa-with-SHA512 which contains no parameters field.
454 // OBJECT IDENTIFIER 1.2.840.10045.4.3.4
455 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA512NoParams
) {
457 const uint8_t kData
[] = {
458 0x30, 0x0A, // SEQUENCE (10 bytes)
459 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
460 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
463 scoped_ptr
<SignatureAlgorithm
> algorithm
;
464 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
466 EXPECT_EQ(SignatureAlgorithmId::Ecdsa
, algorithm
->algorithm());
467 EXPECT_EQ(DigestAlgorithm::Sha512
, algorithm
->digest());
470 // Parses a ecdsa-with-SHA512 which contains a NULL parameters field.
473 // OBJECT IDENTIFIER 1.2.840.10045.4.3.4
475 TEST(SignatureAlgorithmTest
, ParseDerEcdsaWithSHA512NullParams
) {
477 const uint8_t kData
[] = {
478 0x30, 0x0C, // SEQUENCE (12 bytes)
479 0x06, 0x08, // OBJECT IDENTIFIER (8 bytes)
480 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04,
481 0x05, 0x00, // NULL (0 bytes)
484 scoped_ptr
<SignatureAlgorithm
> algorithm
;
485 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
488 // Tests that two RSA algorithms with different digests are not equal.
489 TEST(SignatureAlgorithmTest
, EqualsRsaWithDifferentDigest
) {
490 scoped_ptr
<SignatureAlgorithm
> alg1
=
491 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha1
);
493 scoped_ptr
<SignatureAlgorithm
> alg2
=
494 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha256
);
496 ASSERT_FALSE(alg1
->Equals(*alg2
));
499 // Tests that two ECDSA algorithms with different digests are not equal.
500 TEST(SignatureAlgorithmTest
, EqualsEcdsaWithDifferentDigest
) {
501 scoped_ptr
<SignatureAlgorithm
> alg1
=
502 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha1
);
504 scoped_ptr
<SignatureAlgorithm
> alg2
=
505 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256
);
507 ASSERT_FALSE(alg1
->Equals(*alg2
));
510 // Tests that an ECDSA algorithm is not equal to an RSA algorithm (even though
512 TEST(SignatureAlgorithmTest
, EqualsEcdsaNotEqualRsa
) {
513 scoped_ptr
<SignatureAlgorithm
> alg1
=
514 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256
);
516 scoped_ptr
<SignatureAlgorithm
> alg2
=
517 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha256
);
519 ASSERT_FALSE(alg1
->Equals(*alg2
));
522 // Tests that two identical ECDSA algorithms are equal - both use SHA-256.
523 TEST(SignatureAlgorithmTest
, EqualsEcdsaMatch
) {
524 scoped_ptr
<SignatureAlgorithm
> alg1
=
525 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256
);
527 scoped_ptr
<SignatureAlgorithm
> alg2
=
528 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha256
);
530 ASSERT_TRUE(alg1
->Equals(*alg2
));
533 // Tests that two identical RSA algorithms are equal - both use SHA-512
534 TEST(SignatureAlgorithmTest
, EqualsRsaPkcs1Match
) {
535 scoped_ptr
<SignatureAlgorithm
> alg1
=
536 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha512
);
538 scoped_ptr
<SignatureAlgorithm
> alg2
=
539 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha512
);
541 ASSERT_TRUE(alg1
->Equals(*alg2
));
544 // Tests that two RSASSA-PSS algorithms are equal.
545 TEST(SignatureAlgorithmTest
, EqualsRsaPssMatch
) {
546 scoped_ptr
<SignatureAlgorithm
> alg1
= SignatureAlgorithm::CreateRsaPss(
547 DigestAlgorithm::Sha256
, DigestAlgorithm::Sha1
, 21);
549 scoped_ptr
<SignatureAlgorithm
> alg2
= SignatureAlgorithm::CreateRsaPss(
550 DigestAlgorithm::Sha256
, DigestAlgorithm::Sha1
, 21);
552 ASSERT_TRUE(alg1
->Equals(*alg2
));
555 // Tests that two RSASSA-PSS algorithms with different hashes are not equal.
556 TEST(SignatureAlgorithmTest
, EqualsRsaPssWithDifferentDigest
) {
557 scoped_ptr
<SignatureAlgorithm
> alg1
= SignatureAlgorithm::CreateRsaPss(
558 DigestAlgorithm::Sha1
, DigestAlgorithm::Sha1
, 20);
560 scoped_ptr
<SignatureAlgorithm
> alg2
= SignatureAlgorithm::CreateRsaPss(
561 DigestAlgorithm::Sha256
, DigestAlgorithm::Sha1
, 20);
563 ASSERT_FALSE(alg1
->Equals(*alg2
));
566 // Tests that two RSASSA-PSS algorithms with different mask gens are not equal.
567 TEST(SignatureAlgorithmTest
, EqualsRsaPssWithDifferentMaskGen
) {
568 scoped_ptr
<SignatureAlgorithm
> alg1
= SignatureAlgorithm::CreateRsaPss(
569 DigestAlgorithm::Sha256
, DigestAlgorithm::Sha1
, 20);
571 scoped_ptr
<SignatureAlgorithm
> alg2
= SignatureAlgorithm::CreateRsaPss(
572 DigestAlgorithm::Sha256
, DigestAlgorithm::Sha256
, 20);
574 ASSERT_FALSE(alg1
->Equals(*alg2
));
577 // Tests that two RSASSA-PSS algorithms with different salts
578 TEST(SignatureAlgorithmTest
, EqualsRsaPssWithDifferentSalt
) {
579 scoped_ptr
<SignatureAlgorithm
> alg1
= SignatureAlgorithm::CreateRsaPss(
580 DigestAlgorithm::Sha1
, DigestAlgorithm::Sha1
, 20);
582 scoped_ptr
<SignatureAlgorithm
> alg2
= SignatureAlgorithm::CreateRsaPss(
583 DigestAlgorithm::Sha1
, DigestAlgorithm::Sha1
, 16);
585 ASSERT_FALSE(alg1
->Equals(*alg2
));
588 // Tests that the parmeters returned for an ECDSA algorithm are null for
589 // non-ECDSA algorithms.
590 TEST(SignatureAlgorithmTest
, ParamsAreNullForWrongTypeEcdsa
) {
591 scoped_ptr
<SignatureAlgorithm
> alg1
=
592 SignatureAlgorithm::CreateEcdsa(DigestAlgorithm::Sha1
);
594 EXPECT_FALSE(alg1
->ParamsForRsaPss());
597 // Tests that the parmeters returned for an RSA PKCS#1 v1.5 algorithm are null
598 // for non-RSA PKCS#1 v1.5 algorithms.
599 TEST(SignatureAlgorithmTest
, ParamsAreNullForWrongTypeRsaPkcs1
) {
600 scoped_ptr
<SignatureAlgorithm
> alg1
=
601 SignatureAlgorithm::CreateRsaPkcs1(DigestAlgorithm::Sha1
);
603 EXPECT_FALSE(alg1
->ParamsForRsaPss());
606 // Parses a rsaPss algorithm that uses SHA1 and a salt length of 20.
609 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
613 // OBJECT IDENTIFIER 1.3.14.3.2.26
617 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
619 // OBJECT IDENTIFIER 1.3.14.3.2.26
625 TEST(SignatureAlgorithmTest
, ParseDerRsaPss
) {
627 const uint8_t kData
[] = {
628 0x30, 0x3E, // SEQUENCE (62 bytes)
629 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
630 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
631 0x30, 0x31, // SEQUENCE (49 bytes)
632 0xA0, 0x0B, // [0] (11 bytes)
633 0x30, 0x09, // SEQUENCE (9 bytes)
634 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
635 0x2B, 0x0E, 0x03, 0x02, 0x1A,
636 0x05, 0x00, // NULL (0 bytes)
637 0xA1, 0x18, // [1] (24 bytes)
638 0x30, 0x16, // SEQUENCE (22 bytes)
639 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
640 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
641 0x30, 0x09, // SEQUENCE (9 bytes)
642 0x06, 0x05, // OBJECT IDENTIFIER (5 bytes)
643 0x2B, 0x0E, 0x03, 0x02, 0x1A,
644 0x05, 0x00, // NULL (0 bytes)
645 0xA2, 0x03, // [2] (3 bytes)
646 0x02, 0x01, // INTEGER (1 byte)
648 0xA3, 0x03, // [3] (3 bytes)
649 0x02, 0x01, // INTEGER (1 byte)
653 scoped_ptr
<SignatureAlgorithm
> algorithm
;
654 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
656 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
657 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
659 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
662 EXPECT_EQ(DigestAlgorithm::Sha1
, params
->mgf1_hash());
663 EXPECT_EQ(20u, params
->salt_length());
666 // Parses a rsaPss algorithm that has an empty parameters. It should use all the
667 // default values (SHA1 and salt length of 20).
670 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
672 TEST(SignatureAlgorithmTest
, ParseDerRsaPssEmptyParams
) {
674 const uint8_t kData
[] = {
675 0x30, 0x0D, // SEQUENCE (13 bytes)
676 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
677 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
678 0x30, 0x00, // SEQUENCE (0 bytes)
681 scoped_ptr
<SignatureAlgorithm
> algorithm
;
682 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
684 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
685 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
687 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
690 EXPECT_EQ(DigestAlgorithm::Sha1
, params
->mgf1_hash());
691 EXPECT_EQ(20u, params
->salt_length());
694 // Parses a rsaPss algorithm that has NULL parameters. This fails.
697 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
699 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNullParams
) {
701 const uint8_t kData
[] = {
702 0x30, 0x0D, // SEQUENCE (13 bytes)
703 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
704 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
705 0x05, 0x00, // NULL (0 bytes)
708 scoped_ptr
<SignatureAlgorithm
> algorithm
;
709 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
712 // Parses a rsaPss algorithm that has no parameters. This fails.
715 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
716 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNoParams
) {
718 const uint8_t kData
[] = {
719 0x30, 0x0B, // SEQUENCE (11 bytes)
720 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
721 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
724 scoped_ptr
<SignatureAlgorithm
> algorithm
;
725 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
728 // Parses a rsaPss algorithm that has data after the parameters sequence.
731 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
734 TEST(SignatureAlgorithmTest
, ParseDerRsaPssDataAfterParams
) {
736 const uint8_t kData
[] = {
737 0x30, 0x0F, // SEQUENCE (15 bytes)
738 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
739 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
740 0x30, 0x00, // SEQUENCE (0 bytes)
741 0x05, 0x00, // NULL (0 bytes)
744 scoped_ptr
<SignatureAlgorithm
> algorithm
;
745 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
748 // Parses a rsaPss algorithm that uses defaults (by ommitting the values) for
749 // everything except the salt length.
752 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
756 TEST(SignatureAlgorithmTest
, ParseDerRsaPssDefaultsExceptForSaltLength
) {
758 const uint8_t kData
[] = {
759 0x30, 0x12, // SEQUENCE (62 bytes)
760 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
761 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
762 0x30, 0x05, // SEQUENCE (5 bytes)
763 0xA2, 0x03, // [2] (3 bytes)
764 0x02, 0x01, // INTEGER (1 byte)
768 scoped_ptr
<SignatureAlgorithm
> algorithm
;
769 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
771 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
772 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
774 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
777 EXPECT_EQ(DigestAlgorithm::Sha1
, params
->mgf1_hash());
778 EXPECT_EQ(23u, params
->salt_length());
781 // Parses a rsaPss algorithm that has unrecognized data (NULL) within the
782 // parameters sequence.
785 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
790 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNullInsideParams
) {
792 const uint8_t kData
[] = {
793 0x30, 0x14, // SEQUENCE (62 bytes)
794 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
795 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
796 0x30, 0x07, // SEQUENCE (5 bytes)
797 0xA2, 0x03, // [2] (3 bytes)
798 0x02, 0x01, // INTEGER (1 byte)
800 0x05, 0x00, // NULL (0 bytes)
803 scoped_ptr
<SignatureAlgorithm
> algorithm
;
804 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
807 // Parses a rsaPss algorithm that has an unsupported trailer value (2). Only
808 // trailer values of 1 are allowed by RFC 4055.
811 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
815 TEST(SignatureAlgorithmTest
, ParseDerRsaPssUnsupportedTrailer
) {
817 const uint8_t kData
[] = {
818 0x30, 0x12, // SEQUENCE (18 bytes)
819 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
820 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
821 0x30, 0x05, // SEQUENCE (5 bytes)
822 0xA3, 0x03, // [3] (3 bytes)
823 0x02, 0x01, // INTEGER (1 byte)
827 scoped_ptr
<SignatureAlgorithm
> algorithm
;
828 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
831 // Parses a rsaPss algorithm that has extra data appearing after the trailer in
835 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
840 TEST(SignatureAlgorithmTest
, ParseDerRsaPssBadTrailer
) {
842 const uint8_t kData
[] = {
843 0x30, 0x14, // SEQUENCE (20 bytes)
844 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
845 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
846 0x30, 0x07, // SEQUENCE (7 bytes)
847 0xA3, 0x05, // [3] (5 bytes)
848 0x02, 0x01, // INTEGER (1 byte)
850 0x05, 0x00, // NULL (0 bytes)
853 scoped_ptr
<SignatureAlgorithm
> algorithm
;
854 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
857 // Parses a rsaPss algorithm that uses SHA384 for the hash, and leaves the rest
858 // as defaults (including the mask gen).
861 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
865 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.2
867 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNonDefaultHash
) {
869 const uint8_t kData
[] = {
870 0x30, 0x1E, // SEQUENCE (30 bytes)
871 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
872 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
873 0x30, 0x11, // SEQUENCE (17 bytes)
874 0xA0, 0x0F, // [0] (15 bytes)
875 0x30, 0x0D, // SEQUENCE (13 bytes)
876 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
877 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
878 0x05, 0x00, // NULL (0 bytes)
881 scoped_ptr
<SignatureAlgorithm
> algorithm
;
882 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
884 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
885 EXPECT_EQ(DigestAlgorithm::Sha384
, algorithm
->digest());
887 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
890 EXPECT_EQ(DigestAlgorithm::Sha1
, params
->mgf1_hash());
891 EXPECT_EQ(20u, params
->salt_length());
894 // Parses a rsaPss algorithm that uses SHA384 for the hash, however in the
895 // AlgorithmIdentifier for the hash function the parameters are omitted instead
899 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
903 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.2
904 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNonDefaultHashAbsentParams
) {
906 const uint8_t kData
[] = {
907 0x30, 0x1C, // SEQUENCE (28 bytes)
908 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
909 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
910 0x30, 0x0F, // SEQUENCE (15 bytes)
911 0xA0, 0x0D, // [0] (13 bytes)
912 0x30, 0x0B, // SEQUENCE (11 bytes)
913 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
914 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02,
917 scoped_ptr
<SignatureAlgorithm
> algorithm
;
918 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
920 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
921 EXPECT_EQ(DigestAlgorithm::Sha384
, algorithm
->digest());
923 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
926 EXPECT_EQ(DigestAlgorithm::Sha1
, params
->mgf1_hash());
927 EXPECT_EQ(20u, params
->salt_length());
930 // Parses a rsaPss algorithm that uses an invalid hash algorithm (twiddled the
931 // bytes for the SHA-384 OID a bit).
934 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
938 // OBJECT IDENTIFIER 2.16.840.2.103.19.4.2.2
939 TEST(SignatureAlgorithmTest
, ParseDerRsaPssUnsupportedHashOid
) {
941 const uint8_t kData
[] = {
942 0x30, 0x1C, // SEQUENCE (28 bytes)
943 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
944 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
945 0x30, 0x0F, // SEQUENCE (15 bytes)
946 0xA0, 0x0D, // [0] (13 bytes)
947 0x30, 0x0B, // SEQUENCE (11 bytes)
948 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
949 0x60, 0x86, 0x48, 0x02, 0x67, 0x13, 0x04, 0x02, 0x02,
952 scoped_ptr
<SignatureAlgorithm
> algorithm
;
953 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
956 // Parses a rsaPss algorithm that uses SHA512 MGF1 for the mask gen, and
957 // defaults for the rest.
960 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
964 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
966 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
968 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNonDefaultMaskGen
) {
970 const uint8_t kData
[] = {
971 0x30, 0x2B, // SEQUENCE (43 bytes)
972 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
973 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
974 0x30, 0x1E, // SEQUENCE (30 bytes)
975 0xA1, 0x1C, // [1] (28 bytes)
976 0x30, 0x1A, // SEQUENCE (26 bytes)
977 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
978 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
979 0x30, 0x0D, // SEQUENCE (13 bytes)
980 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
981 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
982 0x05, 0x00, // NULL (0 bytes)
985 scoped_ptr
<SignatureAlgorithm
> algorithm
;
986 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
988 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
989 EXPECT_EQ(DigestAlgorithm::Sha1
, algorithm
->digest());
991 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
994 EXPECT_EQ(DigestAlgorithm::Sha512
, params
->mgf1_hash());
995 EXPECT_EQ(20u, params
->salt_length());
998 // Parses a rsaPss algorithm that uses a mask gen with an unrecognized OID
999 // (twiddled some of the bits).
1001 // SEQUENCE (2 elem)
1002 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
1003 // SEQUENCE (1 elem)
1005 // SEQUENCE (2 elem)
1006 // OBJECT IDENTIFIER 1.2.840.113618.1.2.8
1007 // SEQUENCE (2 elem)
1008 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
1010 TEST(SignatureAlgorithmTest
, ParseDerRsaPssUnsupportedMaskGen
) {
1012 const uint8_t kData
[] = {
1013 0x30, 0x2B, // SEQUENCE (43 bytes)
1014 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1015 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
1016 0x30, 0x1E, // SEQUENCE (30 bytes)
1017 0xA1, 0x1C, // [1] (28 bytes)
1018 0x30, 0x1A, // SEQUENCE (26 bytes)
1019 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1020 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x52, 0x01, 0x02, 0x08,
1021 0x30, 0x0D, // SEQUENCE (13 bytes)
1022 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1023 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
1024 0x05, 0x00, // NULL (0 bytes)
1027 scoped_ptr
<SignatureAlgorithm
> algorithm
;
1028 ASSERT_FALSE(ParseDer(kData
, &algorithm
));
1031 // Parses a rsaPss algorithm that uses SHA256 for the hash, and SHA512 for the
1034 // SEQUENCE (2 elem)
1035 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
1036 // SEQUENCE (2 elem)
1038 // SEQUENCE (2 elem)
1039 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
1042 // SEQUENCE (2 elem)
1043 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
1044 // SEQUENCE (2 elem)
1045 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.3
1047 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNonDefaultHashAndMaskGen
) {
1049 const uint8_t kData
[] = {
1050 0x30, 0x3C, // SEQUENCE (60 bytes)
1051 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1052 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
1053 0x30, 0x2F, // SEQUENCE (47 bytes)
1054 0xA0, 0x0F, // [0] (15 bytes)
1055 0x30, 0x0D, // SEQUENCE (13 bytes)
1056 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1057 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1058 0x05, 0x00, // NULL (0 bytes)
1059 0xA1, 0x1C, // [1] (28 bytes)
1060 0x30, 0x1A, // SEQUENCE (26 bytes)
1061 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1062 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
1063 0x30, 0x0D, // SEQUENCE (13 bytes)
1064 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1065 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03,
1066 0x05, 0x00, // NULL (0 bytes)
1069 scoped_ptr
<SignatureAlgorithm
> algorithm
;
1070 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
1072 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
1073 EXPECT_EQ(DigestAlgorithm::Sha256
, algorithm
->digest());
1075 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
1077 ASSERT_TRUE(params
);
1078 EXPECT_EQ(DigestAlgorithm::Sha512
, params
->mgf1_hash());
1079 EXPECT_EQ(20u, params
->salt_length());
1082 // Parses a rsaPss algorithm that uses SHA256 for the hash, and SHA256 for the
1083 // MGF1, and a salt length of 10.
1085 // SEQUENCE (2 elem)
1086 // OBJECT IDENTIFIER 1.2.840.113549.1.1.10
1087 // SEQUENCE (3 elem)
1089 // SEQUENCE (2 elem)
1090 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
1093 // SEQUENCE (2 elem)
1094 // OBJECT IDENTIFIER 1.2.840.113549.1.1.8
1095 // SEQUENCE (2 elem)
1096 // OBJECT IDENTIFIER 2.16.840.1.101.3.4.2.1
1100 TEST(SignatureAlgorithmTest
, ParseDerRsaPssNonDefaultHashAndMaskGenAndSalt
) {
1102 const uint8_t kData
[] = {
1103 0x30, 0x41, // SEQUENCE (65 bytes)
1104 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1105 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0A,
1106 0x30, 0x34, // SEQUENCE (52 bytes)
1107 0xA0, 0x0F, // [0] (15 bytes)
1108 0x30, 0x0D, // SEQUENCE (13 bytes)
1109 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1110 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1111 0x05, 0x00, // NULL (0 bytes)
1112 0xA1, 0x1C, // [1] (28 bytes)
1113 0x30, 0x1A, // SEQUENCE (26 bytes)
1114 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1115 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x08,
1116 0x30, 0x0D, // SEQUENCE (13 bytes)
1117 0x06, 0x09, // OBJECT IDENTIFIER (9 bytes)
1118 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01,
1119 0x05, 0x00, // NULL (0 bytes)
1120 0xA2, 0x03, // [2] (3 bytes)
1121 0x02, 0x01, // INTEGER (1 byte)
1125 scoped_ptr
<SignatureAlgorithm
> algorithm
;
1126 ASSERT_TRUE(ParseDer(kData
, &algorithm
));
1128 ASSERT_EQ(SignatureAlgorithmId::RsaPss
, algorithm
->algorithm());
1129 EXPECT_EQ(DigestAlgorithm::Sha256
, algorithm
->digest());
1131 const RsaPssParameters
* params
= algorithm
->ParamsForRsaPss();
1133 ASSERT_TRUE(params
);
1134 EXPECT_EQ(DigestAlgorithm::Sha256
, params
->mgf1_hash());
1135 EXPECT_EQ(10u, params
->salt_length());