nss-3.73/nss/gtests/pk11_gtest/pk11_dsa_unittest.cc - manifest_repos/nss - Git at Google

 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */

 #include <memory>
 #include "nss.h"
 #include "prerror.h"
 #include "pk11pub.h"
 #include "sechash.h"
 #include "cryptohi.h"

 #include "cpputil.h"
 #include "databuffer.h"
 #include "pk11_signature_test.h"

 #include "gtest/gtest.h"
 #include "nss_scoped_ptrs.h"

 #include "testvectors/dsa-vectors.h"

 namespace nss_test {
 CK_MECHANISM_TYPE
 DsaHashToComboMech(SECOidTag hash) {
   switch (hash) {
     case SEC_OID_SHA1:
       return CKM_DSA_SHA1;
     case SEC_OID_SHA224:
       return CKM_DSA_SHA224;
     case SEC_OID_SHA256:
       return CKM_DSA_SHA256;
     case SEC_OID_SHA384:
       return CKM_DSA_SHA384;
     case SEC_OID_SHA512:
       return CKM_DSA_SHA512;
     default:
       break;
   }
   return CKM_INVALID_MECHANISM;
 }

 class Pkcs11DsaTestBase : public Pk11SignatureTest {
  protected:
   Pkcs11DsaTestBase(SECOidTag hashOid)
       : Pk11SignatureTest(CKM_DSA, hashOid, DsaHashToComboMech(hashOid)) {}

   void Verify(const DsaTestVector vec) {
     /* DSA vectors encode the signature in DER, we need to unwrap it before
      * we can send the raw signatures to PKCS #11. */
     DataBuffer pubKeyBuffer(vec.public_key.data(), vec.public_key.size());
     ScopedSECKEYPublicKey nssPubKey(ImportPublicKey(pubKeyBuffer));
     SECItem sigItem = {siBuffer, toUcharPtr(vec.sig.data()),
                        static_cast<unsigned int>(vec.sig.size())};
     ScopedSECItem decodedSigItem(
         DSAU_DecodeDerSigToLen(&sigItem, SECKEY_SignatureLen(nssPubKey.get())));
     if (!decodedSigItem) {
       ASSERT_FALSE(vec.valid) << "Failed to decode DSA signature Error: "
                               << PORT_ErrorToString(PORT_GetError()) << "\n";
       return;
     }

     Pkcs11SignatureTestParams params = {
         DataBuffer(), pubKeyBuffer, DataBuffer(vec.msg.data(), vec.msg.size()),
         DataBuffer(decodedSigItem.get()->data, decodedSigItem.get()->len)};
     Pk11SignatureTest::Verify(params, (bool)vec.valid);
   }
 };

 class Pkcs11DsaTest : public Pkcs11DsaTestBase,
                       public ::testing::WithParamInterface<DsaTestVector> {
  public:
   Pkcs11DsaTest() : Pkcs11DsaTestBase(GetParam().hash_oid) {}
 };

 TEST_P(Pkcs11DsaTest, WycheproofVectors) { Verify(GetParam()); }

 INSTANTIATE_TEST_SUITE_P(DsaTest, Pkcs11DsaTest,
                          ::testing::ValuesIn(kDsaWycheproofVectors));

 }  // namespace nss_test
	/* -- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -- */
	/* vim: set ts=2 et sw=2 tw=80: */
	/* This Source Code Form is subject to the terms of the Mozilla Public
	* License, v. 2.0. If a copy of the MPL was not distributed with this file,
	* You can obtain one at http://mozilla.org/MPL/2.0/. */

	#include <memory>
	#include "nss.h"
	#include "prerror.h"
	#include "pk11pub.h"
	#include "sechash.h"
	#include "cryptohi.h"

	#include "cpputil.h"
	#include "databuffer.h"
	#include "pk11_signature_test.h"

	#include "gtest/gtest.h"
	#include "nss_scoped_ptrs.h"

	#include "testvectors/dsa-vectors.h"

	namespace nss_test {
	CK_MECHANISM_TYPE
	DsaHashToComboMech(SECOidTag hash) {
	switch (hash) {
	case SEC_OID_SHA1:
	return CKM_DSA_SHA1;
	case SEC_OID_SHA224:
	return CKM_DSA_SHA224;
	case SEC_OID_SHA256:
	return CKM_DSA_SHA256;
	case SEC_OID_SHA384:
	return CKM_DSA_SHA384;
	case SEC_OID_SHA512:
	return CKM_DSA_SHA512;
	default:
	break;
	}
	return CKM_INVALID_MECHANISM;
	}

	class Pkcs11DsaTestBase : public Pk11SignatureTest {
	protected:
	Pkcs11DsaTestBase(SECOidTag hashOid)
	: Pk11SignatureTest(CKM_DSA, hashOid, DsaHashToComboMech(hashOid)) {}

	void Verify(const DsaTestVector vec) {
	/* DSA vectors encode the signature in DER, we need to unwrap it before
	* we can send the raw signatures to PKCS #11. */
	DataBuffer pubKeyBuffer(vec.public_key.data(), vec.public_key.size());
	ScopedSECKEYPublicKey nssPubKey(ImportPublicKey(pubKeyBuffer));
	SECItem sigItem = {siBuffer, toUcharPtr(vec.sig.data()),
	static_cast<unsigned int>(vec.sig.size())};
	ScopedSECItem decodedSigItem(
	DSAU_DecodeDerSigToLen(&sigItem, SECKEY_SignatureLen(nssPubKey.get())));
	if (!decodedSigItem) {
	ASSERT_FALSE(vec.valid) << "Failed to decode DSA signature Error: "
	<< PORT_ErrorToString(PORT_GetError()) << "\n";
	return;
	}

	Pkcs11SignatureTestParams params = {
	DataBuffer(), pubKeyBuffer, DataBuffer(vec.msg.data(), vec.msg.size()),
	DataBuffer(decodedSigItem.get()->data, decodedSigItem.get()->len)};
	Pk11SignatureTest::Verify(params, (bool)vec.valid);
	}
	};

	class Pkcs11DsaTest : public Pkcs11DsaTestBase,
	public ::testing::WithParamInterface<DsaTestVector> {
	public:
	Pkcs11DsaTest() : Pkcs11DsaTestBase(GetParam().hash_oid) {}
	};

	TEST_P(Pkcs11DsaTest, WycheproofVectors) { Verify(GetParam()); }

	INSTANTIATE_TEST_SUITE_P(DsaTest, Pkcs11DsaTest,
	::testing::ValuesIn(kDsaWycheproofVectors));

	} // namespace nss_test